virus?

Zpráva

alanida2 · #31 Příspěvek od **alanida2** » 11 led 2014 22:33

ok mam log z adw

# AdwCleaner v3.016 - Report created 11/01/2014 at 22:29:03
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Dida - DIDA-PC
# Running from : C:\Users\Dida\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
[#] Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\boost_interprocess
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\iMesh
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\ProgramData\CoolYou
Folder Deleted : C:\ProgramData\WxDFastUpdater
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoolYou
Folder Deleted : C:\Program Files\~Web Assistant
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\mixidj
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\Search Results Toolbar
Folder Deleted : C:\Windows\system32\ARFC
Folder Deleted : C:\Windows\system32\jmdp
Folder Deleted : C:\Windows\system32\WNLT
Folder Deleted : C:\Users\Dida\AppData\Local\iMesh
Folder Deleted : C:\Users\Dida\AppData\Local\PackageAware
Folder Deleted : C:\Users\Dida\AppData\Local\torch
Folder Deleted : C:\Users\Dida\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Dida\AppData\LocalLow\mediabarim
Folder Deleted : C:\Users\Dida\AppData\LocalLow\wincoreimband
Folder Deleted : C:\Users\Dida\AppData\Roaming\CRMixiDJTB
Folder Deleted : C:\Users\Dida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\mediabarim
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\ffxtlbr@incredibar.com
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\2020Player_IKEA@2020Technologies.com
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\501675114406b@50167511440a4.info
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\501d27764c03d@501d27764c077.info
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\ffxtlbr@mixidj.com
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{0165D79E-ECB2-45ED-70EF-9E1A7E09C3D2}
Folder Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{FB03E2DD-24F9-EC9D-03B1-8B5B4738179C}
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Public\Desktop\iMesh.lnk
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\bprotector_prefs.js
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\Babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\BrowserProtect.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\mixidj.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\MyStart Search.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\searchplugins\SweetIm.xml
File Deleted : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\user.js
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AAAC92B-4880-4675-8F2B-946AC5CB4AE5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AAAC92B-4880-4675-8F2B-946AC5CB4AE5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Key Deleted : HKCU\Software\5fedadce634e512
Key Deleted : HKLM\SOFTWARE\5fedadce634e512
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\mixidj
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\AppDataLow\Software\mediabarim
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\Imesh
Key Deleted : HKLM\Software\iMeshMediabarTb
Key Deleted : HKLM\Software\mixidj
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\wnlt
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B49962AF-CAB9-44DE-8729-A4369F44BA0D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mixidj
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wincore MediaBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\Software\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\Software\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421

-\\ Mozilla Firefox v26.0 (sk)

[ File : C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://mystart.incredibar.com/?a=6PQFxr71SB&loc=skw");
Line Deleted : user_pref("browser.search.defaultenginename", "MyStart Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.5016751144118.scode", "(function(){try{if('mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sweetim.com'.indexOf(window[...]
Line Deleted : user_pref("extensions.501d27764c0eb.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Line Deleted : user_pref("extensions.BabylonToolbar.id", "4845b89c0000000000000025d35d8405");
Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15551");
Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112465&tt=3112_3");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112465&tt=3112_3&babsrc=NT_ss&mntrId=4845b89c0000000000000025d35d8405");
Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.113:51:44");
Line Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1352111445387");
Line Deleted : user_pref("extensions.incredibar.admin", false);
Line Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar.afterInstallRpt", "sent");
Line Deleted : user_pref("extensions.incredibar.cntry", "SK");
Line Deleted : user_pref("extensions.incredibar.dfltlng", "EN");
Line Deleted : user_pref("extensions.incredibar.dfltsrch", "false");
Line Deleted : user_pref("extensions.incredibar.did", "10650");
Line Deleted : user_pref("extensions.incredibar.envrmnt", "production");
Line Deleted : user_pref("extensions.incredibar.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar.hdrMd5", "0FCA58B71C7C3D9019FA6409278D0402");
Line Deleted : user_pref("extensions.incredibar.hmpg", false);
Line Deleted : user_pref("extensions.incredibar.hrdid", "4845b89c0000000000000025d35d8405");
Line Deleted : user_pref("extensions.incredibar.id", "4845b89c0000000000000025d35d8405");
Line Deleted : user_pref("extensions.incredibar.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar.instlday", "15556");
Line Deleted : user_pref("extensions.incredibar.instlref", "");
Line Deleted : user_pref("extensions.incredibar.isdcmntcmplt", true);
Line Deleted : user_pref("extensions.incredibar.keywordurl", "");
Line Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:59:01");
Line Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Line Deleted : user_pref("extensions.incredibar.newtab", "false");
Line Deleted : user_pref("extensions.incredibar.newtaburl", "");
Line Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
Line Deleted : user_pref("extensions.incredibar.ppd", "201%5F4");
Line Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar.productid", "26");
Line Deleted : user_pref("extensions.incredibar.prtnrid", "Incredibar");
Line Deleted : user_pref("extensions.incredibar.sg", "none");
Line Deleted : user_pref("extensions.incredibar.smplgrp", "none");
Line Deleted : user_pref("extensions.incredibar.srch", "");
Line Deleted : user_pref("extensions.incredibar.srchprvdr", "");
Line Deleted : user_pref("extensions.incredibar.tlbrid", "base");
Line Deleted : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQFxr71SB&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar.upn2", "6PQFxr71SB");
Line Deleted : user_pref("extensions.incredibar.upn2n", "92543348064612821");
Line Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar.vrsnts", "1.5.11.1415:59:01");
Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
Line Deleted : user_pref("extensions.incredibar_i.did", "10650");
Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
Line Deleted : user_pref("extensions.incredibar_i.id", "4845b89c0000000000000025d35d8405");
Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15556");
Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
Line Deleted : user_pref("extensions.incredibar_i.ppd", "201%5F4");
Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQFxr71SB&loc=IB_TB&i=26&search=");
Line Deleted : user_pref("extensions.incredibar_i.upn2", "6PQFxr71SB");
Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92543348064612821");
Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:59:01");
Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Line Deleted : user_pref("extensions.mixidj.tlbrId", "mdelta");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10002");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.returnValue", "none");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "hxxp://mystart.incredibar.com/mb139?a=6PQFxr71SB&loc=FF_NT");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MyStart Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Google");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://mystart.incredibar.com/mb139?a=6PQFxr71SB&i=26");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.simapp_id", "{9C71F530-138E-11E2-AABC-0026188D1638}");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={9C71F530-138E-11E2-AABC-0026188D1638}");
Line Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&[...]
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavi[...]
Line Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]

*************************

AdwCleaner[R0].txt - [33018 octets] - [11/01/2014 20:50:22]
AdwCleaner[R1].txt - [33079 octets] - [11/01/2014 22:27:30]
AdwCleaner[S0].txt - [32202 octets] - [11/01/2014 22:29:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [32263 octets] ##########

alanida2 · #32 Příspěvek od **alanida2** » 11 led 2014 22:43

tu je log z rogue killera

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ : Dida [Práva Správcu]
Režim : Kontrola -- Dátum : 01/11/2014 22:42:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 12 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0xc0000033] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-80A0RT0 +++++
--- User ---
[MBR] 12562ed7ee1cc5efdbdcf71d0210708a
[BSP] 2bd0483c9cbbd0c73ecbb3e42dd598c0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12009 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24595515 | Size: 152617 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 337156155 | Size: 140615 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_01112014_224246.txt >>

#33 Příspěvek od **Márty84** » 11 led 2014 22:51

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

alanida2 · #34 Příspěvek od **alanida2** » 11 led 2014 22:57

tu je log z mazania

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ : Dida [Práva Správcu]
Režim : Odebrať -- Dátum : 01/11/2014 22:56:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0xc0000033] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-80A0RT0 +++++
--- User ---
[MBR] 12562ed7ee1cc5efdbdcf71d0210708a
[BSP] 2bd0483c9cbbd0c73ecbb3e42dd598c0 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12009 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24595515 | Size: 152617 Mo
2 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 337156155 | Size: 140615 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_01112014_225626.txt >>
RKreport[0]_D_01112014_225423.txt;RKreport[0]_S_01112014_224246.txt;RKreport[0]_S_01112014_225615.txt

alanida2 · #35 Příspěvek od **alanida2** » 11 led 2014 22:59

druhy log

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ : Dida [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/11/2014 22:58:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0xc0000033] ¤¤¤

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[0]_H_01112014_225809.txt >>
RKreport[0]_D_01112014_225423.txt;RKreport[0]_D_01112014_225626.txt;RKreport[0]_S_01112014_224246.txt
RKreport[0]_S_01112014_225615.txt

#36 Příspěvek od **Márty84** » 11 led 2014 23:00

Fajn

Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

vyosek píše: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

alanida2 · #37 Příspěvek od **alanida2** » 11 led 2014 23:24

malwarebytes nenasiel ziadny malware, mozem dat exit? alebo dat clean up?

a to create restore point tam nevidim
dakujem

#38 Příspěvek od **Márty84** » 12 led 2014 08:59

Jasne ze exit

Claen Up se dava pro vymaz nalezu, jak se pise v navodu

Create Restote Point znamena vytvorit bod obnovy. Jelikoz nic nenasel a nebude se tedy nic mazat, neni treba delat bod obnovy a ta moznost se ani neukazala

alanida2 · #39 Příspěvek od **alanida2** » 12 led 2014 09:06

ok dakujem a terau mam stiahjut a urobit este to druhe ano?

#40 Příspěvek od **Márty84** » 12 led 2014 09:16

Ano

alanida2 · #41 Příspěvek od **alanida2** » 12 led 2014 09:45

09:41:19.0713 1184 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:41:20.0196 1184 ============================================================
09:41:20.0196 1184 Current date / time: 2014/01/12 09:41:20.0196
09:41:20.0196 1184 SystemInfo:
09:41:20.0196 1184
09:41:20.0196 1184 OS Version: 6.0.6002 ServicePack: 2.0
09:41:20.0196 1184 Product type: Workstation
09:41:20.0196 1184 ComputerName: DIDA-PC
09:41:20.0196 1184 UserName: Dida
09:41:20.0196 1184 Windows directory: C:\Windows
09:41:20.0196 1184 System windows directory: C:\Windows
09:41:20.0196 1184 Processor architecture: Intel x86
09:41:20.0196 1184 Number of processors: 2
09:41:20.0196 1184 Page size: 0x1000
09:41:20.0196 1184 Boot type: Normal boot
09:41:20.0196 1184 ============================================================
09:41:20.0590 1184 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:41:20.0590 1184 ============================================================
09:41:20.0590 1184 \Device\Harddisk0\DR0:
09:41:20.0590 1184 MBR partitions:
09:41:20.0590 1184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1774C3B, BlocksNum 0x12A14C00
09:41:20.0621 1184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1418987A, BlocksNum 0x112A3E47
09:41:20.0621 1184 ============================================================
09:41:20.0668 1184 C: <-> \Device\Harddisk0\DR0\Partition1
09:41:20.0699 1184 D: <-> \Device\Harddisk0\DR0\Partition2
09:41:20.0699 1184 ============================================================
09:41:20.0699 1184 Initialize success
09:41:20.0699 1184 ============================================================
09:42:41.0267 2040 ============================================================
09:42:41.0267 2040 Scan started
09:42:41.0267 2040 Mode: Manual; SigCheck; TDLFS;
09:42:41.0267 2040 ============================================================
09:42:41.0485 2040 ================ Scan system memory ========================
09:42:41.0485 2040 System memory - ok
09:42:41.0485 2040 ================ Scan services =============================
09:42:41.0735 2040 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
09:42:41.0844 2040 ACPI - ok
09:42:41.0953 2040 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:42:41.0969 2040 AdobeARMservice - ok
09:42:42.0047 2040 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:42:42.0047 2040 AdobeFlashPlayerUpdateSvc - ok
09:42:42.0094 2040 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:42:42.0125 2040 adp94xx - ok
09:42:42.0172 2040 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:42:42.0187 2040 adpahci - ok
09:42:42.0203 2040 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
09:42:42.0203 2040 adpu160m - ok
09:42:42.0219 2040 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:42:42.0234 2040 adpu320 - ok
09:42:42.0297 2040 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
09:42:42.0312 2040 ADSMService ( UnsignedFile.Multi.Generic ) - warning
09:42:42.0312 2040 ADSMService - detected UnsignedFile.Multi.Generic (1)
09:42:42.0343 2040 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:42:42.0359 2040 AeLookupSvc - ok
09:42:42.0390 2040 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
09:42:42.0421 2040 AFD - ok
09:42:42.0453 2040 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:42:42.0468 2040 agp440 - ok
09:42:42.0484 2040 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:42:42.0484 2040 aic78xx - ok
09:42:42.0499 2040 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
09:42:42.0531 2040 ALG - ok
09:42:42.0546 2040 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
09:42:42.0546 2040 aliide - ok
09:42:42.0562 2040 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:42:42.0577 2040 amdagp - ok
09:42:42.0577 2040 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
09:42:42.0593 2040 amdide - ok
09:42:42.0609 2040 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
09:42:42.0640 2040 AmdK7 - ok
09:42:42.0655 2040 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:42:42.0702 2040 AmdK8 - ok
09:42:42.0733 2040 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
09:42:42.0780 2040 Appinfo - ok
09:42:42.0796 2040 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
09:42:42.0811 2040 arc - ok
09:42:42.0827 2040 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:42:42.0827 2040 arcsas - ok
09:42:42.0858 2040 [ 104DB777372411C55850C4A2AE6877EF ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
09:42:42.0874 2040 AsDsm - ok
09:42:42.0952 2040 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
09:42:42.0952 2040 ASLDRService - ok
09:42:42.0983 2040 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
09:42:42.0983 2040 ASMMAP - ok
09:42:43.0014 2040 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:42:43.0045 2040 AsyncMac - ok
09:42:43.0092 2040 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
09:42:43.0092 2040 atapi - ok
09:42:43.0139 2040 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys
09:42:43.0233 2040 athr - ok
09:42:43.0264 2040 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
09:42:43.0264 2040 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
09:42:43.0264 2040 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
09:42:43.0295 2040 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:42:43.0326 2040 AudioEndpointBuilder - ok
09:42:43.0342 2040 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:42:43.0357 2040 Audiosrv - ok
09:42:43.0389 2040 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
09:42:43.0420 2040 Beep - ok
09:42:43.0467 2040 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
09:42:43.0498 2040 BFE - ok
09:42:43.0576 2040 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
09:42:43.0623 2040 BITS - ok
09:42:43.0669 2040 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:42:43.0701 2040 blbdrive - ok
09:42:43.0732 2040 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:42:43.0779 2040 bowser - ok
09:42:43.0810 2040 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
09:42:43.0825 2040 BrFiltLo - ok
09:42:43.0857 2040 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
09:42:43.0872 2040 BrFiltUp - ok
09:42:43.0903 2040 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
09:42:43.0935 2040 Browser - ok
09:42:43.0950 2040 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
09:42:43.0997 2040 Brserid - ok
09:42:44.0013 2040 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
09:42:44.0075 2040 BrSerWdm - ok
09:42:44.0075 2040 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
09:42:44.0122 2040 BrUsbMdm - ok
09:42:44.0153 2040 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
09:42:44.0184 2040 BrUsbSer - ok
09:42:44.0215 2040 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:42:44.0262 2040 BTHMODEM - ok
09:42:44.0278 2040 catchme - ok
09:42:44.0309 2040 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:42:44.0340 2040 cdfs - ok
09:42:44.0387 2040 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:42:44.0403 2040 cdrom - ok
09:42:44.0449 2040 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
09:42:44.0481 2040 CertPropSvc - ok
09:42:44.0496 2040 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
09:42:44.0543 2040 circlass - ok
09:42:44.0590 2040 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
09:42:44.0605 2040 CLFS - ok
09:42:44.0652 2040 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:42:44.0652 2040 clr_optimization_v2.0.50727_32 - ok
09:42:44.0730 2040 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:42:44.0746 2040 clr_optimization_v4.0.30319_32 - ok
09:42:44.0777 2040 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:42:44.0808 2040 CmBatt - ok
09:42:44.0824 2040 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:42:44.0839 2040 cmdide - ok
09:42:44.0855 2040 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:42:44.0871 2040 Compbatt - ok
09:42:44.0871 2040 COMSysApp - ok
09:42:44.0886 2040 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:42:44.0886 2040 crcdisk - ok
09:42:44.0949 2040 [ D18893845AE1C5833B5B2EA9B7F5C670 ] CRFILTER C:\Windows\system32\DRIVERS\CRFILTER.sys
09:42:44.0980 2040 CRFILTER - ok
09:42:45.0011 2040 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
09:42:45.0027 2040 Crusoe - ok
09:42:45.0073 2040 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:42:45.0089 2040 CryptSvc - ok
09:42:45.0151 2040 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:42:45.0183 2040 DcomLaunch - ok
09:42:45.0214 2040 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:42:45.0245 2040 DfsC - ok
09:42:45.0307 2040 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
09:42:45.0417 2040 DFSR - ok
09:42:45.0448 2040 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
09:42:45.0479 2040 Dhcp - ok
09:42:45.0495 2040 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
09:42:45.0510 2040 disk - ok
09:42:45.0541 2040 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:42:45.0588 2040 Dnscache - ok
09:42:45.0635 2040 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:42:45.0651 2040 dot3svc - ok
09:42:45.0697 2040 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
09:42:45.0744 2040 Dot4 - ok
09:42:45.0760 2040 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:42:45.0791 2040 Dot4Print - ok
09:42:45.0807 2040 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
09:42:45.0869 2040 dot4usb - ok
09:42:45.0900 2040 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
09:42:45.0947 2040 DPS - ok
09:42:45.0978 2040 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:42:46.0009 2040 drmkaud - ok
09:42:46.0072 2040 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:42:46.0103 2040 DXGKrnl - ok
09:42:46.0134 2040 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
09:42:46.0181 2040 E1G60 - ok
09:42:46.0243 2040 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
09:42:46.0275 2040 EapHost - ok
09:42:46.0337 2040 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
09:42:46.0353 2040 Ecache - ok
09:42:46.0399 2040 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:42:46.0415 2040 ehRecvr - ok
09:42:46.0446 2040 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
09:42:46.0462 2040 ehSched - ok
09:42:46.0462 2040 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
09:42:46.0493 2040 ehstart - ok
09:42:46.0540 2040 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:42:46.0555 2040 elxstor - ok
09:42:46.0633 2040 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
09:42:46.0665 2040 EMDMgmt - ok
09:42:46.0711 2040 [ 901CFA8E3C982A2CA60BD2EE3EAA61BD ] eRootDrv C:\Windows\system32\DRIVERS\eRootDrv.sys
09:42:46.0711 2040 eRootDrv - ok
09:42:46.0774 2040 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:42:46.0805 2040 ErrDev - ok
09:42:46.0821 2040 [ 3C1D6B99320C64EB3423E229128D5182 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
09:42:46.0836 2040 ETD - ok
09:42:46.0883 2040 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
09:42:46.0914 2040 EventSystem - ok
09:42:46.0945 2040 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
09:42:46.0977 2040 exfat - ok
09:42:47.0023 2040 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:42:47.0055 2040 fastfat - ok
09:42:47.0086 2040 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:42:47.0117 2040 fdc - ok
09:42:47.0133 2040 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
09:42:47.0148 2040 fdPHost - ok
09:42:47.0164 2040 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
09:42:47.0211 2040 FDResPub - ok
09:42:47.0226 2040 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:42:47.0226 2040 FileInfo - ok
09:42:47.0242 2040 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:42:47.0289 2040 Filetrace - ok
09:42:47.0304 2040 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:42:47.0335 2040 flpydisk - ok
09:42:47.0382 2040 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:42:47.0398 2040 FltMgr - ok
09:42:47.0445 2040 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
09:42:47.0476 2040 FontCache - ok
09:42:47.0585 2040 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:42:47.0585 2040 FontCache3.0.0.0 - ok
09:42:47.0616 2040 [ 17829180DEEBF703EC7F445AC3ABEA99 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
09:42:47.0632 2040 fssfltr - ok
09:42:47.0679 2040 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
09:42:47.0694 2040 fsssvc - ok
09:42:47.0788 2040 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
09:42:47.0803 2040 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
09:42:47.0803 2040 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
09:42:47.0835 2040 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:42:47.0850 2040 Fs_Rec - ok
09:42:47.0866 2040 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:42:47.0881 2040 gagp30kx - ok
09:42:47.0928 2040 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
09:42:47.0975 2040 gpsvc - ok
09:42:48.0022 2040 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:42:48.0084 2040 HdAudAddService - ok
09:42:48.0131 2040 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:42:48.0178 2040 HDAudBus - ok
09:42:48.0225 2040 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:42:48.0256 2040 HidBth - ok
09:42:48.0271 2040 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:42:48.0303 2040 HidIr - ok
09:42:48.0349 2040 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
09:42:48.0365 2040 hidserv - ok
09:42:48.0427 2040 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:42:48.0459 2040 HidUsb - ok
09:42:48.0505 2040 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:42:48.0552 2040 hkmsvc - ok
09:42:48.0583 2040 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
09:42:48.0599 2040 HpCISSs - ok
09:42:48.0724 2040 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:42:48.0739 2040 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
09:42:48.0739 2040 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
09:42:48.0755 2040 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:42:48.0771 2040 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
09:42:48.0771 2040 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
09:42:48.0802 2040 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:42:48.0849 2040 HTTP - ok
09:42:48.0880 2040 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
09:42:48.0895 2040 i2omp - ok
09:42:48.0911 2040 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:42:48.0927 2040 i8042prt - ok
09:42:48.0973 2040 [ 71ECC07BC7C5E24C3DD01D8A29A24054 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:42:48.0989 2040 iaStor - ok
09:42:49.0005 2040 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
09:42:49.0020 2040 iaStorV - ok
09:42:49.0098 2040 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:42:49.0176 2040 idsvc - ok
09:42:49.0426 2040 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:42:49.0816 2040 igfx - ok
09:42:49.0863 2040 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:42:49.0863 2040 iirsp - ok
09:42:49.0909 2040 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
09:42:49.0941 2040 IKEEXT - ok
09:42:49.0956 2040 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
09:42:49.0972 2040 intelide - ok
09:42:49.0987 2040 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:42:50.0019 2040 intelppm - ok
09:42:50.0050 2040 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:42:50.0081 2040 IPBusEnum - ok
09:42:50.0112 2040 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:42:50.0143 2040 IpFilterDriver - ok
09:42:50.0206 2040 [ 7F83B06A929A981BC001B2EA304D2036 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:42:50.0237 2040 iphlpsvc - ok
09:42:50.0253 2040 IpInIp - ok
09:42:50.0284 2040 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
09:42:50.0315 2040 IPMIDRV - ok
09:42:50.0346 2040 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
09:42:50.0362 2040 IPNAT - ok
09:42:50.0377 2040 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:42:50.0424 2040 IRENUM - ok
09:42:50.0440 2040 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:42:50.0455 2040 isapnp - ok
09:42:50.0487 2040 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:42:50.0502 2040 iScsiPrt - ok
09:42:50.0549 2040 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Program Files\UltraISO\drivers\ISODrive.sys
09:42:50.0549 2040 ISODrive - ok
09:42:50.0565 2040 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
09:42:50.0580 2040 iteatapi - ok
09:42:50.0596 2040 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
09:42:50.0611 2040 iteraid - ok
09:42:50.0611 2040 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:42:50.0627 2040 kbdclass - ok
09:42:50.0643 2040 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:42:50.0674 2040 kbdhid - ok
09:42:50.0689 2040 [ 7F2B8D0B31FB4A797E5786EF124C5A80 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
09:42:50.0705 2040 kbfiltr - ok
09:42:50.0736 2040 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
09:42:50.0752 2040 KeyIso - ok
09:42:50.0783 2040 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:42:50.0799 2040 KSecDD - ok
09:42:50.0845 2040 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:42:50.0877 2040 KtmRm - ok
09:42:50.0923 2040 [ 24ABDDEB766C8459F9D562EB083B6CB8 ] L1E C:\Windows\system32\DRIVERS\L1E60x86.sys
09:42:50.0955 2040 L1E - ok
09:42:51.0001 2040 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
09:42:51.0033 2040 LanmanServer - ok
09:42:51.0064 2040 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:42:51.0095 2040 LanmanWorkstation - ok
09:42:51.0111 2040 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:42:51.0142 2040 lltdio - ok
09:42:51.0173 2040 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:42:51.0220 2040 lltdsvc - ok
09:42:51.0235 2040 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:42:51.0267 2040 lmhosts - ok
09:42:51.0298 2040 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:42:51.0298 2040 LSI_FC - ok
09:42:51.0329 2040 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:42:51.0329 2040 LSI_SAS - ok
09:42:51.0345 2040 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:42:51.0360 2040 LSI_SCSI - ok
09:42:51.0407 2040 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
09:42:51.0454 2040 luafv - ok
09:42:51.0469 2040 [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
09:42:51.0485 2040 lullaby - ok
09:42:51.0501 2040 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:42:51.0547 2040 Mcx2Svc - ok
09:42:51.0579 2040 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
09:42:51.0594 2040 megasas - ok
09:42:51.0625 2040 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:42:51.0641 2040 MegaSR - ok
09:42:51.0672 2040 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
09:42:51.0719 2040 MMCSS - ok
09:42:51.0750 2040 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
09:42:51.0797 2040 Modem - ok
09:42:51.0828 2040 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:42:51.0859 2040 monitor - ok
09:42:51.0891 2040 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:42:51.0891 2040 mouclass - ok
09:42:51.0922 2040 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:42:51.0937 2040 mouhid - ok
09:42:51.0969 2040 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:42:51.0969 2040 MountMgr - ok
09:42:52.0047 2040 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:42:52.0047 2040 MozillaMaintenance - ok
09:42:52.0078 2040 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
09:42:52.0078 2040 mpio - ok
09:42:52.0093 2040 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:42:52.0125 2040 mpsdrv - ok
09:42:52.0218 2040 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:42:52.0265 2040 MpsSvc - ok
09:42:52.0312 2040 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:42:52.0312 2040 Mraid35x - ok
09:42:52.0359 2040 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:42:52.0390 2040 MRxDAV - ok
09:42:52.0421 2040 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:42:52.0468 2040 mrxsmb - ok
09:42:52.0499 2040 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:42:52.0530 2040 mrxsmb10 - ok
09:42:52.0546 2040 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:42:52.0561 2040 mrxsmb20 - ok
09:42:52.0577 2040 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
09:42:52.0593 2040 msahci - ok
09:42:52.0608 2040 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:42:52.0624 2040 msdsm - ok
09:42:52.0639 2040 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
09:42:52.0655 2040 MSDTC - ok
09:42:52.0686 2040 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:42:52.0717 2040 Msfs - ok
09:42:52.0717 2040 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:42:52.0733 2040 msisadrv - ok
09:42:52.0764 2040 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:42:52.0780 2040 MSiSCSI - ok
09:42:52.0795 2040 msiserver - ok
09:42:52.0811 2040 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:42:52.0842 2040 MSKSSRV - ok
09:42:52.0858 2040 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:42:52.0889 2040 MSPCLOCK - ok
09:42:52.0905 2040 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:42:52.0936 2040 MSPQM - ok
09:42:52.0956 2040 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:42:52.0988 2040 MsRPC - ok
09:42:52.0988 2040 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:42:53.0003 2040 mssmbios - ok
09:42:53.0019 2040 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:42:53.0050 2040 MSTEE - ok
09:42:53.0081 2040 [ BB16693616427EAC1A436E106EA8D318 ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
09:42:53.0097 2040 MTsensor - ok
09:42:53.0128 2040 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
09:42:53.0144 2040 Mup - ok
09:42:53.0190 2040 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
09:42:53.0222 2040 napagent - ok
09:42:53.0268 2040 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:42:53.0284 2040 NativeWifiP - ok
09:42:53.0331 2040 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:42:53.0346 2040 NDIS - ok
09:42:53.0393 2040 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:42:53.0424 2040 NdisTapi - ok
09:42:53.0456 2040 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:42:53.0487 2040 Ndisuio - ok
09:42:53.0518 2040 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:42:53.0549 2040 NdisWan - ok
09:42:53.0580 2040 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:42:53.0596 2040 NDProxy - ok
09:42:53.0658 2040 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:42:53.0674 2040 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:42:53.0674 2040 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:42:53.0690 2040 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:42:53.0721 2040 NetBIOS - ok
09:42:53.0752 2040 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:42:53.0768 2040 netbt - ok
09:42:53.0783 2040 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe
09:42:53.0799 2040 Netlogon - ok
09:42:53.0830 2040 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
09:42:53.0861 2040 Netman - ok
09:42:53.0877 2040 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
09:42:53.0924 2040 netprofm - ok
09:42:53.0970 2040 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:42:53.0970 2040 NetTcpPortSharing - ok
09:42:54.0002 2040 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:42:54.0002 2040 nfrd960 - ok
09:42:54.0048 2040 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:42:54.0080 2040 NlaSvc - ok
09:42:54.0111 2040 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:42:54.0126 2040 Npfs - ok
09:42:54.0142 2040 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
09:42:54.0189 2040 nsi - ok
09:42:54.0220 2040 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:42:54.0236 2040 nsiproxy - ok
09:42:54.0314 2040 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:42:54.0345 2040 Ntfs - ok
09:42:54.0376 2040 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:42:54.0423 2040 ntrigdigi - ok
09:42:54.0438 2040 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
09:42:54.0470 2040 Null - ok
09:42:54.0485 2040 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:42:54.0501 2040 nvraid - ok
09:42:54.0516 2040 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:42:54.0532 2040 nvstor - ok
09:42:54.0548 2040 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:42:54.0548 2040 nv_agp - ok
09:42:54.0563 2040 NwlnkFlt - ok
09:42:54.0563 2040 NwlnkFwd - ok
09:42:54.0579 2040 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:42:54.0626 2040 ohci1394 - ok
09:42:54.0672 2040 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:42:54.0688 2040 ose - ok
09:42:54.0828 2040 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:42:55.0000 2040 osppsvc - ok
09:42:55.0062 2040 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:42:55.0109 2040 p2pimsvc - ok
09:42:55.0125 2040 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
09:42:55.0156 2040 p2psvc - ok
09:42:55.0187 2040 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
09:42:55.0234 2040 Parport - ok
09:42:55.0265 2040 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:42:55.0265 2040 partmgr - ok
09:42:55.0296 2040 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:42:55.0328 2040 Parvdm - ok
09:42:55.0359 2040 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
09:42:55.0390 2040 PcaSvc - ok
09:42:55.0437 2040 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
09:42:55.0468 2040 pccsmcfd - ok
09:42:55.0499 2040 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
09:42:55.0515 2040 pci - ok
09:42:55.0546 2040 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
09:42:55.0562 2040 pciide - ok
09:42:55.0577 2040 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:42:55.0577 2040 pcmcia - ok
09:42:55.0640 2040 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:42:55.0702 2040 PEAUTH - ok
09:42:55.0780 2040 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
09:42:55.0920 2040 pla - ok
09:42:55.0967 2040 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:42:55.0998 2040 PlugPlay - ok
09:42:56.0030 2040 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:42:56.0045 2040 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
09:42:56.0045 2040 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
09:42:56.0076 2040 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:42:56.0108 2040 PNRPAutoReg - ok
09:42:56.0154 2040 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:42:56.0186 2040 PNRPsvc - ok
09:42:56.0248 2040 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:42:56.0264 2040 PolicyAgent - ok
09:42:56.0310 2040 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:42:56.0342 2040 PptpMiniport - ok
09:42:56.0388 2040 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
09:42:56.0404 2040 Processor - ok
09:42:56.0451 2040 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
09:42:56.0482 2040 ProfSvc - ok
09:42:56.0482 2040 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
09:42:56.0498 2040 ProtectedStorage - ok
09:42:56.0529 2040 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:42:56.0560 2040 PSched - ok
09:42:56.0591 2040 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:42:56.0638 2040 ql2300 - ok
09:42:56.0669 2040 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:42:56.0685 2040 ql40xx - ok
09:42:56.0716 2040 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
09:42:56.0732 2040 QWAVE - ok
09:42:56.0747 2040 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:42:56.0763 2040 QWAVEdrv - ok
09:42:56.0778 2040 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:42:56.0825 2040 RasAcd - ok
09:42:56.0841 2040 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
09:42:56.0872 2040 RasAuto - ok
09:42:56.0903 2040 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:42:56.0934 2040 Rasl2tp - ok
09:42:56.0981 2040 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
09:42:57.0012 2040 RasMan - ok
09:42:57.0028 2040 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:42:57.0075 2040 RasPppoe - ok
09:42:57.0075 2040 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:42:57.0090 2040 RasSstp - ok
09:42:57.0137 2040 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:42:57.0153 2040 rdbss - ok
09:42:57.0184 2040 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:42:57.0215 2040 RDPCDD - ok
09:42:57.0231 2040 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:42:57.0262 2040 rdpdr - ok
09:42:57.0278 2040 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:42:57.0293 2040 RDPENCDD - ok
09:42:57.0324 2040 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:42:57.0356 2040 RDPWD - ok
09:42:57.0402 2040 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:42:57.0418 2040 RemoteRegistry - ok
09:42:57.0449 2040 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
09:42:57.0480 2040 RpcLocator - ok
09:42:57.0527 2040 [ 6684437F3628EF237C354F77D33426D1 ] rpcnet C:\Windows\system32\rpcnet.exe
09:42:57.0527 2040 rpcnet - ok
09:42:57.0574 2040 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
09:42:57.0590 2040 RpcSs - ok
09:42:57.0636 2040 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:42:57.0668 2040 rspndr - ok
09:42:57.0683 2040 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
09:42:57.0699 2040 SamSs - ok
09:42:57.0714 2040 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:42:57.0714 2040 sbp2port - ok
09:42:57.0761 2040 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:42:57.0777 2040 SCardSvr - ok
09:42:57.0839 2040 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
09:42:57.0855 2040 Schedule - ok
09:42:57.0902 2040 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:42:57.0917 2040 SCPolicySvc - ok
09:42:57.0948 2040 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:42:57.0980 2040 sdbus - ok
09:42:58.0026 2040 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:42:58.0058 2040 SDRSVC - ok
09:42:58.0073 2040 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:42:58.0120 2040 secdrv - ok
09:42:58.0136 2040 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
09:42:58.0167 2040 seclogon - ok
09:42:58.0182 2040 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
09:42:58.0229 2040 SENS - ok
09:42:58.0245 2040 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:42:58.0292 2040 Serenum - ok
09:42:58.0307 2040 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
09:42:58.0370 2040 Serial - ok
09:42:58.0385 2040 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:42:58.0416 2040 sermouse - ok
09:42:58.0494 2040 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
09:42:58.0510 2040 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
09:42:58.0510 2040 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
09:42:58.0572 2040 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
09:42:58.0604 2040 SessionEnv - ok
09:42:58.0604 2040 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:42:58.0635 2040 sffdisk - ok
09:42:58.0650 2040 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:42:58.0682 2040 sffp_mmc - ok
09:42:58.0697 2040 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:42:58.0728 2040 sffp_sd - ok
09:42:58.0744 2040 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:42:58.0791 2040 sfloppy - ok
09:42:58.0869 2040 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:42:58.0916 2040 SharedAccess - ok
09:42:58.0962 2040 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:42:58.0994 2040 ShellHWDetection - ok
09:42:59.0025 2040 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:42:59.0040 2040 sisagp - ok
09:42:59.0040 2040 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:42:59.0056 2040 SiSRaid2 - ok
09:42:59.0072 2040 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:42:59.0087 2040 SiSRaid4 - ok
09:42:59.0196 2040 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
09:42:59.0321 2040 slsvc - ok
09:42:59.0352 2040 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:42:59.0368 2040 SLUINotify - ok
09:42:59.0430 2040 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:42:59.0446 2040 Smb - ok
09:42:59.0493 2040 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
09:42:59.0586 2040 smserial - ok
09:42:59.0618 2040 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:42:59.0633 2040 SNMPTRAP - ok
09:42:59.0680 2040 [ 060F51141B20B8156804446A04AB8B2A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
09:42:59.0789 2040 SNP2UVC - ok
09:42:59.0805 2040 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
09:42:59.0820 2040 spldr - ok
09:42:59.0852 2040 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
09:42:59.0883 2040 Spooler - ok
09:42:59.0914 2040 [ 43E8E8238FF52A807D5C17F1AE5CC49C ] SRS_PremiumSound_Service C:\Windows\system32\drivers\srs_PremiumSound_i386.sys
09:42:59.0930 2040 SRS_PremiumSound_Service - ok
09:42:59.0945 2040 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:42:59.0976 2040 srv - ok
09:42:59.0992 2040 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:43:00.0023 2040 srv2 - ok
09:43:00.0054 2040 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:43:00.0086 2040 srvnet - ok
09:43:00.0132 2040 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:43:00.0164 2040 SSDPSRV - ok
09:43:00.0179 2040 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:43:00.0195 2040 SstpSvc - ok
09:43:00.0242 2040 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
09:43:00.0257 2040 stisvc - ok
09:43:00.0304 2040 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:43:00.0320 2040 swenum - ok
09:43:00.0351 2040 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
09:43:00.0382 2040 swprv - ok
09:43:00.0398 2040 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:43:00.0413 2040 Symc8xx - ok
09:43:00.0429 2040 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:43:00.0444 2040 Sym_hi - ok
09:43:00.0460 2040 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:43:00.0476 2040 Sym_u3 - ok
09:43:00.0507 2040 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
09:43:00.0554 2040 SysMain - ok
09:43:00.0600 2040 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:43:00.0632 2040 TabletInputService - ok
09:43:00.0678 2040 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:43:00.0694 2040 TapiSrv - ok
09:43:00.0710 2040 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
09:43:00.0741 2040 TBS - ok
09:43:00.0803 2040 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:43:00.0834 2040 Tcpip - ok
09:43:00.0881 2040 [ 814A1C66FBD4E1B310A517221F1456BF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:43:00.0912 2040 Tcpip6 - ok
09:43:00.0975 2040 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:43:00.0990 2040 tcpipreg - ok
09:43:01.0022 2040 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:43:01.0068 2040 TDPIPE - ok
09:43:01.0084 2040 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:43:01.0115 2040 TDTCP - ok
09:43:01.0146 2040 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:43:01.0162 2040 tdx - ok
09:43:01.0178 2040 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:43:01.0193 2040 TermDD - ok
09:43:01.0240 2040 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
09:43:01.0271 2040 TermService - ok
09:43:01.0302 2040 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
09:43:01.0318 2040 Themes - ok
09:43:01.0349 2040 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
09:43:01.0365 2040 THREADORDER - ok
09:43:01.0412 2040 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
09:43:01.0443 2040 TrkWks - ok
09:43:01.0521 2040 [ F2AEE22231046CAD8D2F94D2C0F9BEFB ] trufos C:\Windows\system32\drivers\trufos.sys
09:43:01.0536 2040 trufos - ok
09:43:01.0677 2040 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:43:01.0692 2040 TrustedInstaller - ok
09:43:01.0724 2040 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:43:01.0770 2040 tssecsrv - ok
09:43:01.0786 2040 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:43:01.0802 2040 tunmp - ok
09:43:01.0833 2040 [ 119B8184E106BAEDC83FCE5DDF3950DA ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:43:01.0864 2040 tunnel - ok
09:43:01.0880 2040 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:43:01.0895 2040 uagp35 - ok
09:43:01.0942 2040 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:43:01.0958 2040 udfs - ok
09:43:02.0004 2040 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:43:02.0051 2040 UI0Detect - ok
09:43:02.0067 2040 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:43:02.0082 2040 uliagpkx - ok
09:43:02.0098 2040 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:43:02.0114 2040 uliahci - ok
09:43:02.0129 2040 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:43:02.0129 2040 UlSata - ok
09:43:02.0145 2040 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:43:02.0160 2040 ulsata2 - ok
09:43:02.0176 2040 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:43:02.0223 2040 umbus - ok
09:43:02.0254 2040 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
09:43:02.0285 2040 upnphost - ok
09:43:02.0316 2040 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:43:02.0363 2040 usbccgp - ok
09:43:02.0379 2040 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:43:02.0441 2040 usbcir - ok
09:43:02.0457 2040 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:43:02.0488 2040 usbehci - ok
09:43:02.0519 2040 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:43:02.0550 2040 usbhub - ok
09:43:02.0566 2040 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:43:02.0613 2040 usbohci - ok
09:43:02.0644 2040 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:43:02.0691 2040 usbprint - ok
09:43:02.0738 2040 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:43:02.0769 2040 usbscan - ok
09:43:02.0800 2040 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:43:02.0831 2040 USBSTOR - ok
09:43:02.0862 2040 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:43:02.0878 2040 usbuhci - ok
09:43:02.0925 2040 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:43:02.0940 2040 usbvideo - ok
09:43:02.0992 2040 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
09:43:03.0008 2040 UxSms - ok
09:43:03.0055 2040 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
09:43:03.0101 2040 vds - ok
09:43:03.0164 2040 [ A7A771AEBB09B7932BA79D086CC7FD21 ] VD_FileDisk C:\Windows\system32\drivers\VD_FileDisk.sys
09:43:03.0164 2040 VD_FileDisk - ok
09:43:03.0195 2040 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:43:03.0226 2040 vga - ok
09:43:03.0257 2040 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
09:43:03.0273 2040 VgaSave - ok
09:43:03.0304 2040 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:43:03.0304 2040 viaagp - ok
09:43:03.0320 2040 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:43:03.0351 2040 ViaC7 - ok
09:43:03.0398 2040 [ 6970BC9F9316D3A61D8E0DFD0F2D4CEC ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
09:43:03.0445 2040 VIAHdAudAddService - ok
09:43:03.0460 2040 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
09:43:03.0476 2040 viaide - ok
09:43:03.0491 2040 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:43:03.0507 2040 volmgr - ok
09:43:03.0523 2040 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:43:03.0554 2040 volmgrx - ok
09:43:03.0585 2040 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:43:03.0601 2040 volsnap - ok
09:43:03.0616 2040 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:43:03.0632 2040 vsmraid - ok
09:43:03.0679 2040 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
09:43:03.0741 2040 VSS - ok
09:43:03.0803 2040 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
09:43:03.0850 2040 W32Time - ok
09:43:03.0866 2040 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:43:03.0928 2040 WacomPen - ok
09:43:03.0959 2040 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:43:03.0975 2040 Wanarp - ok
09:43:03.0975 2040 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:43:04.0006 2040 Wanarpv6 - ok
09:43:04.0037 2040 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:43:04.0069 2040 wcncsvc - ok
09:43:04.0115 2040 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:43:04.0147 2040 WcsPlugInService - ok
09:43:04.0193 2040 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
09:43:04.0209 2040 Wd - ok
09:43:04.0256 2040 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
09:43:04.0287 2040 WDC_SAM - ok
09:43:04.0303 2040 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:43:04.0318 2040 Wdf01000 - ok
09:43:04.0365 2040 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:43:04.0396 2040 WdiServiceHost - ok
09:43:04.0396 2040 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:43:04.0427 2040 WdiSystemHost - ok
09:43:04.0474 2040 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
09:43:04.0490 2040 WebClient - ok
09:43:04.0521 2040 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:43:04.0537 2040 Wecsvc - ok
09:43:04.0568 2040 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:43:04.0583 2040 wercplsupport - ok
09:43:04.0630 2040 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
09:43:04.0661 2040 WerSvc - ok
09:43:04.0693 2040 [ 090A2B8F055343815556A01F725F6C35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:43:04.0708 2040 WimFltr - ok
09:43:04.0755 2040 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:43:04.0771 2040 WinDefend - ok
09:43:04.0771 2040 WinHttpAutoProxySvc - ok
09:43:04.0833 2040 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:43:04.0849 2040 Winmgmt - ok
09:43:04.0911 2040 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
09:43:04.0973 2040 WinRM - ok
09:43:05.0067 2040 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:43:05.0098 2040 Wlansvc - ok
09:43:05.0145 2040 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:43:05.0176 2040 WmiAcpi - ok
09:43:05.0223 2040 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:43:05.0254 2040 wmiApSrv - ok
09:43:05.0332 2040 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:43:05.0348 2040 WMPNetworkSvc - ok
09:43:05.0363 2040 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:43:05.0426 2040 WPCSvc - ok
09:43:05.0473 2040 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:43:05.0488 2040 WPDBusEnum - ok
09:43:05.0519 2040 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:43:05.0535 2040 WpdUsb - ok
09:43:05.0660 2040 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:43:05.0675 2040 WPFFontCache_v0400 - ok
09:43:05.0707 2040 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:43:05.0738 2040 ws2ifsl - ok
09:43:05.0769 2040 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
09:43:05.0800 2040 wscsvc - ok
09:43:05.0800 2040 WSearch - ok
09:43:05.0909 2040 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
09:43:06.0019 2040 wuauserv - ok
09:43:06.0050 2040 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:43:06.0097 2040 WUDFRd - ok
09:43:06.0128 2040 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:43:06.0175 2040 wudfsvc - ok
09:43:06.0206 2040 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
09:43:06.0253 2040 yukonwlh - ok
09:43:06.0253 2040 ================ Scan global ===============================
09:43:06.0299 2040 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
09:43:06.0346 2040 [ 9A7A3BC8DC7E7ECABA2478CED4C38CBD ] C:\Windows\system32\winsrv.dll
09:43:06.0362 2040 [ 9A7A3BC8DC7E7ECABA2478CED4C38CBD ] C:\Windows\system32\winsrv.dll
09:43:06.0424 2040 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
09:43:06.0424 2040 [Global] - ok
09:43:06.0424 2040 ================ Scan MBR ==================================
09:43:06.0440 2040 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0
09:43:07.0017 2040 \Device\Harddisk0\DR0 - ok
09:43:07.0017 2040 ================ Scan VBR ==================================
09:43:07.0033 2040 [ 0116400DAE2213531581C679778872DD ] \Device\Harddisk0\DR0\Partition1
09:43:07.0033 2040 \Device\Harddisk0\DR0\Partition1 - ok
09:43:07.0033 2040 [ 39AE39937D430BFB35D546287197F199 ] \Device\Harddisk0\DR0\Partition2
09:43:07.0033 2040 \Device\Harddisk0\DR0\Partition2 - ok
09:43:07.0033 2040 ============================================================
09:43:07.0033 2040 Scan finished
09:43:07.0033 2040 ============================================================
09:43:07.0048 0836 Detected object count: 8
09:43:07.0048 0836 Actual detected object count: 8
09:43:34.0052 0836 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0052 0836 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0052 0836 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0052 0836 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:43:34.0067 0836 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
09:43:34.0067 0836 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

#42 Příspěvek od **Márty84** » 12 led 2014 09:57

Dejte novy log z RSIT

alanida2 · #43 Příspěvek od **alanida2** » 12 led 2014 10:04

ok tu je

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dida at 2014-01-12 10:02:36
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 40 GB (26%) free of 153 GB
Total RAM: 3036 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:02:39, on 12. 1. 2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Opera\Opera.exe
C:\Windows\system32\conime.exe
C:\Users\Dida\Desktop\tdsskiller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dida\Desktop\RSIT.exe
C:\Program Files\trend micro\Dida.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Adrvworks] regsvr32.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7768 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dida\AppData\Roaming\Mozilla\Firefox\Profiles\6jnax4f7.default

prefs.js - "browser.startup.homepage" - ""

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-28 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-28 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"P2Go_Menu"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-06-14 210216]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-03-23 17149952]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-09-30 237568]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-12-29 159744]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-07 1593344]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-07-27 3054136]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2009-07-27 47672]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-06 424352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Adrvworks"=C:\Windows\system32\regsvr32.exe [2006-11-02 14336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableVirtualization"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-12 09:41:19 ----A---- C:\TDSSKiller.2.8.16.0_12.01.2014_09.41.19_log.txt
2014-01-11 23:06:12 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-11 23:06:12 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-01-11 23:04:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-01-11 22:42:43 ----A---- C:\Windows\system32\drivers\yk60x86.sys.bak
2014-01-11 22:42:43 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-11 22:42:43 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-11 22:42:42 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-11 22:42:42 ----A---- C:\Windows\system32\drivers\WpdUsb.sys.bak
2014-01-11 22:42:42 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-11 22:42:42 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-11 22:42:41 ----A---- C:\Windows\system32\drivers\WimFltr.sys.bak
2014-01-11 22:42:41 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-11 22:42:41 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-11 22:42:41 ----A---- C:\Windows\system32\drivers\wdcsam.sys.bak
2014-01-11 22:42:40 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-11 22:42:40 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-11 22:42:40 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-11 22:42:40 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-11 22:42:40 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-11 22:42:39 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-11 22:42:39 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-11 22:42:39 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-11 22:42:39 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-11 22:42:38 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-11 22:42:38 ----A---- C:\Windows\system32\drivers\viahduaa.sys.bak
2014-01-11 22:42:38 ----A---- C:\Windows\system32\drivers\viac7.sys.bak
2014-01-11 22:42:38 ----A---- C:\Windows\system32\drivers\VIAAGP.SYS.bak
2014-01-11 22:42:38 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-11 22:42:37 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-11 22:42:37 ----A---- C:\Windows\system32\drivers\vd_filedisk.sys.bak
2014-01-11 22:42:37 ----A---- C:\Windows\system32\drivers\usbvideo.sys.bak
2014-01-11 22:42:36 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-11 22:42:36 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-11 22:42:36 ----A---- C:\Windows\system32\drivers\usbscan.sys.bak
2014-01-11 22:42:36 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-11 22:42:35 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-11 22:42:35 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-11 22:42:35 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-11 22:42:34 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-11 22:42:34 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-11 22:42:34 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-11 22:42:34 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-11 22:42:34 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-11 22:42:33 ----A---- C:\Windows\system32\drivers\USBCAMD.sys.bak
2014-01-11 22:42:33 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-11 22:42:33 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-11 22:42:33 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-11 22:42:32 ----A---- C:\Windows\system32\drivers\ulsata2.sys.bak
2014-01-11 22:42:32 ----A---- C:\Windows\system32\drivers\ulsata.sys.bak
2014-01-11 22:42:32 ----A---- C:\Windows\system32\drivers\uliahci.sys.bak
2014-01-11 22:42:32 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-11 22:42:31 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-11 22:42:31 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-11 22:42:31 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-11 22:42:30 ----A---- C:\Windows\system32\drivers\TUNMP.SYS.bak
2014-01-11 22:42:30 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-11 22:42:30 ----A---- C:\Windows\system32\drivers\trufos.sys.bak
2014-01-11 22:42:29 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-11 22:42:29 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-11 22:42:29 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-11 22:42:29 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-11 22:42:28 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-11 22:42:28 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-11 22:42:27 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-11 22:42:27 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-11 22:42:27 ----A---- C:\Windows\system32\drivers\sym_u3.sys.bak
2014-01-11 22:42:27 ----A---- C:\Windows\system32\drivers\sym_hi.sys.bak
2014-01-11 22:42:26 ----A---- C:\Windows\system32\drivers\symc8xx.sys.bak
2014-01-11 22:42:26 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-11 22:42:26 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-11 22:42:26 ----A---- C:\Windows\system32\drivers\Storport.sys.bak
2014-01-11 22:42:25 ----A---- C:\Windows\system32\drivers\StarOpen.sys.bak
2014-01-11 22:42:25 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-11 22:42:25 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-11 22:42:25 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-11 22:42:24 ----A---- C:\Windows\system32\drivers\SRS_PremiumSound_i386.sys.bak
2014-01-11 22:42:24 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-11 22:42:24 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-11 22:42:23 ----A---- C:\Windows\system32\drivers\snp2uvc.sys.bak
2014-01-11 22:42:23 ----A---- C:\Windows\system32\drivers\sncduvc.sys.bak
2014-01-11 22:42:22 ----A---- C:\Windows\system32\drivers\smserial.sys.bak
2014-01-11 22:42:22 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-11 22:42:22 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-11 22:42:22 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-11 22:42:21 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-11 22:42:21 ----A---- C:\Windows\system32\drivers\SISAGP.SYS.bak
2014-01-11 22:42:20 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-11 22:42:20 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-11 22:42:20 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-11 22:42:20 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-11 22:42:20 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-11 22:42:19 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-11 22:42:19 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-11 22:42:19 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-11 22:42:19 ----A---- C:\Windows\system32\drivers\sdbus.sys.bak
2014-01-11 22:42:19 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-11 22:42:18 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-11 22:42:18 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-11 22:42:18 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-11 22:42:17 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-11 22:42:17 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-11 22:42:17 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-11 22:42:17 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-11 22:42:16 ----A---- C:\Windows\system32\drivers\rdpdr.sys.bak
2014-01-11 22:42:16 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-11 22:42:16 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-11 22:42:16 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-11 22:42:15 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-11 22:42:15 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-11 22:42:15 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-11 22:42:15 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-11 22:42:14 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-11 22:42:14 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-11 22:42:13 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-11 22:42:13 ----A---- C:\Windows\system32\drivers\pxhelp20.sys.bak
2014-01-11 22:42:13 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-11 22:42:12 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-11 22:42:12 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-11 22:42:12 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-11 22:42:11 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-11 22:42:11 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-11 22:42:11 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-11 22:42:10 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys.bak
2014-01-11 22:42:10 ----A---- C:\Windows\system32\drivers\parvdm.sys.bak
2014-01-11 22:42:10 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-11 22:42:09 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-11 22:42:09 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-11 22:42:08 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-11 22:42:08 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-11 22:42:07 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-11 22:42:07 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-11 22:42:07 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-11 22:42:06 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-11 22:42:06 ----A---- C:\Windows\system32\drivers\ntrigdigi.sys.bak
2014-01-11 22:42:05 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-11 22:42:05 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-11 22:42:05 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-11 22:42:05 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-11 22:42:04 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-11 22:42:04 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-11 22:42:04 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-11 22:42:03 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-11 22:42:03 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-11 22:42:03 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-11 22:42:03 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-11 22:42:02 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-11 22:42:02 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-11 22:42:02 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-11 22:42:02 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-11 22:42:00 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-11 22:42:00 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-11 22:42:00 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-11 22:41:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-11 22:41:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-11 22:41:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-11 22:41:58 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-11 22:41:58 ----A---- C:\Windows\system32\drivers\Mraid35x.sys.bak
2014-01-11 22:41:58 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-11 22:41:57 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-11 22:41:57 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-11 22:41:57 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-11 22:41:57 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-11 22:41:57 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-11 22:41:56 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-11 22:41:56 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-11 22:41:56 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-11 22:41:56 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\lullaby.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-11 22:41:55 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-11 22:41:54 ----A---- C:\Windows\system32\drivers\L1E60x86.sys.bak
2014-01-11 22:41:54 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-11 22:41:54 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-11 22:41:54 ----A---- C:\Windows\system32\drivers\kbfiltr.sys.bak
2014-01-11 22:41:54 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-11 22:41:53 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-11 22:41:53 ----A---- C:\Windows\system32\drivers\iteraid.sys.bak
2014-01-11 22:41:53 ----A---- C:\Windows\system32\drivers\iteatapi.sys.bak
2014-01-11 22:41:53 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-11 22:41:52 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-11 22:41:52 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-11 22:41:52 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-11 22:41:52 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-11 22:41:51 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-11 22:41:51 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-11 22:41:51 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-11 22:41:50 ----A---- C:\Windows\system32\drivers\imagesrv.sys.bak
2014-01-11 22:41:50 ----A---- C:\Windows\system32\drivers\imagedrv.sys.bak
2014-01-11 22:41:48 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-11 22:41:48 ----A---- C:\Windows\system32\drivers\igdkmd32.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\i2omp.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\i2omgmt.sys.bak
2014-01-11 22:41:47 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\HpCISSs.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-11 22:41:46 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\fssfltr.sys.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-11 22:41:45 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-11 22:41:44 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-11 22:41:44 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-11 22:41:44 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-11 22:41:44 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-11 22:41:44 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-11 22:41:43 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-11 22:41:43 ----A---- C:\Windows\system32\drivers\ETD.sys.bak
2014-01-11 22:41:43 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-11 22:41:43 ----A---- C:\Windows\system32\drivers\eRootDrv.sys.bak
2014-01-11 22:41:43 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\ecache.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\E1G60I32.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-11 22:41:42 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\Dot4usb.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\Dot4Prt.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\Dot4.sys.bak
2014-01-11 22:41:41 ----A---- C:\Windows\system32\drivers\djsvs.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\crusoe.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\CRFILTER.sys.bak
2014-01-11 22:41:40 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-11 22:41:39 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-11 22:41:38 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-11 22:41:38 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-11 22:41:38 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-11 22:41:38 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-11 22:41:37 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-11 22:41:37 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-11 22:41:37 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-11 22:41:37 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-11 22:41:36 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-11 22:41:36 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-11 22:41:36 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-11 22:41:36 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-11 22:41:36 ----A---- C:\Windows\system32\drivers\bdasup.sys.bak
2014-01-11 22:41:35 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-11 22:41:35 ----A---- C:\Windows\system32\drivers\ATKACPI.sys.bak
2014-01-11 22:41:35 ----A---- C:\Windows\system32\drivers\athr.sys.bak
2014-01-11 22:41:34 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-11 22:41:34 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-11 22:41:34 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-11 22:41:34 ----A---- C:\Windows\system32\drivers\AsDsm.sys.bak
2014-01-11 22:41:34 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\amdk7.sys.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\AMDAGP.SYS.bak
2014-01-11 22:41:33 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-11 22:41:32 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-11 22:41:32 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-11 22:41:32 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-11 22:41:32 ----A---- C:\Windows\system32\drivers\adpu160m.sys.bak
2014-01-11 22:41:32 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-11 22:41:31 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-11 22:41:31 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-11 22:41:31 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-11 22:38:25 ----ASH---- C:\hiberfil.sys
2014-01-11 20:50:14 ----D---- C:\AdwCleaner
2014-01-11 20:31:58 ----D---- C:\Windows\temp
2014-01-11 20:31:56 ----A---- C:\ComboFix.txt
2014-01-11 20:27:43 ----D---- C:\$RECYCLE.BIN
2014-01-11 20:19:01 ----A---- C:\Windows\NIRCMD.exe
2014-01-10 22:57:05 ----D---- C:\Program Files\trend micro
2014-01-10 22:57:04 ----D---- C:\rsit
2014-01-10 20:58:28 ----AD---- C:\Windows\rundll16.exe
2014-01-10 20:58:28 ----AD---- C:\Windows\logo1_.exe
2014-01-10 20:56:03 ----A---- C:\Windows\system32\drivers\eRootDrv.sys
2014-01-10 20:36:31 ----A---- C:\Windows\ntbtlog.txt
2014-01-10 20:32:09 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2014-01-10 20:13:50 ----D---- C:\ProgramData\AVAST Software
2014-01-10 17:15:04 ----D---- C:\OETemp
2014-01-10 15:52:29 ----A---- C:\ProgramData\ntuser.dat
2014-01-09 19:39:01 ----D---- C:\ProgramData\Avira
2014-01-08 17:20:37 ----D---- C:\ProgramData\lVlXn373
2014-01-02 20:55:12 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-01-12 10:02:39 ----D---- C:\Windows\Prefetch
2014-01-12 09:41:20 ----D---- C:\Windows\system32\drivers
2014-01-12 09:04:00 ----A---- C:\Windows\system32\rpcnetp.exe
2014-01-11 23:06:12 ----D---- C:\ProgramData
2014-01-11 23:02:37 ----D---- C:\Windows\System32
2014-01-11 22:38:34 ----A---- C:\Windows\system32\rpcnet.dll
2014-01-11 22:32:12 ----A---- C:\Windows\system32\acovcnt.exe
2014-01-11 22:29:17 ----D---- C:\Windows\system32\Tasks
2014-01-11 22:29:06 ----RD---- C:\Program Files
2014-01-11 20:31:59 ----D---- C:\Qoobox
2014-01-11 20:31:58 ----D---- C:\Windows
2014-01-11 20:27:48 ----A---- C:\Windows\system.ini
2014-01-11 20:27:42 ----D---- C:\Windows\system32\drivers\etc
2014-01-11 20:26:53 ----D---- C:\Windows\ERDNT
2014-01-11 20:24:18 ----D---- C:\Windows\AppPatch
2014-01-11 20:24:17 ----D---- C:\Program Files\Common Files
2014-01-11 12:56:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-11 01:02:32 ----D---- C:\Windows\SoftwareDistribution
2014-01-11 00:47:12 ----D---- C:\Windows\Tasks
2014-01-11 00:45:00 ----D---- C:\ProgramData\Local Settings
2014-01-11 00:25:05 ----D---- C:\Windows\LiveKernelReports
2014-01-10 20:38:20 ----D---- C:\Windows\system32\catroot2
2014-01-10 20:13:01 ----D---- C:\Windows\inf
2014-01-10 17:31:04 ----D---- C:\Windows\system32\catroot
2014-01-10 15:59:41 ----SHD---- C:\Windows\Installer
2014-01-10 15:59:38 ----D---- C:\Config.Msi
2014-01-10 15:52:28 ----SHD---- C:\System Volume Information
2014-01-10 15:49:46 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-01-09 23:54:32 ----D---- C:\Windows\system32\config
2014-01-09 20:37:05 ----D---- C:\Windows\Speech
2014-01-09 19:20:06 ----D---- C:\Windows\Debug
2014-01-09 17:28:39 ----D---- C:\Users\Dida\AppData\Roaming\Winamp
2014-01-05 10:56:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcr80.dll
2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcp80.dll
2013-12-25 09:03:02 ----A---- C:\Windows\system32\msvcm80.dll
2013-12-21 13:02:12 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-07-27 30264]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R1 VD_FileDisk;VD_FileDisk; C:\Windows\system32\drivers\VD_FileDisk.sys [2011-01-26 24680]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-12-24 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-01-14 230952]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-03-20 984064]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 eRootDrv;eRootDrv; C:\Windows\System32\DRIVERS\eRootDrv.sys [2013-07-02 28136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-09 55264]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 TrueSight;TrueSight; \??\ []
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-09-11 343456]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 131000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2012-11-22 58288]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-10 257416]
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-09 533344]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-02 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#44 Příspěvek od **Márty84** » 12 led 2014 10:06

Zkuste nainstalovat Avast free.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

alanida2 · #45 Příspěvek od **alanida2** » 12 led 2014 10:54

tu je polovica z OTL

OTL logfile created on: 12. 1. 2014 10:17:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dida\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,97 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 57,06% Memory free
6,13 Gb Paging File | 4,90 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 38,87 Gb Free Space | 26,08% Space Free | Partition Type: NTFS
Drive D: | 137,32 Gb Total Space | 126,21 Gb Free Space | 91,91% Space Free | Partition Type: NTFS

Computer Name: DIDA-PC | User Name: Dida | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/12 10:15:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dida\Desktop\OTL.exe
PRC - [2014/01/12 09:41:16 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dida\Desktop\tdsskiller.exe
PRC - [2013/07/08 16:27:40 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/22 17:58:04 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.exe
PRC - [2009/07/27 17:43:21 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009/04/11 07:27:20 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/03/23 07:52:13 | 017,149,952 | ---- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
PRC - [2009/03/21 04:37:18 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/03/18 23:54:58 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009/03/06 12:44:49 | 000,424,352 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009/03/04 18:26:24 | 008,392,704 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/02/07 00:13:16 | 001,593,344 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2008/12/29 18:21:02 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/12/09 23:00:58 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008/11/27 03:54:00 | 000,211,512 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008/10/01 07:02:48 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008/09/30 23:17:32 | 000,237,568 | ---- | M] (AlcorMicro Co., Ltd.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2008/08/18 19:27:32 | 000,117,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2008/08/18 18:56:22 | 000,098,304 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2008/08/14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/08/14 04:59:52 | 000,100,920 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/08/14 00:21:56 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008/07/19 03:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/04/01 07:09:30 | 000,266,240 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2005/07/06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe

========== Modules (No Company Name) ==========

MOD - [2013/07/08 16:27:46 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2013/07/08 16:27:46 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013/07/08 16:27:46 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013/07/08 16:27:46 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013/07/08 16:27:46 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013/07/08 16:27:46 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013/07/08 16:27:46 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013/07/08 16:27:46 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013/07/08 16:27:46 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013/07/08 16:27:46 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013/07/08 16:27:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013/07/08 16:27:46 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2010/03/15 10:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/01/06 10:11:43 | 000,090,112 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\DTS2APOAPI.DLL
MOD - [2008/10/30 23:37:04 | 000,015,360 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2008/08/20 23:49:56 | 000,016,384 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2008/07/19 03:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 17:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008/03/17 10:49:59 | 000,069,632 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QSAPOAPI.DLL
MOD - [2008/02/14 06:56:59 | 000,094,208 | ---- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\VMICAPI.DLL
MOD - [2007/11/30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/11/12 23:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll
MOD - [2007/06/15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/03/10 00:16:52 | 000,106,496 | ---- | M] () -- C:\Program Files\ATKGFNEX\AGFNEX.dll

========== Services (SafeList) ==========

SRV - [2014/01/10 15:49:49 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/02 20:55:24 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/22 17:58:04 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\System32\rpcnet.exe -- (rpcnet)
SRV - [2008/08/14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013/09/11 16:18:52 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/07/02 18:58:37 | 000,028,136 | ---- | M] (MicroWorld Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\eRootDrv.sys -- (eRootDrv)
DRV - [2011/01/26 18:28:20 | 000,024,680 | ---- | M] (CaptainFlint Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)
DRV - [2010/01/29 10:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009/09/05 14:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/05 06:18:22 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2009/07/27 17:40:16 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/03/20 07:21:37 | 000,984,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/02/13 20:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009/01/14 20:51:50 | 000,230,952 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2008/12/24 09:39:43 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008/11/03 08:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008/08/11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008/05/29 17:21:04 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008/05/24 01:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/04/07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2006/11/02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUS

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUS
IE - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BC4A4F5A0-4B89-4392-AFAC-D58010E349AF%7D:5.0.0.7384
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0
FF - prefs.js..extensions.enabledAddons: %7BFB03E2DD-24F9-EC9D-03B1-8B5B4738179C%7D:5.0.0.10781
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dida\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/01/02 20:55:14 | 000,000,000 | ---D | M]

[2014/01/11 00:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dida\AppData\Roaming\mozilla\Extensions
[2014/01/11 22:29:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dida\AppData\Roaming\mozilla\Firefox\Profiles\6jnax4f7.default\extensions
[2014/01/02 20:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/01/02 20:55:13 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/02 20:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/01/02 20:55:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.XPI
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\{FB03E2DD-24F9-EC9D-03B1-8B5B4738179C}
File not found (No name found) -- C:\USERS\DIDA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6JNAX4F7.DEFAULT\EXTENSIONS\2020PLAYER_IKEA@2020TECHNOLOGIES.COM
[2010/12/09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2014/01/11 22:58:09 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-1748391619-1199234601-265589567-1000..\Run: [Adrvworks] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1748391619-1199234601-265589567-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1748391619-1199234601-265589567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67C71A8C-38D1-4ABE-9A8C-945C3877002E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DDD432D5-0BAF-4FEF-BA27-988A4EBF723B}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dida\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dida\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta programu Windows Fotogaléria.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - File not found
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/01/12 10:15:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dida\Desktop\OTL.exe
[2014/01/12 09:41:12 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dida\Desktop\tdsskiller.exe
[2014/01/11 23:06:12 | 000,104,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/01/11 23:06:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/11 23:04:50 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/11 23:04:47 | 000,000,000 | ---D | C] -- C:\Users\Dida\Desktop\mbar
[2014/01/11 23:04:05 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Dida\Desktop\mbar-1.07.0.1008.exe
[2014/01/11 22:42:42 | 000,017,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/11 22:42:41 | 000,131,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys.bak
[2014/01/11 22:42:41 | 000,035,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/11 22:42:41 | 000,011,520 | ---- | C] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/11 22:42:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/11 22:42:39 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/11 22:42:38 | 000,984,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viahduaa.sys.bak
[2014/01/11 22:42:37 | 000,024,680 | ---- | C] (CaptainFlint Software) -- C:\Windows\System32\drivers\vd_filedisk.sys.bak
[2014/01/11 22:42:35 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/11 22:42:34 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/11 22:42:34 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/11 22:42:33 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/11 22:42:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/11 22:42:30 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys.bak
[2014/01/11 22:42:28 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/11 22:42:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/11 22:42:26 | 000,122,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/11 22:42:26 | 000,052,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/11 22:42:24 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/11 22:42:22 | 001,010,560 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys.bak
[2014/01/11 22:42:22 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/11 22:42:19 | 000,142,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/11 22:42:17 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/11 22:42:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/11 22:42:12 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/11 22:42:11 | 000,045,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/11 22:42:10 | 000,021,632 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys.bak
[2014/01/11 22:42:04 | 000,223,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/11 22:41:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/11 22:41:55 | 000,015,416 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\lullaby.sys.bak
[2014/01/11 22:41:54 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/11 22:41:54 | 000,048,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1E60x86.sys.bak
[2014/01/11 22:41:50 | 000,125,184 | ---- | C] (Ahead Software AG) -- C:\Windows\System32\drivers\imagesrv.sys.bak
[2014/01/11 22:41:50 | 000,005,504 | ---- | C] (Ahead Software AG) -- C:\Windows\System32\drivers\imagedrv.sys.bak
[2014/01/11 22:41:46 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/11 22:41:46 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/11 22:41:45 | 000,099,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/11 22:41:43 | 000,028,136 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\drivers\eRootDrv.sys.bak
[2014/01/11 22:41:42 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/11 22:41:42 | 000,027,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/11 22:41:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/11 22:41:41 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/11 22:41:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/11 22:41:40 | 000,006,656 | ---- | C] (Generic) -- C:\Windows\System32\drivers\CRFILTER.sys.bak
[2014/01/11 22:41:39 | 000,125,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/11 22:41:39 | 000,035,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/11 22:41:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/11 22:41:35 | 001,183,744 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys.bak
[2014/01/11 22:41:35 | 000,028,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/11 22:41:35 | 000,014,392 | ---- | C] (ATK0100) -- C:\Windows\System32\drivers\ATKACPI.sys.bak
[2014/01/11 22:41:34 | 000,109,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/11 22:41:34 | 000,030,264 | ---- | C] (ASUSTek Computer Inc) -- C:\Windows\System32\drivers\AsDsm.sys.bak
[2014/01/11 22:41:31 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/11 22:39:42 | 000,000,000 | ---D | C] -- C:\Users\Dida\Desktop\RK_Quarantine
[2014/01/11 20:50:14 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/11 20:31:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/11 20:27:43 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/01/11 20:19:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/11 19:52:24 | 000,000,000 | ---D | C] -- C:\Users\Dida\Desktop\plocha
[2014/01/11 00:30:42 | 005,162,489 | R--- | C] (Swearware) -- C:\Users\Dida\Documents\ComboFix.exe
[2014/01/10 22:57:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/10 22:57:04 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/10 20:58:28 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2014/01/10 20:58:28 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2014/01/10 20:56:56 | 003,705,940 | ---- | C] (AVAST Software) -- C:\Users\Dida\Documents\avast_free_antivirus_setup_online.exe
[2014/01/10 20:56:03 | 000,028,136 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\drivers\eRootDrv.sys
[2014/01/10 20:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2014/01/10 20:24:33 | 221,425,472 | ---- | C] (Kaspersky Lab) -- C:\Users\Dida\Documents\kav14.0.0.4651en_5447_trial.exe
[2014/01/10 20:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/10 17:15:04 | 000,000,000 | ---D | C] -- C:\OETemp
[2014/01/10 16:17:07 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Dida\Documents\mbam-setup-1.75.0.1300.exe
[2014/01/09 19:39:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/01/08 17:25:59 | 000,000,000 | ---D | C] -- C:\Users\Dida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Guard Protection
[2014/01/08 17:23:35 | 000,000,000 | ---D | C] -- C:\Users\Dida\AppData\Local\Adrvworks
[2014/01/08 17:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\lVlXn373
[2014/01/03 14:10:37 | 000,000,000 | ---D | C] -- C:\Users\Dida\Desktop\dida obrázky
[2014/01/02 20:55:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/12/26 10:20:44 | 000,000,000 | ---D | C] -- C:\Users\Dida\Desktop\100 rokov
[1 C:\Users\Dida\Desktop\*.tmp files -> C:\Users\Dida\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Users\Dida\Documents\Electro & House Dance Club Mix N Electro & House Dance Club Mix e Electro & House Dance Club Mix w Electro & House Dance Club Mix Electro & House Dance Club Mix B Electro & House Dance Club Mix e Electro & House Dance Club Mix s Ele.mp3
File not found -- C:\Users\Dida\Documents\Electro & House Dance Club Mix N Electro & House Dance Club Mix e Electro & House Dance Club Mix w Electro & House Dance Club Mix Electro & House Dance Club Mix B Electro & House Dance Club Mix e Electro & House Dance Club Mix s Ele.aac
[2014/01/12 10:19:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/12 10:15:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dida\Desktop\OTL.exe
[2014/01/12 10:01:47 | 000,781,383 | ---- | M] () -- C:\Users\Dida\Desktop\RSIT.exe
[2014/01/12 09:48:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/12 09:41:16 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dida\Desktop\tdsskiller.exe
[2014/01/12 09:04:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/12 09:04:00 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe
[2014/01/12 09:03:59 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/12 09:03:59 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/11 23:06:12 | 000,104,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/01/11 23:04:50 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/01/11 23:04:23 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Dida\Desktop\mbar-1.07.0.1008.exe
[2014/01/11 22:58:09 | 000,000,741 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/11 22:56:11 | 000,131,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys.bak
[2014/01/11 22:56:11 | 000,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmilib.sys.bak
[2014/01/11 22:56:10 | 000,035,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys.bak
[2014/01/11 22:56:10 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys.bak
[2014/01/11 22:56:10 | 000,011,520 | ---- | M] (Western Digital Technologies) -- C:\Windows\System32\drivers\wdcsam.sys.bak
[2014/01/11 22:56:09 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\videoprt.sys.bak
[2014/01/11 22:56:08 | 000,984,064 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viahduaa.sys.bak
[2014/01/11 22:56:08 | 000,024,680 | ---- | M] (CaptainFlint Software) -- C:\Windows\System32\drivers\vd_filedisk.sys.bak
[2014/01/11 22:56:07 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys.bak
[2014/01/11 22:56:06 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys.bak
[2014/01/11 22:56:06 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys.bak
[2014/01/11 22:56:06 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys.bak
[2014/01/11 22:56:05 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys.bak
[2014/01/11 22:56:04 | 000,343,456 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys.bak
[2014/01/11 22:56:03 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tape.sys.bak
[2014/01/11 22:56:03 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys.bak
[2014/01/11 22:56:02 | 000,122,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Storport.sys.bak
[2014/01/11 22:56:02 | 000,052,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\stream.sys.bak
[2014/01/11 22:56:02 | 000,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys.bak
[2014/01/11 22:56:01 | 000,684,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spsys.sys.bak
[2014/01/11 22:56:01 | 000,230,952 | ---- | M] () -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys.bak
[2014/01/11 22:56:00 | 001,752,704 | ---- | M] () -- C:\Windows\System32\drivers\snp2uvc.sys.bak
[2014/01/11 22:56:00 | 000,028,672 | ---- | M] () -- C:\Windows\System32\drivers\sncduvc.sys.bak
[2014/01/11 22:55:59 | 001,010,560 | ---- | M] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys.bak
[2014/01/11 22:55:59 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smclib.sys.bak
[2014/01/11 22:55:57 | 000,142,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys.bak
[2014/01/11 22:55:57 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys.bak
[2014/01/11 22:55:57 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys.bak
[2014/01/11 22:55:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys.bak
[2014/01/11 22:55:53 | 000,045,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pciidex.sys.bak
[2014/01/11 22:55:53 | 000,021,632 | ---- | M] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys.bak
[2014/01/11 22:55:50 | 000,223,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys.bak
[2014/01/11 22:55:46 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mcd.sys.bak
[2014/01/11 22:55:46 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\lullaby.sys.bak
[2014/01/11 22:55:45 | 000,048,640 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1E60x86.sys.bak
[2014/01/11 22:55:44 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys.bak
[2014/01/11 22:55:44 | 000,013,880 | ---- | M] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys.bak
[2014/01/11 22:55:42 | 000,125,184 | ---- | M] (Ahead Software AG) -- C:\Windows\System32\drivers\imagesrv.sys.bak
[2014/01/11 22:55:42 | 000,005,504 | ---- | M] (Ahead Software AG) -- C:\Windows\System32\drivers\imagedrv.sys.bak
[2014/01/11 22:55:37 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys.bak
[2014/01/11 22:55:37 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys.bak
[2014/01/11 22:55:36 | 000,099,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS.bak
[2014/01/11 22:55:35 | 000,028,136 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\drivers\eRootDrv.sys.bak
[2014/01/11 22:55:34 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxg.sys.bak
[2014/01/11 22:55:34 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxapi.sys.bak
[2014/01/11 22:55:33 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys.bak
[2014/01/11 22:55:33 | 000,027,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Dumpata.sys.bak
[2014/01/11 22:55:33 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys.bak
[2014/01/11 22:55:32 | 000,035,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crashdmp.sys.bak
[2014/01/11 22:55:32 | 000,006,656 | ---- | M] (Generic) -- C:\Windows\System32\drivers\CRFILTER.sys.bak
[2014/01/11 22:55:31 | 000,125,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Classpnp.sys.bak
[2014/01/11 22:55:29 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys.bak
[2014/01/11 22:55:29 | 000,028,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\battc.sys.bak
[2014/01/11 22:55:29 | 000,014,392 | ---- | M] (ATK0100) -- C:\Windows\System32\drivers\ATKACPI.sys.bak
[2014/01/11 22:55:29 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bdasup.sys.bak
[2014/01/11 22:55:28 | 000,109,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys.bak
[2014/01/11 22:55:28 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) -- C:\Windows\System32\drivers\AsDsm.sys.bak
[2014/01/11 22:55:26 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394bus.sys.bak
[2014/01/11 22:38:34 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\rpcnet.dll
[2014/01/11 22:38:25 | 3184,615,424 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/11 22:37:32 | 003,810,304 | ---- | M] () -- C:\Users\Dida\Desktop\RogueKiller.exe
[2014/01/11 22:32:12 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2014/01/11 20:49:37 | 001,233,962 | ---- | M] () -- C:\Users\Dida\Desktop\adwcleaner.exe
[2014/01/11 12:46:25 | 000,001,249 | ---- | M] () -- C:\Users\Dida\Desktop\ComboFix - odkaz.lnk
[2014/01/11 00:31:01 | 005,162,489 | R--- | M] (Swearware) -- C:\Users\Dida\Documents\ComboFix.exe
[2014/01/10 23:14:23 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Dida\Documents\mbam-setup-1.75.0.1300.exe
[2014/01/10 22:55:26 | 000,781,383 | ---- | M] () -- C:\Users\Dida\Documents\RSIT.exe
[2014/01/10 20:57:03 | 003,705,940 | ---- | M] (AVAST Software) -- C:\Users\Dida\Documents\avast_free_antivirus_setup_online.exe
[2014/01/10 20:55:38 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2014/01/10 20:54:01 | 197,963,056 | ---- | M] () -- C:\Users\Dida\Documents\mwav.exe
[2014/01/10 20:32:14 | 000,001,356 | ---- | M] () -- C:\Users\Dida\AppData\Local\d3d9caps.dat
[2014/01/10 20:31:45 | 221,425,472 | ---- | M] (Kaspersky Lab) -- C:\Users\Dida\Documents\kav14.0.0.4651en_5447_trial.exe
[2014/01/10 15:49:46 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/01/10 15:49:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/01/09 17:35:15 | 197,963,056 | ---- | M] () -- C:\Users\Dida\Desktop\mwav.exe
[2014/01/06 10:12:37 | 000,225,280 | ---- | M] () -- C:\Users\Dida\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/25 09:03:02 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2013/12/25 09:03:02 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2013/12/25 09:03:02 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcm80.dll
[2013/12/21 13:13:27 | 017,305,688 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2013/12/21 13:02:12 | 000,603,594 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/21 13:02:12 | 000,109,416 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Users\Dida\Desktop\*.tmp files -> C:\Users\Dida\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Users\Dida\Documents\Electro & House Dance Club Mix N Electro & House Dance Club Mix e Electro & House Dance Club Mix w Electro & House Dance Club Mix Electro & House Dance Club Mix B Electro & House Dance Club Mix e Electro & House Dance Club Mix s Ele.mp3
File not found -- C:\Users\Dida\Documents\Electro & House Dance Club Mix N Electro & House Dance Club Mix e Electro & House Dance Club Mix w Electro & House Dance Club Mix Electro & House Dance Club Mix B Electro & House Dance Club Mix e Electro & House Dance Club Mix s Ele.aac
[2014/01/12 10:19:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/12 10:01:47 | 000,781,383 | ---- | C] () -- C:\Users\Dida\Desktop\RSIT.exe
[2014/01/11 22:42:25 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys.bak
[2014/01/11 22:42:24 | 000,230,952 | ---- | C] () -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys.bak
[2014/01/11 22:42:23 | 001,752,704 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys.bak
[2014/01/11 22:42:23 | 000,028,672 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys.bak
[2014/01/11 22:41:54 | 000,013,880 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys.bak
[2014/01/11 22:38:25 | 3184,615,424 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/11 22:37:24 | 003,810,304 | ---- | C] () -- C:\Users\Dida\Desktop\RogueKiller.exe
[2014/01/11 20:49:37 | 001,233,962 | ---- | C] () -- C:\Users\Dida\Desktop\adwcleaner.exe
[2014/01/11 12:46:00 | 000,001,249 | ---- | C] () -- C:\Users\Dida\Desktop\ComboFix - odkaz.lnk
[2014/01/10 22:55:26 | 000,781,383 | ---- | C] () -- C:\Users\Dida\Documents\RSIT.exe
[2014/01/10 20:48:19 | 197,963,056 | ---- | C] () -- C:\Users\Dida\Documents\mwav.exe
[2013/12/21 13:12:21 | 017,305,688 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2013/03/25 18:21:13 | 000,157,324 | ---- | C] () -- C:\Windows\hpoins27.dat
[2013/01/23 13:31:37 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012/06/05 14:44:32 | 000,001,356 | ---- | C] () -- C:\Users\Dida\AppData\Local\d3d9caps.dat
[2012/03/22 20:17:45 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2012/03/22 20:17:45 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/12/11 19:27:09 | 000,000,304 | ---- | C] () -- C:\ProgramData\~nCFDo9OyaErAE1
[2011/12/11 19:27:09 | 000,000,224 | ---- | C] () -- C:\ProgramData\~nCFDo9OyaErAE1r
[2011/12/11 19:27:02 | 000,000,432 | ---- | C] () -- C:\ProgramData\nCFDo9OyaErAE1
[2011/08/08 14:38:11 | 000,225,280 | ---- | C] () -- C:\Users\Dida\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/23 21:36:14 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008/05/22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 17:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/08/08 14:45:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\ACD Systems
[2011/08/10 15:34:29 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Argonyt
[2013/03/06 07:49:27 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\foobar2000
[2011/12/17 11:49:20 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\GlarySoft
[2011/08/08 14:39:42 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\HEXelon
[2012/05/12 20:07:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\ICQ
[2012/01/15 19:14:01 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\My Battle for Middle-earth Files
[2011/08/08 14:53:44 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Opera
[2012/03/22 20:37:41 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\PC Suite
[2013/08/26 18:22:10 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Samsung
[2011/08/24 11:22:23 | 000,000,000 | ---D | M] -- C:\Users\Dida\AppData\Roaming\Unity

========== Purity Check ==========

========== Custom Scans ==========

< >
[2006/11/02 14:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 14:01:49 | 000,032,570 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/06/21 16:12:01 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\System32\autochk.exe
[2009/04/11 07:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe

< MD5 for: CDROM.SYS >
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008/01/21 03:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\System32\cryptsvc.dll
[2009/04/11 07:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/27 17:05:26 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/07/27 17:05:25 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/07/27 17:05:25 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/07/27 17:05:26 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2009/04/11 07:32:46 | 000,177,128 | ---- | M] (Microsoft Corporation) MD5=B8D52005181A15D7D1470CBF2AF214DD -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2009/02/11 10:11:49 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009/02/11 10:11:49 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006/11/02 10:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\isapnp.sys
[2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008/01/21 03:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/06/15 13:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009/09/10 15:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\ERDNT\cache\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\System32\lsass.exe
[2009/06/15 13:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009/07/27 17:16:58 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009/06/15 14:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009/06/15 13:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009/07/27 17:16:58 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009/06/15 13:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009/06/15 14:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009/09/09 12:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009/09/10 15:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008/01/21 03:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009/07/27 17:16:58 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\ERDNT\cache\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\System32\drivers\ndis.sys
[2009/04/11 07:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 03:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2009/07/27 16:44:32 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2009/07/27 16:44:32 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

VIRY.CZ

virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?

Re: virus?