Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

"Trojský kůň BackDoor.Generic12.BICR"

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: "Trojský kůň BackDoor.Generic12.BICR"

#16 Příspěvek od Unlimited_Killer »

0K, poslední krok.

1) OTCleaner
  • Stáhněte OTC a dvojklikem ho spusťte.
  • Vyskočí okénko, kde kliknete na 'CleanUp!'.
  • Potvrdíte kliknutím na 'Yes'.
  • Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
2) To je vše
  • Není zač, děkuji za spolupráci a na shledanou. :thumbup: :bye: :closed:
inactive
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#17 Příspěvek od cicerone »

Dobrý den,
opět stejný problém...
"Název objektu";"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe"
"Název objektu";"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe:\AdbeRdr60enu.exe"
Při zadání úkolu odstranit infekce hlásí
"Přesouvaný objekt je větší povolená velikost archivu." a nabídne cestu k souboru.

Vzhledem ke možným změnám v nastavení počítače přikládám nový RSIT log:


Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2010-09-19 13:21:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (33%) free of 36 GB
Total RAM: 958 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:22:48, on 19.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
D:\Program Files\FileHippo.com\UpdateChecker.exe
D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\download\RSIT_001.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe -a
O4 - HKCU\..\Run: [PlaxoSysTray] C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "D:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://download.avg.com
O15 - Trusted Zone: http://www.avg.com
O15 - Trusted Zone: http://download.avg.cz
O15 - Trusted Zone: http://www.czechtourism.com
O15 - Trusted Zone: http://www.czecot.com
O15 - Trusted Zone: download.divx.com
O15 - Trusted Zone: http://www.ieaddons.com
O15 - Trusted Zone: http://www.majorgeeks.com
O15 - Trusted Zone: http://email.seznam.cz
O15 - Trusted Zone: http://www.seznam.cz
O15 - Trusted Zone: http://download.slunecnice.cz
O15 - Trusted Zone: http://www.techspot.com
O15 - Trusted Zone: download.windowsupdate.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://download.zonealarm.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/do ... se5059.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6325434171
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promot ... r37900.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.teplice.cz/activex/AxisCamControl.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D17CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/sho ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 11772 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-19 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"=SiSPower.dll,ModeAgent []
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 385024]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-08 88363]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2004-09-20 196608]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-09 2048352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PlaxoUpdate"=C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe [2009-10-01 403015]
"PlaxoSysTray"=C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe [2009-10-01 20480]
"FileHippo.com"=D:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\SeaMonkey\seamonkey.exe"="C:\Program Files\SeaMonkey\seamonkey.exe:*:Enabled:SeaMonkey"
"C:\inet_srv\apache\bin\Apache.exe"="C:\inet_srv\apache\bin\Apache.exe:*:Enabled:Apache"
"C:\inet_srv\mysql\bin\mysqld.exe"="C:\inet_srv\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-19 12:50:30 ----A---- C:\ComboFix.txt
2010-09-19 12:37:03 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-19 12:37:03 ----A---- C:\WINDOWS\MBR.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\zip.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWSC.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWREG.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\sed.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\PEV.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\grep.exe
2010-09-19 12:31:44 ----D---- C:\Qoobox
2010-09-19 11:55:30 ----HD---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-19 11:55:22 ----HD---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-19 11:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-19 11:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-19 11:55:03 ----HD---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-19 11:54:47 ----HD---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-19 11:48:26 ----A---- C:\WINDOWS\imsins.BAK
2010-09-19 11:48:22 ----HD---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\java.exe
2010-09-02 15:57:11 ----A---- C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe
2010-09-02 15:57:10 ----D---- C:\Program Files\MyDefrag v4.3.1

======List of files/folders modified in the last 1 months======

2010-09-19 12:46:54 ----A---- C:\WINDOWS\system.ini
2010-09-19 12:38:24 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-19 12:07:22 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-09-19 11:48:42 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-19 11:39:36 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-25 12552]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-25 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-08 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-13 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Safetica;Safetica Encryption Driver; C:\WINDOWS\system32\DRIVERS\safetica.sys [2010-06-28 272536]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 60255]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S2 KeyP;KeyP; C:\WINDOWS\SYSTEM32\DRIVERS\KeyP.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\Pavel\LOCALS~1\Temp\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 mbr;mbr; \??\C:\DOCUME~1\Pavel\LOCALS~1\Temp\mbr.sys []
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-12-23 549421]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-05-15 100032]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-09-19 153376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-15 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-24 545576]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-05-15 2086592]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


a také výsledek z Virus Total:

Virus Total
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
Setup.exe
Submission date:
2010-09-19 11:12:36 (UTC)
Current status:
queued queued analysing finished
Result:
4/ 43 (9.3%)

VT Community

not reviewed
Safety score: -
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.09.19.00 2010.09.18 -
AntiVir 8.2.4.58 2010.09.18 -
Antiy-AVL 2.0.3.7 2010.09.19 Trojan/Win32.Small.gen
Authentium 5.2.0.5 2010.09.18 -
Avast 4.8.1351.0 2010.09.19 -
Avast5 5.0.594.0 2010.09.19 -
AVG 9.0.0.851 2010.09.19 BackDoor.Generic13.CLS
BitDefender 7.2 2010.09.19 -
CAT-QuickHeal 11.00 2010.09.18 -
ClamAV 0.96.2.0-git 2010.09.18 -
Comodo 6128 2010.09.19 -
DrWeb 5.0.2.03300 2010.09.19 -
Emsisoft 5.0.0.37 2010.09.19 -
eSafe 7.0.17.0 2010.09.17 Suspicious File
eTrust-Vet 36.1.7862 2010.09.17 -
F-Prot 4.6.1.107 2010.09.18 -
F-Secure 9.0.15370.0 2010.09.19 -
Fortinet 4.1.143.0 2010.09.19 -
GData 21 2010.09.19 -
Ikarus T3.1.1.88.0 2010.09.19 -
Jiangmin 13.0.900 2010.09.19 -
K7AntiVirus 9.63.2552 2010.09.18 -
Kaspersky 7.0.0.125 2010.09.19 -
McAfee 5.400.0.1158 2010.09.19 -
McAfee-GW-Edition 2010.1C 2010.09.18 -
Microsoft 1.6201 2010.09.19 -
NOD32 5460 2010.09.18 -
Norman 6.06.06 2010.09.19 -
nProtect 2010-09-19.01 2010.09.19 -
Panda 10.0.2.7 2010.09.18 -
PCTools 7.0.3.5 2010.09.19 -
Prevx 3.0 2010.09.19 -
Rising 22.65.05.00 2010.09.18 -
Sophos 4.57.0 2010.09.19 -
Sunbelt 6895 2010.09.19 -
SUPERAntiSpyware 4.40.0.1006 2010.09.19 -
Symantec 20101.1.1.7 2010.09.19 -
TheHacker 6.7.0.0.024 2010.09.19 -
TrendMicro 9.120.0.1004 2010.09.18 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.19 -
VBA32 3.12.14.0 2010.09.17 Rootkit.Win32.Small.aqw
ViRobot 2010.9.18.4048 2010.09.18 -
VirusBuster 12.65.13.0 2010.09.18 -
Additional information
Show all
MD5 : c0674667356a479fa4f31b575a60ed55
SHA1 : 78c7360082f2c8559e8ab1ab19bf42dde55b9a37
SHA256: 7e41a072013f435ebd7c74915d8e92d104074fa95fce6325a5626a19b6c85112
ssdeep: 393216:uZH1W8YliqcyQa9qlhAuiG3Lv23437DpUqkDJdN7ihaMspP8C:wMrI2ubQ43Z4ohaMc8
C
File size : 16294027 bytes
First seen: 2010-05-04 14:15:23
Last seen : 2010-09-19 11:12:36
TrID:
WinRAR Self Extracting archive (87.0%)
UPX compressed Win32 Executable (5.1%)
Win32 EXE Yoda's Crypter (4.4%)
Win32 Executable Generic (1.4%)
Win32 Dynamic Link Library (generic) (1.2%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
packers (F-Prot): UPX, RAR
packers (Kaspersky): UPX, UPX
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1D4D0
timedatestamp....: 0x3CCBD8CE (Sun Apr 28 11:11:10 2002)
machinetype......: 0x14c (I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
UPX0, 0x1000, 0x13000, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
UPX1, 0x14000, 0xA000, 0x9800, 7.88, 0bdbac10a1989332ccbd994f6349d3bb
.rsrc, 0x1E000, 0x2000, 0x1C00, 4.98, a07c18d85866c53f0bded740e6b81683

[[ 7 import(s) ]]
KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
ADVAPI32.DLL: RegCloseKey
COMCTL32.DLL: -
GDI32.DLL: DeleteObject
OLE32.DLL: OleInitialize
SHELL32.DLL: SHGetMalloc
USER32.DLL: SetMenu

VT Community

0

This file has never been reviewed by any VT Community member. Be the first one to comment on it!




předem děkuji za pomoc

Pavel
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#18 Příspěvek od cicerone »

Zatím jsem zkusil jednotlivé kroky podle předcházejícího řešení:

Zde je nový log z ComboFix již po vložení nakopírovaného textu z Notepadu:

ComboFix 10-09-19.02 - Pavel 20.09.2010 10:52:30.5.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.958.292 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pavel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pavel\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\documents and settings\Pavel\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\FOUND.011
c:\program files\Ask.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-20 do 2010-09-20 )))))))))))))))))))))))))))))))
.

2010-09-02 13:57 . 2010-05-21 10:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2010-09-02 13:57 . 2010-05-21 10:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2010-09-02 13:57 . 2010-09-02 13:57 -------- d-----w- c:\program files\MyDefrag v4.3.1

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-19 09:39 . 2010-05-08 08:28 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-18 09:24 . 2010-08-18 09:24 -------- d-----w- c:\program files\TrueSwitch
2010-08-18 09:23 . 2010-08-18 09:23 -------- d-----w- c:\program files\TrueSwitchEasyTransfer
2010-08-17 13:17 . 2004-08-18 18:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-15 11:00 . 2005-03-07 14:44 88006 ----a-w- c:\windows\system32\perfc005.dat
2010-08-15 11:00 . 2005-03-07 14:44 446728 ----a-w- c:\windows\system32\perfh005.dat
2010-08-07 12:25 . 2010-08-07 12:25 -------- d-----w- c:\program files\Investintech.com Inc
2010-08-07 12:25 . 2010-08-07 12:25 -------- d-----w- c:\program files\Common Files\SlimPDFReader
2010-08-05 11:53 . 2010-08-05 11:53 -------- d-----w- c:\program files\Common Files\soft602
2010-07-30 11:59 . 2010-07-30 11:59 11176 ----a-w- c:\windows\TrueProcess.exe
2010-07-22 15:46 . 2004-08-18 18:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-06-30 12:33 . 2004-08-18 18:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 12:27 . 2010-06-28 12:27 272536 ----a-w- c:\windows\system32\drivers\safetica.sys
2010-06-24 12:27 . 2004-08-18 18:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-18 18:00 1851904 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-09-20_08.40.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-20 09:00 . 2010-09-20 09:00 16384 c:\windows\temp\Perflib_Perfdata_160.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlaxoUpdate"="c:\program files\Plaxo\3.23.0.11\PlaxoHelper_en.exe" [2009-10-01 403015]
"PlaxoSysTray"="c:\program files\Plaxo\3.23.0.11\PlaxoSysTray.exe" [2009-10-01 20480]
"FileHippo.com"="d:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SiSPower"="SiSPower.dll" [2005-02-25 49152]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-10-12 315392]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363]
"AdslTaskBar"="stmctrl.dll" [2003-12-03 155648]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-07 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-07 688218]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PCMService"="c:\program files\Arcade\PCMService.exe" [2005-03-09 49152]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"mouseElf"="c:\progra~1\SCROLL~1\MouseElf.EXE" [2004-09-20 196608]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-09 2048352]
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2005-1-4 331776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 10:15 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe"
"BTCentre"=c:\genius\ioCentre4D\gBTMouseTask.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"WireLessMouse"=c:\program files\12025SC Wireless Combo Set\StartAutorun.exe MouseDrv.exe
"WireLessKeyboard"=c:\program files\12025SC Wireless Combo Set\StartAutorun.exe PS2USBKbdDrv.exe
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\TomTom HOME 2\\xulrunner\\TomTomHOMERuntime.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\SeaMonkey\\seamonkey.exe"=
"c:\\inet_srv\\apache\\bin\\Apache.exe"=
"c:\\inet_srv\\mysql\\bin\\mysqld.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\TomTom HOME 2\\xulrunner\\TomTomHOMERuntime.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [16.6.2009 20:48 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [16.6.2009 20:48 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [16.6.2009 20:48 108552]
R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.4.2010 17:30 67656]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [25.6.2009 10:55 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [25.6.2009 10:55 297752]
R2 TomTomHOMEService;TomTomHOMEService;d:\program files\TomTom HOME 2\TomTomHOMEService.exe [24.8.2010 11:38 92008]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [5.11.2006 12:28 6656]
R3 Safetica;Safetica Encryption Driver;c:\windows\system32\drivers\safetica.sys [28.6.2010 14:27 272536]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [14.6.2006 14:32 60255]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [29.8.2006 12:33 24786]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2010 17:52 136176]
S2 KeyP;KeyP;c:\windows\system32\DRIVERS\KeyP.sys --> c:\windows\system32\DRIVERS\KeyP.sys [?]
S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [14.6.2006 14:32 549421]
.
Obsah adresáře 'Naplánované úlohy'

2010-09-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]

2010-09-20 c:\windows\Tasks\GlaryInitialize.job
- d:\program files\Glary Utilities\initialize.exe [2010-04-18 08:32]

2010-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 15:52]

2010-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-15 15:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
Trusted Zone: avg.com\download
Trusted Zone: avg.com\www
Trusted Zone: avg.cz\download
Trusted Zone: czechtourism.com\www
Trusted Zone: czecot.com\www
Trusted Zone: divx.com\download
Trusted Zone: ieaddons.com\www
Trusted Zone: majorgeeks.com\www
Trusted Zone: microsoft.com\support
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\v4.windowsupdate
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: seznam.cz\email
Trusted Zone: seznam.cz\www
Trusted Zone: slunecnice.cz\download
Trusted Zone: techspot.com\www
Trusted Zone: windowsupdate.com\download
Trusted Zone: zonealarm.com\download
DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} - hxxp://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37900.cab
FF - ProfilePath - c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-20 11:01
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-467697230-2095831606-1801553527-1005\Software\Hewlett-Packard\HPDJ Printing System Config\HP PSC 1500 series\Quicksets\B*]
"008"=dword:00000000
"009"=dword:00000000
"010"=dword:00000000
"012"=dword:0000292c
"013"=dword:0000288c
"015"=dword:00000000
"017"=dword:0000283c
"021"=dword:00000000
"022"=dword:00000001
"025"=dword:00000000
"026"=dword:00000000
"028"=dword:000028a4
"031"=dword:000028b8
"033"=dword:00000000
"036"=dword:00000001
"038"=dword:00000000
"042"=dword:00000000
"043"=dword:00000000
"046"=dword:00002955
"049"=dword:00002958
"060"=dword:00000001
"061"=dword:00000000
"062"=dword:00000000
"064"=dword:00000001
"065"=dword:00000000
"067"=dword:00000001
"068"=dword:00000001
"069"=dword:00000000
"072"=dword:00000000
"073"=dword:000028dc
"075"=dword:00002778
"078"=dword:0000290b
"080"=dword:00002711
"082"=dword:0000281b
"083"=dword:00000000
"085"=dword:00000000
"086"=dword:00000000
"087"=dword:00000000
"089"=dword:00000000
"090"=dword:00002778
"091"=dword:00000000
"092"=dword:00000064
"093"=dword:00000064
"096"=dword:00003390
"097"=dword:00000000
"099"=dword:0000290b
"100"=dword:00002711
"151"=dword:00000000
"152"=dword:00000001
"153"=dword:00000000
"154"=dword:00000001
"155"=dword:00000000
"156"=dword:00000000
"173"=dword:00000000
"178"=dword:00000000
"182"=dword:00000001
"185"=dword:00000000
"188"=dword:00000000
"192"=dword:0000100c
"193"=dword:00000000
"194"=dword:00000001
"196"=dword:00000000
"197"=dword:00001004
"199"=dword:00000000
"202"=dword:00000000
"203"=dword:00001008
"205"=dword:00000000
"208"=dword:0000100e
"209"=dword:00000000
"210"=dword:00000001
"212"=dword:00000000
"213"=dword:00001010
"215"=dword:00000000
"218"=dword:00000000
"219"=dword:00001014
"221"=dword:00000000
"227"=dword:00003afe
"229"=dword:0000296e
"230"=dword:00000000
"231"=dword:00000000
"238"=dword:00000000
"239"=dword:00000000
"247"=dword:00000000
"251"=dword:00000000
"255"=dword:00000000
"259"=dword:00000000
"263"=dword:00000000
"267"=dword:00000000
"271"=dword:00000000
"293"=dword:00002990
"Watermarks"=hex:00,00,01,01,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ID"=dword:4b706f3e
"Order"=dword:00000008
"AllowDelete"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(920)
d:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(1888)
c:\program files\Plaxo\3.23.0.11\plx_hook.dll
c:\program files\CyberLink\Shared Files\CLRCEngine.dll
c:\windows\system32\WhoRU.dll
c:\program files\Scroll Mouse\emhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\acer\eManager\anbmServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\Rundll32.exe
c:\windows\AGRSMMSG.exe
c:\windows\system32\rundll32.exe
c:\windows\mHotkey.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Scroll Mouse\EMouse.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Symantec\LiveUpdate\AUpdate.exe
c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-09-20 11:05:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-20 09:05
ComboFix2.txt 2010-09-20 08:43
ComboFix3.txt 2010-09-19 10:50

Před spuštěním: Volných bajtů: 12 707 921 920
Po spuštění: Volných bajtů: 12 682 461 184

- - End Of File - - BD7DB3B3D5AF67A44BB194A70EA2BEF0



Zde je cesta k VirusTotal:
http://www.virustotal.com/file-scan/rep ... 1284974106#

s tímto výsledkem

Antivirus Version Last update Result
AhnLab-V3 2010.09.20.00 2010.09.20 -
AntiVir 8.2.4.58 2010.09.20 -
Antiy-AVL 2.0.3.7 2010.09.20 Trojan/Win32.Small.gen
Authentium 5.2.0.5 2010.09.20 -
Avast 4.8.1351.0 2010.09.19 -
Avast5 5.0.594.0 2010.09.19 -
AVG 9.0.0.851 2010.09.19 BackDoor.Generic13.CLS
BitDefender 7.2 2010.09.20 -
CAT-QuickHeal 11.00 2010.09.20 -
ClamAV 0.96.2.0-git 2010.09.20 -
Comodo 6140 2010.09.20 -
DrWeb 5.0.2.03300 2010.09.20 -
Emsisoft 5.0.0.37 2010.09.20 -
eSafe 7.0.17.0 2010.09.17 Suspicious File
eTrust-Vet 36.1.7862 2010.09.17 -
F-Prot 4.6.2.117 2010.09.19 -
F-Secure 9.0.15370.0 2010.09.20 -
Fortinet 4.1.143.0 2010.09.20 -
GData 21 2010.09.20 -
Ikarus T3.1.1.88.0 2010.09.20 -
Jiangmin 13.0.900 2010.09.20 -
K7AntiVirus 9.63.2552 2010.09.18 -
Kaspersky 7.0.0.125 2010.09.20 -
McAfee 5.400.0.1158 2010.09.20 -
McAfee-GW-Edition 2010.1C 2010.09.20 -
Microsoft 1.6201 2010.09.20 -
NOD32 5463 2010.09.20 -
Norman 6.06.06 2010.09.20 -
nProtect 2010-09-20.02 2010.09.20 -
Panda 10.0.2.7 2010.09.19 -
PCTools 7.0.3.5 2010.09.20 -
Prevx 3.0 2010.09.20 -
Rising 22.66.00.01 2010.09.20 -
Sophos 4.57.0 2010.09.20 -
Sunbelt 6898 2010.09.20 -
SUPERAntiSpyware 4.40.0.1006 2010.09.20 -
Symantec 20101.1.1.7 2010.09.20 -
TheHacker 6.7.0.0.025 2010.09.20 -
TrendMicro 9.120.0.1004 2010.09.19 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.20 -
VBA32 3.12.14.0 2010.09.20 Rootkit.Win32.Small.aqw
ViRobot 2010.9.20.4051 2010.09.20 -
VirusBuster 12.65.14.0 2010.09.19 -
MD5: c0674667356a479fa4f31b575a60ed55
SHA1: 78c7360082f2c8559e8ab1ab19bf42dde55b9a37
SHA256: 7e41a072013f435ebd7c74915d8e92d104074fa95fce6325a5626a19b6c85112
File size: 16294027 bytes
Scan date: 2010-09-20 09:15:06 (UTC)

Zde je nový log z OTM:

All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP210.tmp folder moved successfully.
C:\WINDOWS\temp\57731a20-4a89-478e-aa34-6bf5f9780821.tmp moved successfully.
C:\WINDOWS\temp\810ab068-f51e-42cb-a8b9-bc7b9534c340.tmp moved successfully.
C:\WINDOWS\temp\b2941bf0-6793-49a3-908d-7c6c949eaee7.tmp moved successfully.
Unable to delete ADS C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe:\AdbeRdr60enu.exe .
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 888 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Pavel
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 5718268 bytes
->Java cache emptied: 2023 bytes
->FireFox cache emptied: 82251000 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 642 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 800 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 84,00 mb


OTM by OldTimer - Version 3.1.12.0 log created on 09202010_113814

Files moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic13.BICR"

#19 Příspěvek od cicerone »

Zde je nový RSIT log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2010-09-20 11:56:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (33%) free of 36 GB
Total RAM: 958 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:35, on 20.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\SCROLL~1\MouseElf.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
D:\Program Files\FileHippo.com\UpdateChecker.exe
D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
D:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Scroll Mouse\EMouse.exe
C:\WINDOWS\system32\sistray.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Pavel\Plocha\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe -a
O4 - HKCU\..\Run: [PlaxoSysTray] C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "D:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://download.avg.com
O15 - Trusted Zone: http://www.avg.com
O15 - Trusted Zone: http://download.avg.cz
O15 - Trusted Zone: http://www.czechtourism.com
O15 - Trusted Zone: http://www.czecot.com
O15 - Trusted Zone: download.divx.com
O15 - Trusted Zone: http://www.ieaddons.com
O15 - Trusted Zone: http://www.majorgeeks.com
O15 - Trusted Zone: http://email.seznam.cz
O15 - Trusted Zone: http://www.seznam.cz
O15 - Trusted Zone: http://download.slunecnice.cz
O15 - Trusted Zone: http://www.techspot.com
O15 - Trusted Zone: download.windowsupdate.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://download.zonealarm.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/do ... se5059.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6325434171
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promot ... r37900.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.teplice.cz/activex/AxisCamControl.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D17CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/sho ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 11385 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-19 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"=SiSPower.dll,ModeAgent []
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 385024]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-08 88363]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2004-09-20 196608]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-09 2048352]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PlaxoUpdate"=C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe [2009-10-01 403015]
"PlaxoSysTray"=C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe [2009-10-01 20480]
"FileHippo.com"=D:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\SeaMonkey\seamonkey.exe"="C:\Program Files\SeaMonkey\seamonkey.exe:*:Enabled:SeaMonkey"
"C:\inet_srv\apache\bin\Apache.exe"="C:\inet_srv\apache\bin\Apache.exe:*:Enabled:Apache"
"C:\inet_srv\mysql\bin\mysqld.exe"="C:\inet_srv\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-20 11:39:06 ----SHD---- C:\Recycled
2010-09-20 11:38:14 ----D---- C:\_OTM
2010-09-20 11:05:46 ----A---- C:\ComboFix.txt
2010-09-20 10:57:49 ----D---- C:\WINDOWS\temp
2010-09-19 12:37:03 ----A---- C:\WINDOWS\NIRCMD.exe
2010-09-19 12:37:03 ----A---- C:\WINDOWS\MBR.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\zip.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWSC.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\SWREG.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\sed.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\PEV.exe
2010-09-19 12:37:02 ----A---- C:\WINDOWS\grep.exe
2010-09-19 12:31:44 ----D---- C:\Qoobox
2010-09-19 11:55:30 ----HD---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-19 11:55:22 ----HD---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-19 11:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-19 11:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-19 11:55:03 ----HD---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-19 11:54:47 ----HD---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-19 11:48:26 ----A---- C:\WINDOWS\imsins.BAK
2010-09-19 11:48:22 ----HD---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\java.exe
2010-09-02 15:57:11 ----A---- C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe
2010-09-02 15:57:10 ----D---- C:\Program Files\MyDefrag v4.3.1

======List of files/folders modified in the last 1 months======

2010-09-20 11:44:38 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-09-20 11:41:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-20 11:00:02 ----A---- C:\WINDOWS\system.ini
2010-09-19 11:48:42 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-19 11:39:36 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-25 12552]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-25 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-08 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-13 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Safetica;Safetica Encryption Driver; C:\WINDOWS\system32\DRIVERS\safetica.sys [2010-06-28 272536]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 60255]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S2 KeyP;KeyP; C:\WINDOWS\SYSTEM32\DRIVERS\KeyP.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-12-23 549421]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-05-15 100032]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-09-19 153376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-15 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-24 545576]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-05-15 2086592]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#20 Příspěvek od cicerone »

Předcházejícím způsobem se mi nepodařilo infekci odstranit:

"Test ""Test z průzkumníku"" byl dokončen."
"Infekce";"2";"0";"2"
"Složky vybrané k testování:";"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe;"
"Test zahájen:";"20. září 2010, 12:14:59"
"Test dokončen:";"20. září 2010, 12:15:04 (5 sekund(a))"
"Celkem otestováno objektů:";"2"
"Uživatel:";"Pavel"

"Infekce"
"Soubor";"Infekce";"Výsledek"
"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe";"Trojský kůň BackDoor.Generic13.CLS";"Infikováno"
"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe:\AdbeRdr60enu.exe";"Trojský kůň BackDoor.Generic13.CLS";"Infikováno"
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: "Trojský kůň BackDoor.Generic12.BICR"

#21 Příspěvek od Unlimited_Killer »

Omlouvám se za zpoždění. :oops:

1) Skript do ComboFix-u
  • Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
  • Do něj vkopírujte následující text:

    Kód: Vybrat vše

    KillAll::

Folder::
C:\WINDOWS\system32\autorun

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-

File::
c:\windows\Tasks\GlaryInitialize.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
Trusted Zone: avg.com\download
Trusted Zone: avg.com\www
Trusted Zone: avg.cz\download
Trusted Zone: czechtourism.com\www
Trusted Zone: czecot.com\www
Trusted Zone: divx.com\download
Trusted Zone: ieaddons.com\www
Trusted Zone: majorgeeks.com\www
Trusted Zone: microsoft.com\support
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\v4.windowsupdate
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: seznam.cz\email
Trusted Zone: seznam.cz\www
Trusted Zone: slunecnice.cz\download
Trusted Zone: techspot.com\www
Trusted Zone: windowsupdate.com\download
Trusted Zone: zonealarm.com\download

RegLock::
[HKEY_USERS\S-1-5-21-467697230-2095831606-1801553527-1005\Software\Hewlett-Packard\HPDJ Printing System Config\HP PSC 1500 series\Quicksets\B*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

Reboot::
  • Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
  • Přetáhněte tento soubor nad ComboFix a pusťte ho.
  • I tento soubor, i ComboFix musí být na Ploše!
    Obrázek
  • ComboFix se spustí a vykoná příkazy ze skriptu.
  • Počítač bude pravděpodobně restartován.
  • Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
inactive
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic13.CLS

#22 Příspěvek od cicerone »

Dobrý večer,
děkuji za iniciativu. Možná jsem jen paranoidní, když mám s nálezem trojana strach používat internetbanking nebo jít do datové schránky, třeba to tak vážné není..?
ComboFix mi po přetažení CFSscriptu nabídl aktualizaci na nejnovější verzi, kterou jsem provedl, a vyčkal na výsledek logu.
Ten ale obsahuje 77398 znaků. Maximální povolený počet znaků je 60000.
Takže zde je první část:

ComboFix 10-09-20.01 - Pavel 20.09.2010 22:40:12.6.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.958.437 [GMT 2:00]
Spuštěný z: c:\documents and settings\Pavel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pavel\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\windows\Tasks\GlaryInitialize.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\autorun
c:\windows\system32\autorun\acer.ico
c:\windows\system32\autorun\ACER\ScrnSvr\Setup.exe
c:\windows\system32\autorun\ACER\TOOLS\A
c:\windows\system32\autorun\ACER\TOOLS\AcerLang.txt
c:\windows\system32\autorun\ACER\TOOLS\AddLang.bat
c:\windows\system32\autorun\ACER\TOOLS\ara.ini
c:\windows\system32\autorun\ACER\TOOLS\ATTRIB.EXE
c:\windows\system32\autorun\ACER\TOOLS\Biosbsu.exe
c:\windows\system32\autorun\ACER\TOOLS\CDOPEN.COM
c:\windows\system32\autorun\ACER\TOOLS\DBIOS.EXE
c:\windows\system32\autorun\ACER\TOOLS\EDITINI.EXE
c:\windows\system32\autorun\ACER\TOOLS\EJECT.EXE
c:\windows\system32\autorun\ACER\TOOLS\FORMAT.COM
c:\windows\system32\autorun\ACER\TOOLS\gdisk.exe
c:\windows\system32\autorun\ACER\TOOLS\heb.ini
c:\windows\system32\autorun\ACER\TOOLS\CHGBSU.EXE
c:\windows\system32\autorun\ACER\TOOLS\chkacer.exe
c:\windows\system32\autorun\ACER\TOOLS\LaunchRS.ocx
c:\windows\system32\autorun\ACER\TOOLS\MOUSE.EXE
c:\windows\system32\autorun\ACER\TOOLS\MOUSEDRV.INI
c:\windows\system32\autorun\ACER\TOOLS\Pkunzip.exe
c:\windows\system32\autorun\ACER\TOOLS\REBOOT.EXE
c:\windows\system32\autorun\ACER\TOOLS\RegActvX.exe
c:\windows\system32\autorun\ACER\TOOLS\Restore.exe
c:\windows\system32\autorun\ACER\TOOLS\SHELEXEC.EXE
c:\windows\system32\autorun\ACER\TOOLS\SMARTDRV.EXE
c:\windows\system32\autorun\ACER\TOOLS\SPAN.BMP
c:\windows\system32\autorun\ACER\TOOLS\STLink.INI
c:\windows\system32\autorun\ACER\TOOLS\tha.ini
c:\windows\system32\autorun\ACER\TOOLS\XCOPY.EXE
c:\windows\system32\autorun\ACER\TOOLS\XCOPY32.EXE
c:\windows\system32\autorun\ACER\TOOLS\XCOPY32.MOD
c:\windows\system32\autorun\ACER\TOOLS\xphara.ini
c:\windows\system32\autorun\ACER\TOOLS\xphheb.ini
c:\windows\system32\autorun\ACER\TOOLS\xphtha.ini
c:\windows\system32\autorun\ACER\TOOLS\xppara.ini
c:\windows\system32\autorun\ACER\TOOLS\xppcan.ini
c:\windows\system32\autorun\ACER\TOOLS\xppheb.ini
c:\windows\system32\autorun\ACER\TOOLS\xpptha.ini
c:\windows\system32\autorun\ACER\TOOLS\Y
c:\windows\system32\autorun\ACER\Wallpapr\Acer.jpg
c:\windows\system32\autorun\Autorun.exe
c:\windows\system32\autorun\AUTORUN.INF
c:\windows\system32\autorun\Book\AcroBat\EN\Setup.exe
c:\windows\system32\autorun\Book\Guide\CS\As3000_5000 OLM_Cze_0307.pdf
c:\windows\system32\autorun\Book\Guide\CS\Guide.pdf
c:\windows\system32\autorun\Book\Guide\DA\Guide.pdf
c:\windows\system32\autorun\Book\Guide\DE\Guide.pdf
c:\windows\system32\autorun\Book\Guide\EL\Guide.pdf
c:\windows\system32\autorun\Book\Guide\EN\Guide.pdf
c:\windows\system32\autorun\Book\Guide\ES\Guide.pdf
c:\windows\system32\autorun\Book\Guide\FI\Guide.pdf
c:\windows\system32\autorun\Book\Guide\FR\Guide.pdf
c:\windows\system32\autorun\Book\Guide\HU\Guide.pdf
c:\windows\system32\autorun\Book\Guide\IT\Guide.pdf
c:\windows\system32\autorun\Book\Guide\JA\Guide.pdf
c:\windows\system32\autorun\Book\Guide\Modem.pdf
c:\windows\system32\autorun\Book\Guide\NL\Guide.pdf
c:\windows\system32\autorun\Book\Guide\NO\Guide.pdf
c:\windows\system32\autorun\Book\Guide\PL\Guide.pdf
c:\windows\system32\autorun\Book\Guide\PT\Guide.pdf
c:\windows\system32\autorun\Book\Guide\RU\Guide.pdf
c:\windows\system32\autorun\Book\Guide\SC\Guide.pdf
c:\windows\system32\autorun\Book\Guide\SK\Guide.pdf
c:\windows\system32\autorun\Book\Guide\SV\Guide.pdf
c:\windows\system32\autorun\Book\Guide\TC\Guide.pdf
c:\windows\system32\autorun\DEST.EXE
c:\windows\system32\autorun\Drivers\802BG\AegisE2.dll
c:\windows\system32\autorun\Drivers\802BG\AegisE5.dll
c:\windows\system32\autorun\Drivers\802BG\AegisI2.exe
c:\windows\system32\autorun\Drivers\802BG\AegisI5.exe
c:\windows\system32\autorun\Drivers\802BG\bcm42rly.vxd
c:\windows\system32\autorun\Drivers\802BG\bcm43xx.cat
c:\windows\system32\autorun\Drivers\802BG\bcm43xxa.cat
c:\windows\system32\autorun\Drivers\802BG\BCMLogo.gif
c:\windows\system32\autorun\Drivers\802BG\BCMLogon.dll
c:\windows\system32\autorun\Drivers\802BG\bcmwl5.inf
c:\windows\system32\autorun\Drivers\802BG\bcmwl5.sys
c:\windows\system32\autorun\Drivers\802BG\bcmwl5a.inf
c:\windows\system32\autorun\Drivers\802BG\bcmwlcpl.cpl
c:\windows\system32\autorun\Drivers\802BG\bcmwld2k.exe
c:\windows\system32\autorun\Drivers\802BG\BCMWLD9X.EXE
c:\windows\system32\autorun\Drivers\802BG\bcmwlhlp.chm
c:\windows\system32\autorun\Drivers\802BG\bcmwlhom.exe
c:\windows\system32\autorun\Drivers\802BG\bcmwlhom.ini
c:\windows\system32\autorun\Drivers\802BG\bcmwlntp.sys
c:\windows\system32\autorun\Drivers\802BG\bcmwltry.exe
c:\windows\system32\autorun\Drivers\802BG\bcmwlu00.exe
c:\windows\system32\autorun\Drivers\802BG\data1.cab
c:\windows\system32\autorun\Drivers\802BG\data1.hdr
c:\windows\system32\autorun\Drivers\802BG\data2.cab
c:\windows\system32\autorun\Drivers\802BG\ikernel.ex_
c:\windows\system32\autorun\Drivers\802BG\is.exe
c:\windows\system32\autorun\Drivers\802BG\launcher.ini
c:\windows\system32\autorun\Drivers\802BG\layout.bin
c:\windows\system32\autorun\Drivers\802BG\mdc.jpg
c:\windows\system32\autorun\Drivers\802BG\MFC42.DLL
c:\windows\system32\autorun\Drivers\802BG\MFC42U.DLL
c:\windows\system32\autorun\Drivers\802BG\MSVCP60.DLL
c:\windows\system32\autorun\Drivers\802BG\MSVCRT.DLL
c:\windows\system32\autorun\Drivers\802BG\ReleaseNotes.html
c:\windows\system32\autorun\Drivers\802BG\setup.exe
c:\windows\system32\autorun\Drivers\802BG\Setup.ini
c:\windows\system32\autorun\Drivers\802BG\setup.inx
c:\windows\system32\autorun\Drivers\802BG\Setup.iss
c:\windows\system32\autorun\Drivers\802BG\vssver.scc
c:\windows\system32\autorun\Drivers\802BG\wltray.exe
c:\windows\system32\autorun\Drivers\802BG\wltrynt.dll
c:\windows\system32\autorun\Drivers\802BG\wltrysvc.exe
c:\windows\system32\autorun\Drivers\AcerEM\setup.exe
c:\windows\system32\autorun\Drivers\AcerEM\setup.iss
c:\windows\system32\autorun\Drivers\AcerGrid\GridVistaU.ex_
c:\windows\system32\autorun\Drivers\AcerGrid\GridVistaU64.ex_
c:\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU.dll
c:\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU64.dll
c:\windows\system32\autorun\Drivers\AcerGrid\Readme.txt
c:\windows\system32\autorun\Drivers\AcerGrid\Setup.exe
c:\windows\system32\autorun\Drivers\AcerGrid\Setup.inf
c:\windows\system32\autorun\Drivers\AcerGrid\Setup.XP
c:\windows\system32\autorun\Drivers\AcerGrid\SetupDev.dll
c:\windows\system32\autorun\Drivers\AcerGrid\UNINST32.EX_
c:\windows\system32\autorun\Drivers\AcerGrid\WndHook.cfg
c:\windows\system32\autorun\Drivers\ARCADE\Custom.ini
c:\windows\system32\autorun\Drivers\ARCADE\data1.cab
c:\windows\system32\autorun\Drivers\ARCADE\data1.hdr
c:\windows\system32\autorun\Drivers\ARCADE\data2.cab
c:\windows\system32\autorun\Drivers\ARCADE\ikernel.ex_
c:\windows\system32\autorun\Drivers\ARCADE\info.ini
c:\windows\system32\autorun\Drivers\ARCADE\layout.bin
c:\windows\system32\autorun\Drivers\ARCADE\PCinema.reg
c:\windows\system32\autorun\Drivers\ARCADE\Setup.exe
c:\windows\system32\autorun\Drivers\ARCADE\Setup.ini
c:\windows\system32\autorun\Drivers\ARCADE\setup.inx
c:\windows\system32\autorun\Drivers\ARCADE\Setup.iss
c:\windows\system32\autorun\Drivers\ARCADE\ureg.ini
c:\windows\system32\autorun\Drivers\Audio\alcchkid.exe
c:\windows\system32\autorun\Drivers\Audio\alcrmv.exe
c:\windows\system32\autorun\Drivers\Audio\alcrmv64.exe
c:\windows\system32\autorun\Drivers\Audio\alcrmv9x.exe
c:\windows\system32\autorun\Drivers\Audio\alcupd.exe
c:\windows\system32\autorun\Drivers\Audio\AlcUpd64.exe
c:\windows\system32\autorun\Drivers\Audio\ALCXDEV.EXE
c:\windows\system32\autorun\Drivers\Audio\Ap\AVRACK.INI
c:\windows\system32\autorun\Drivers\Audio\Ap\AvRack2.exe
c:\windows\system32\autorun\Drivers\Audio\Ap\Classic.dll
c:\windows\system32\autorun\Drivers\Audio\Ap\Cool.bmp
c:\windows\system32\autorun\Drivers\Audio\Ap\Grass.bmp
c:\windows\system32\autorun\Drivers\Audio\Ap\GrayScale.bmp
c:\windows\system32\autorun\Drivers\Audio\Ap\Magenta.bmp
c:\windows\system32\autorun\Drivers\Audio\Ap\MPIE4STD.EXE
c:\windows\system32\autorun\Drivers\Audio\Ap\Mpstd.exe
c:\windows\system32\autorun\Drivers\Audio\Ap\RtlRack.exe
c:\windows\system32\autorun\Drivers\Audio\Ap\Wooden.bmp
c:\windows\system32\autorun\Drivers\Audio\config\alcxinit.dat
c:\windows\system32\autorun\Drivers\Audio\data1.cab
c:\windows\system32\autorun\Drivers\Audio\data1.hdr
c:\windows\system32\autorun\Drivers\Audio\data2.cab
c:\windows\system32\autorun\Drivers\Audio\GETDXVER.EXE
c:\windows\system32\autorun\Drivers\Audio\ChCfg.exe
c:\windows\system32\autorun\Drivers\Audio\ikernel.ex_
c:\windows\system32\autorun\Drivers\Audio\layout.bin
c:\windows\system32\autorun\Drivers\Audio\README.TXT
c:\windows\system32\autorun\Drivers\Audio\RtlExUpd.dll
c:\windows\system32\autorun\Drivers\Audio\SetCDfmt.exe
c:\windows\system32\autorun\Drivers\Audio\Setup.exe
c:\windows\system32\autorun\Drivers\Audio\Setup.ini
c:\windows\system32\autorun\Drivers\Audio\setup.inx
c:\windows\system32\autorun\Drivers\Audio\SETUP.ISS
c:\windows\system32\autorun\Drivers\Audio\SetupEx.ini
c:\windows\system32\autorun\Drivers\Audio\SOUNDMAN.ICO
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.cat
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\ALCXWDM.SYS
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm0.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm1.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm10.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm11.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm12.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm13.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm14.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm15.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm16.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm17.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm18.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm19.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm2.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm20.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm21.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm22.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm23.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm24.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm3.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm4.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm5.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm6.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm7.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm8.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm9.inf
c:\windows\system32\autorun\Drivers\Audio\WDM\ALSndMgr.cpl
c:\windows\system32\autorun\Drivers\Audio\WDM\ALSNDMGR.WAV
c:\windows\system32\autorun\Drivers\Audio\WDM\RtlCPAPI.dll
c:\windows\system32\autorun\Drivers\Audio\WDM\RTLCPL.EXE
c:\windows\system32\autorun\Drivers\Audio\WDM\SoundMan.exe
c:\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.DRV
c:\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.INI
c:\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT.DRV
c:\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT16.DLL
c:\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.DAT
c:\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.TON
c:\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.INF
c:\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.VXD
c:\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.DLL
c:\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.SYS
c:\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.DAT
c:\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.dll
c:\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.sys
c:\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.TON
c:\windows\system32\autorun\Drivers\Audio\WinNT4\MMDRV.DLL
c:\windows\system32\autorun\Drivers\Audio\WinNT4\Oemsetup.inf
c:\windows\system32\autorun\Drivers\Audio\WinNT4\SoundMan.exe
c:\windows\system32\autorun\Drivers\BTW\0x0404.ini
c:\windows\system32\autorun\Drivers\BTW\0x0406.ini
c:\windows\system32\autorun\Drivers\BTW\0x0407.ini
c:\windows\system32\autorun\Drivers\BTW\0x0409.ini
c:\windows\system32\autorun\Drivers\BTW\0x040a.ini
c:\windows\system32\autorun\Drivers\BTW\0x040b.ini
c:\windows\system32\autorun\Drivers\BTW\0x040c.ini
c:\windows\system32\autorun\Drivers\BTW\0x0410.ini
c:\windows\system32\autorun\Drivers\BTW\0x0411.ini
c:\windows\system32\autorun\Drivers\BTW\0x0412.ini
c:\windows\system32\autorun\Drivers\BTW\0x0413.ini
c:\windows\system32\autorun\Drivers\BTW\0x0414.ini
c:\windows\system32\autorun\Drivers\BTW\0x0415.ini
c:\windows\system32\autorun\Drivers\BTW\0x0416.ini
c:\windows\system32\autorun\Drivers\BTW\0x0419.ini
c:\windows\system32\autorun\Drivers\BTW\0x041d.ini
c:\windows\system32\autorun\Drivers\BTW\0x0804.ini
c:\windows\system32\autorun\Drivers\BTW\1028.mst
c:\windows\system32\autorun\Drivers\BTW\1030.mst
c:\windows\system32\autorun\Drivers\BTW\1031.mst
c:\windows\system32\autorun\Drivers\BTW\1033.mst
c:\windows\system32\autorun\Drivers\BTW\1034.mst
c:\windows\system32\autorun\Drivers\BTW\1035.mst
c:\windows\system32\autorun\Drivers\BTW\1036.mst
c:\windows\system32\autorun\Drivers\BTW\1040.mst
c:\windows\system32\autorun\Drivers\BTW\1041.mst
c:\windows\system32\autorun\Drivers\BTW\1042.mst
c:\windows\system32\autorun\Drivers\BTW\1043.mst
c:\windows\system32\autorun\Drivers\BTW\1044.mst
c:\windows\system32\autorun\Drivers\BTW\1045.mst
c:\windows\system32\autorun\Drivers\BTW\1046.mst
c:\windows\system32\autorun\Drivers\BTW\1049.mst
c:\windows\system32\autorun\Drivers\BTW\1053.mst
c:\windows\system32\autorun\Drivers\BTW\2052.mst
c:\windows\system32\autorun\Drivers\BTW\Autorun.inf
c:\windows\system32\autorun\Drivers\BTW\BBalloon.dll
c:\windows\system32\autorun\Drivers\BTW\BtSetup.dll
c:\windows\system32\autorun\Drivers\BTW\btw.ico
c:\windows\system32\autorun\Drivers\BTW\BTW.msi
c:\windows\system32\autorun\Drivers\BTW\btw_ci.dll
c:\windows\system32\autorun\Drivers\BTW\btwusb.cat
c:\windows\system32\autorun\Drivers\BTW\btwusb.inf
c:\windows\system32\autorun\Drivers\BTW\btwusb.sys
c:\windows\system32\autorun\Drivers\BTW\btwusb9x.inf
c:\windows\system32\autorun\Drivers\BTW\CustomBr.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomCs.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomCt.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomDa.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomDu.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomEn.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomFi.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomFr.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomGr.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomIt.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomJp.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomKo.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomNo.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomPo.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomRu.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomSp.ctm
c:\windows\system32\autorun\Drivers\BTW\CustomSw.ctm
c:\windows\system32\autorun\Drivers\BTW\Data1.cab
c:\windows\system32\autorun\Drivers\BTW\frmupgr.sys
c:\windows\system32\autorun\Drivers\BTW\Inst.exe
c:\windows\system32\autorun\Drivers\BTW\instmsia.exe
c:\windows\system32\autorun\Drivers\BTW\instmsiw.exe
c:\windows\system32\autorun\Drivers\BTW\license.dat
c:\windows\system32\autorun\Drivers\BTW\MSVCP60.DLL
c:\windows\system32\autorun\Drivers\BTW\setup.exe
c:\windows\system32\autorun\Drivers\BTW\Setup.ini
c:\windows\system32\autorun\Drivers\BTW\setup2k.iss
c:\windows\system32\autorun\Drivers\BTW\setupXp.iss
c:\windows\system32\autorun\Drivers\BTW\Spylite.exe
c:\windows\system32\autorun\Drivers\BTW\svcpack\SvcPack.ini
c:\windows\system32\autorun\Drivers\BTW\UsrGuide.pdf
c:\windows\system32\autorun\Drivers\CDMAKER\addfilter.exe
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\bunsplash.bmp
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\CDBAK32.INI
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\Cdrw32.bdb
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\Data1.cab
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\NTI Backup NOW! 4.msi
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\NtiAspi.dll
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\Readme.txt
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\Setup.BJF
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.exe
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.iss
c:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.log
c:\windows\system32\autorun\Drivers\CDMAKER\BurnRights.exe
c:\windows\system32\autorun\Drivers\CDMAKER\CDDVD-MAKER_TITLE.jpg
c:\windows\system32\autorun\Drivers\CDMAKER\CDMaker.ver
c:\windows\system32\autorun\Drivers\CDMAKER\CDMKR32.INI
c:\windows\system32\autorun\Drivers\CDMAKER\Cdrw32.bdb
c:\windows\system32\autorun\Drivers\CDMAKER\Data1.cab
c:\windows\system32\autorun\Drivers\CDMAKER\htvcdsvcd.ax
c:\windows\system32\autorun\Drivers\CDMAKER\logo_oem.jpg
c:\windows\system32\autorun\Drivers\CDMAKER\NTI CD & DVD-Maker.msi
c:\windows\system32\autorun\Drivers\CDMAKER\NtiAspi.dll
c:\windows\system32\autorun\Drivers\CDMAKER\Readme.txt
c:\windows\system32\autorun\Drivers\CDMAKER\setup.exe
c:\windows\system32\autorun\Drivers\CDMAKER\setup.iss
c:\windows\system32\autorun\Drivers\CDMAKER\setup.log
c:\windows\system32\autorun\Drivers\CDMAKER\splash01.bmp
c:\windows\system32\autorun\Drivers\CDMAKER\UPGRADE.htm
c:\windows\system32\autorun\Drivers\CDMAKER\WMDMDist.exe
c:\windows\system32\autorun\Drivers\CDMAKER\WMFADist.exe
c:\windows\system32\autorun\Drivers\CDMAKER\WMFDist.exe
c:\windows\system32\autorun\Drivers\CPU\Arabic\license_ara.rtf
c:\windows\system32\autorun\Drivers\CPU\Brazilian_Portugese\license_bp.rtf
c:\windows\system32\autorun\Drivers\CPU\Czech\license_csy.rtf
c:\windows\system32\autorun\Drivers\CPU\Danish\license_dan.rtf
c:\windows\system32\autorun\Drivers\CPU\Dutch\license_dt.rtf
c:\windows\system32\autorun\Drivers\CPU\English\license_en.rtf
c:\windows\system32\autorun\Drivers\CPU\Finnish\license_fin.rtf
c:\windows\system32\autorun\Drivers\CPU\French\license_fr.rtf
c:\windows\system32\autorun\Drivers\CPU\French_Canadian\license_fc.rtf
c:\windows\system32\autorun\Drivers\CPU\German\license_ger.rtf
c:\windows\system32\autorun\Drivers\CPU\Greek\license_ell.rtf
c:\windows\system32\autorun\Drivers\CPU\Hebrew\license_heb.rtf
c:\windows\system32\autorun\Drivers\CPU\Hungarian\license_hun.rtf
c:\windows\system32\autorun\Drivers\CPU\Iberian_Portugese\license_ptg.rtf
c:\windows\system32\autorun\Drivers\CPU\Italian\license_it.rtf
c:\windows\system32\autorun\Drivers\CPU\Japanese\license_jp.rtf
c:\windows\system32\autorun\Drivers\CPU\Korean\license_kor.rtf
c:\windows\system32\autorun\Drivers\CPU\Norwegian\license_nw.rtf
c:\windows\system32\autorun\Drivers\CPU\Polish\license_plk.rtf
c:\windows\system32\autorun\Drivers\CPU\readme.rtf
c:\windows\system32\autorun\Drivers\CPU\Russian\license_rus.rtf
c:\windows\system32\autorun\Drivers\CPU\Simplified_Chinese\license_sch.rtf
c:\windows\system32\autorun\Drivers\CPU\Spanish\license_esp.rtf
c:\windows\system32\autorun\Drivers\CPU\Swedish\license_sw.rtf
c:\windows\system32\autorun\Drivers\CPU\Traditional_Chinese\license_cht.rtf
c:\windows\system32\autorun\Drivers\CPU\Turkish\license_trk.rtf
c:\windows\system32\autorun\Drivers\CPU\XP\Arabic\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Czech\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Danish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Dutch\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\English\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Finnish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\French\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\German\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Greek\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Italian\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Japanese\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Korean\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Polish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Russian\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Spanish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Swedish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.sys
c:\windows\system32\autorun\Drivers\CPU\XP\Turkish\AmdK8.cat
c:\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.inf
c:\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.sys
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\DOSBB.CNF
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\Netsis.inf
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\PROTOCOL.INI
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\sis900.dos
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\W95BB.CNF
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\AUTOEXEC.BAT
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\CONFIG.SYS
c:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\PROTOCOL.INI
c:\windows\system32\autorun\Drivers\Lan\BootRom\DOSBB.cnf
c:\windows\system32\autorun\Drivers\Lan\BootRom\NDIS2drv\sis900.dos
c:\windows\system32\autorun\Drivers\Lan\BootRom\NETWARE.TXT
c:\windows\system32\autorun\Drivers\Lan\BootRom\PROTOCOL.INI
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.18
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.19
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.bev
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\readme.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\relnote.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\RIS.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.18
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.19
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\Readme.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\RIS.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\RPL\RBOOT.ROM
c:\windows\system32\autorun\Drivers\Lan\BootRom\RPL\ReadMe.txt
c:\windows\system32\autorun\Drivers\Lan\BootRom\WINNT.TXT
c:\windows\system32\autorun\Drivers\Lan\data1.cab
c:\windows\system32\autorun\Drivers\Lan\data1.hdr
c:\windows\system32\autorun\Drivers\Lan\data2.cab
c:\windows\system32\autorun\Drivers\Lan\DIAG.EXE
c:\windows\system32\autorun\Drivers\Lan\DIAG.TXT
c:\windows\system32\autorun\Drivers\Lan\engine32.cab
c:\windows\system32\autorun\Drivers\Lan\inf2cat.exe
c:\windows\system32\autorun\Drivers\Lan\inst2000.dll
c:\windows\system32\autorun\Drivers\Lan\IPDETECT.EXE
c:\windows\system32\autorun\Drivers\Lan\layout.bin
c:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\PROTOCOL.INI
c:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\sis900.dos
c:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\NIF\SIS900.nif
c:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\Readme.txt
c:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\OEMSETUP.INF
c:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\PROTOCOL.INI
c:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\SIS900.DOS
c:\windows\system32\autorun\Drivers\Lan\NT40\OEMSETUP.INF
c:\windows\system32\autorun\Drivers\Lan\NT40\README.TXT
c:\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.HLP
c:\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\nwclient\NET.CFG
c:\windows\system32\autorun\Drivers\Lan\nwclient\readme.txt
c:\windows\system32\autorun\Drivers\Lan\nwclient\SIS900.COM
c:\windows\system32\autorun\Drivers\Lan\nwclient\sis900.ins
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\ETHERTSM.NLM
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\MSM.NLM
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\NBI.NLM
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.lan
c:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.ldi
c:\windows\system32\autorun\Drivers\Lan\Nwserver.42\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.lan
c:\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.ldi
c:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.lan
c:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.ldi
c:\windows\system32\autorun\Drivers\Lan\Nwserver.60\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.lan
c:\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.ldi
c:\windows\system32\autorun\Drivers\Lan\pktdrv\readme.TXT
c:\windows\system32\autorun\Drivers\Lan\pktdrv\SIS900.EXE
c:\windows\system32\autorun\Drivers\Lan\README.TXT
c:\windows\system32\autorun\Drivers\Lan\refresh.exe
c:\windows\system32\autorun\Drivers\Lan\Remove.exe
c:\windows\system32\autorun\Drivers\Lan\setup.boot
c:\windows\system32\autorun\Drivers\Lan\setup.exe
c:\windows\system32\autorun\Drivers\Lan\setup.ini
c:\windows\system32\autorun\Drivers\Lan\setup.inx
c:\windows\system32\autorun\Drivers\Lan\setup.iss
c:\windows\system32\autorun\Drivers\Lan\SETUP.TXT
c:\windows\system32\autorun\Drivers\Lan\sisfile\INST2000.DLL
c:\windows\system32\autorun\Drivers\Lan\SRV2003\0404.lng
c:\windows\system32\autorun\Drivers\Lan\SRV2003\040c.lng
c:\windows\system32\autorun\Drivers\Lan\SRV2003\0411.lng
c:\windows\system32\autorun\Drivers\Lan\SRV2003\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\SRV2003\oemnic.cat
c:\windows\system32\autorun\Drivers\Lan\SRV2003\README.TXT
c:\windows\system32\autorun\Drivers\Lan\SRV2003\SISNIC2K.sys
c:\windows\system32\autorun\Drivers\Lan\SRV2003\SISNICXP.sys
c:\windows\system32\autorun\Drivers\Lan\SRV2003\uninst.exe
c:\windows\system32\autorun\Drivers\Lan\WFW311\OEMSETUP.INF
c:\windows\system32\autorun\Drivers\Lan\WFW311\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WFW311\SISNIC.386
c:\windows\system32\autorun\Drivers\Lan\Win2000\0404.lng
c:\windows\system32\autorun\Drivers\Lan\Win2000\040c.lng
c:\windows\system32\autorun\Drivers\Lan\Win2000\0411.lng
c:\windows\system32\autorun\Drivers\Lan\Win2000\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\Win2000\oemnic.cat
c:\windows\system32\autorun\Drivers\Lan\Win2000\README.TXT
c:\windows\system32\autorun\Drivers\Lan\Win2000\SISNIC2K.sys
c:\windows\system32\autorun\Drivers\Lan\Win2000\SISNICXP.sys
c:\windows\system32\autorun\Drivers\Lan\Win2000\uninst.exe
c:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\OEMNIC.CAT
c:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\UNINST.EXE
c:\windows\system32\autorun\Drivers\Lan\WIN95\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\WIN95\OEMNIC.CAT
c:\windows\system32\autorun\Drivers\Lan\WIN95\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WIN95\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\WIN95\UNINST.EXE
c:\windows\system32\autorun\Drivers\Lan\WIN98\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\WIN98\OEMNIC.CAT
c:\windows\system32\autorun\Drivers\Lan\WIN98\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WIN98\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\WIN98\UNINST.EXE
c:\windows\system32\autorun\Drivers\Lan\WINME\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\WINME\OEMNIC.CAT
c:\windows\system32\autorun\Drivers\Lan\WINME\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WINME\SISNIC.sys
c:\windows\system32\autorun\Drivers\Lan\WINME\UNINST.EXE
c:\windows\system32\autorun\Drivers\Lan\WinXP\0404.lng
c:\windows\system32\autorun\Drivers\Lan\WinXP\040c.lng
c:\windows\system32\autorun\Drivers\Lan\WinXP\0411.lng
c:\windows\system32\autorun\Drivers\Lan\WinXP\NETOEM.INF
c:\windows\system32\autorun\Drivers\Lan\WinXP\oemnic.cat
c:\windows\system32\autorun\Drivers\Lan\WinXP\README.TXT
c:\windows\system32\autorun\Drivers\Lan\WinXP\SISNIC2K.sys
c:\windows\system32\autorun\Drivers\Lan\WinXP\SISNICXP.sys
c:\windows\system32\autorun\Drivers\Lan\WinXP\uninst.exe
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\CDROMUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\COMFNUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.INI
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\DialCnt.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\DIALCTRL.EXE
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\DKbFltr.sys
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\EXECBAT.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\FiltrCoI.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Dut.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Fre.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ger.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ita.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Jap.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Kor.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Por.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Sch.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Spa.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Tch.htm
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Dut
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Eng
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Fre
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ger
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ita
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Jap
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Kor
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Por
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Sch
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Spa
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Tch
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.cfg
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\LGKCUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MIXERUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMDUtl.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMKEYBD.CFG
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\CRT.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\DVI.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\LCD.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-CRT.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-DVI.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-TV.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\TV.png
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\MUTE.BMP
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\UNMUTE.BMP
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Panel\LManager.ICO
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtBtLib.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.cat
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.exe
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.EXE.manifest
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.INF
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Readme.txt
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\RGNMAKER.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\RMDEVICE.EXE
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.exe
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.inf
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\SetupDev.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\SETUPDEV.INI
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\SisVGA.dll
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\SZUPFUTL.DLL
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\UNINST32.EXE
c:\windows\system32\autorun\Drivers\LaunchM\WinXP\WND2FILE.DLL
c:\windows\system32\autorun\Drivers\MODEM\AGRMDwxp.cat
c:\windows\system32\autorun\Drivers\MODEM\AGRMDwxp.inf
c:\windows\system32\autorun\Drivers\MODEM\AGRSM.sys
c:\windows\system32\autorun\Drivers\MODEM\agrsmdel.exe
c:\windows\system32\autorun\Drivers\MODEM\AGRSMhom.exe
c:\windows\system32\autorun\Drivers\MODEM\AGRSMhom.ini
c:\windows\system32\autorun\Drivers\MODEM\AGRSMMsg.exe
c:\windows\system32\autorun\Drivers\MODEM\AGSETUP.INI
c:\windows\system32\autorun\Drivers\MODEM\agsetup1.dll
c:\windows\system32\autorun\Drivers\MODEM\agsetup2.dll
c:\windows\system32\autorun\Drivers\MODEM\agsetup3.EXE
c:\windows\system32\autorun\Drivers\MODEM\setup.exe
c:\windows\system32\autorun\Drivers\Producer\Autorun.inf
c:\windows\system32\autorun\Drivers\Producer\Custom.ini
c:\windows\system32\autorun\Drivers\Producer\data1.cab
c:\windows\system32\autorun\Drivers\Producer\data1.hdr
c:\windows\system32\autorun\Drivers\Producer\data2.cab
c:\windows\system32\autorun\Drivers\Producer\default.reg
c:\windows\system32\autorun\Drivers\Producer\HardwarePlugIn.reg
c:\windows\system32\autorun\Drivers\Producer\ikernel.ex_
c:\windows\system32\autorun\Drivers\Producer\info.ini
c:\windows\system32\autorun\Drivers\Producer\layout.bin
c:\windows\system32\autorun\Drivers\Producer\Order.url
c:\windows\system32\autorun\Drivers\Producer\pfc.sys
c:\windows\system32\autorun\Drivers\Producer\pfc.vxd
c:\windows\system32\autorun\Drivers\Producer\Producer.ico
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_deu.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_enu.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_esp.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_fra.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_chs.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_Cht.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_ita.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_jpn.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_kor.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Read_ptg.htm
c:\windows\system32\autorun\Drivers\Producer\Readme\Readme1.gif
c:\windows\system32\autorun\Drivers\Producer\Readme\Readme2.gif
c:\windows\system32\autorun\Drivers\Producer\Setup.exe
c:\windows\system32\autorun\Drivers\Producer\Setup.ini
c:\windows\system32\autorun\Drivers\Producer\setup.inx
c:\windows\system32\autorun\Drivers\Producer\setup.iss
c:\windows\system32\autorun\Drivers\Producer\ureg.ini
c:\windows\system32\autorun\Drivers\Producer\WMFDist.exe
c:\windows\system32\autorun\Drivers\Producer\wnaspi32.dll
c:\windows\system32\autorun\Drivers\Touchpad\BP\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\data1.cab
c:\windows\system32\autorun\Drivers\Touchpad\data1.hdr
c:\windows\system32\autorun\Drivers\Touchpad\data2.cab
c:\windows\system32\autorun\Drivers\Touchpad\DK\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\DriverLanguageMap.xml
c:\windows\system32\autorun\Drivers\Touchpad\FI\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\FR\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\GR\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\ikernel.ex_
c:\windows\system32\autorun\Drivers\Touchpad\InstNT.exe
c:\windows\system32\autorun\Drivers\Touchpad\IT\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\JP\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\KR\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\layout.bin
c:\windows\system32\autorun\Drivers\Touchpad\LS\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\NL\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\NO\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\SC\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\SE\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\Setup.exe
c:\windows\system32\autorun\Drivers\Touchpad\Setup.ini
c:\windows\system32\autorun\Drivers\Touchpad\setup.inx
c:\windows\system32\autorun\Drivers\Touchpad\setup.iss
c:\windows\system32\autorun\Drivers\Touchpad\SynCntxt.rtf
c:\windows\system32\autorun\Drivers\Touchpad\SynCom.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynCtrl.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynHid.inf
c:\windows\system32\autorun\Drivers\Touchpad\SynISDLL.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynMood.exe
c:\windows\system32\autorun\Drivers\Touchpad\SynPD.inf
c:\windows\system32\autorun\Drivers\Touchpad\SynTP.cat
c:\windows\system32\autorun\Drivers\Touchpad\SynTP.ini
c:\windows\system32\autorun\Drivers\Touchpad\SynTP.sys
c:\windows\system32\autorun\Drivers\Touchpad\SynTPAPI.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynTPCo2.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynTPCOM.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynTPCpl.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.exe
c:\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.ini
c:\windows\system32\autorun\Drivers\Touchpad\SynTPFcs.dll
c:\windows\system32\autorun\Drivers\Touchpad\SynTPLpr.exe
c:\windows\system32\autorun\Drivers\Touchpad\SynUnst.ini
c:\windows\system32\autorun\Drivers\Touchpad\SynZMetr.exe
c:\windows\system32\autorun\Drivers\Touchpad\TC\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\TH\ReadMe.txt
c:\windows\system32\autorun\Drivers\Touchpad\Tutorial.exe
c:\windows\system32\autorun\Drivers\Touchpad\US\ReadMe.txt
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagpx.sys
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagpx.sys
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\SISAGP.PCI
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\SISAGP.PCI
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagpx.sys
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagpx.sys
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\SISAGP.pci
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\SISAGP.pci
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.cat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.inf
c:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagpx.sys
c:\windows\system32\autorun\Drivers\VGA\AGPPack\data1.cab
c:\windows\system32\autorun\Drivers\VGA\AGPPack\data1.hdr
c:\windows\system32\autorun\Drivers\VGA\AGPPack\data2.cab
c:\windows\system32\autorun\Drivers\VGA\AGPPack\engine32.cab
c:\windows\system32\autorun\Drivers\VGA\AGPPack\layout.bin
c:\windows\system32\autorun\Drivers\VGA\AGPPack\README.TXT
c:\windows\system32\autorun\Drivers\VGA\AGPPack\RelNote.txt
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup-s.bat
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.boot
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.ini
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.inx
c:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.iss
c:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\AGPFunc.dll
c:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\ata133ap.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\instdrv.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\SISAGP98.dll
c:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\waitwnd.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SIS_LIB.DLL
c:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SISPORT.SYS
c:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SiSUSBrg.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Mp_s3.exe
c:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Openhci.sys
c:\windows\system32\autorun\Drivers\VGA\data1.cab
c:\windows\system32\autorun\Drivers\VGA\data1.hdr
c:\windows\system32\autorun\Drivers\VGA\data2.cab
c:\windows\system32\autorun\Drivers\VGA\engine32.cab
c:\windows\system32\autorun\Drivers\VGA\Language\0006.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0007.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0009.lng
c:\windows\system32\autorun\Drivers\VGA\Language\000a.lng
c:\windows\system32\autorun\Drivers\VGA\Language\000b.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0010.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0011.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0012.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0013.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0014.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0019.lng
c:\windows\system32\autorun\Drivers\VGA\Language\001d.lng
c:\windows\system32\autorun\Drivers\VGA\Language\001e.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0404.lng
c:\windows\system32\autorun\Drivers\VGA\Language\040c.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0416.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0804.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0816.lng
c:\windows\system32\autorun\Drivers\VGA\Language\0c0c.lng
c:\windows\system32\autorun\Drivers\VGA\layout.bin
c:\windows\system32\autorun\Drivers\VGA\ReadMe.txt
c:\windows\system32\autorun\Drivers\VGA\setup.boot
c:\windows\system32\autorun\Drivers\VGA\Setup.cmd
c:\windows\system32\autorun\Drivers\VGA\setup.exe
c:\windows\system32\autorun\Drivers\VGA\Setup.ini
c:\windows\system32\autorun\Drivers\VGA\setup.inx
c:\windows\system32\autorun\Drivers\VGA\Setup.iss
c:\windows\system32\autorun\Drivers\VGA\setupDLL\Instdrv.exe
c:\windows\system32\autorun\Drivers\VGA\setupDLL\IsUninst.exe
c:\windows\system32\autorun\Drivers\VGA\setupDLL\Progress.exe
c:\windows\system32\autorun\Drivers\VGA\setupDLL\waitwnd.exe
c:\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup.bmp
c:\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup16.bmp
c:\windows\system32\autorun\Drivers\VGA\SETUPRES\title.bmp
c:\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\315\oemrom.bin
c:\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\Xabre\oemrom.bin
c:\windows\system32\autorun\Drivers\VGA\utilDLL\LCDMode.exe
c:\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\sis315.bin
c:\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\xabre.bin
c:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSApCom.dll
c:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.dll
c:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.ini
c:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.sys
c:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSHook.dll
c:\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.dll
c:\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.ini
c:\windows\system32\autorun\Drivers\VGA\utilDLL\sisvb.dll
c:\windows\system32\autorun\Drivers\VGA\utilDLL\TVMode.dll
c:\windows\system32\autorun\Drivers\VGA\UtilRes\3DWizard\sisut3d.dll
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Gamma\gamma.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\General\Bk31x.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\General\logo.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\trayicon.ico
c:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\UNINS.ico
c:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\XRotate.ico
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\650.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\651.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\740.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage1.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage2.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage3.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SIS3D.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISDM.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISGAMMA.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISINFO.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTV.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTVLCD.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISVIDEO.AVI
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Sistray\traylogo.bmp
c:\windows\system32\autorun\Drivers\VGA\UtilRes\Video\overlay1.bmp
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.exe
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis650.bin
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis660.bin
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis740.bin
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis741.bin
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis760.bin
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSBase.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgl.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.cat
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.inf
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrp.sys
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrv.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSInst.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSParse.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPInst.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPower.dll
c:\windows\system32\autorun\Drivers\VGA\WinXP_2K\srvkp.sys
c:\windows\system32\autorun\HowToUse\_notes\dwSiteColumnsMe.xml
c:\windows\system32\autorun\HowToUse\Contents\contents.html
c:\windows\system32\autorun\HowToUse\Contents\Howtouse-old.html
c:\windows\system32\autorun\HowToUse\Contents\left-00.htm
c:\windows\system32\autorun\HowToUse\Contents\menu-contents.html
c:\windows\system32\autorun\HowToUse\Contents\right-contents.html
c:\windows\system32\autorun\HowToUse\Guide\guide.html
c:\windows\system32\autorun\HowToUse\Guide\Howtouse-old.html
c:\windows\system32\autorun\HowToUse\Guide\left-guide.html
c:\windows\system32\autorun\HowToUse\Guide\menu-guide.html
c:\windows\system32\autorun\HowToUse\Guide\right-guide.html
c:\windows\system32\autorun\HowToUse\Home\bd-main.html
c:\windows\system32\autorun\HowToUse\Home\left-00.htm
c:\windows\system32\autorun\HowToUse\Home\menu.html
c:\windows\system32\autorun\HowToUse\Home\right-main.htm
c:\windows\system32\autorun\HowToUse\Home\top.html
c:\windows\system32\autorun\HowToUse\Howtouse.html
c:\windows\system32\autorun\HowToUse\Images\bg.jpg
c:\windows\system32\autorun\HowToUse\Images\dot-gray.gif
c:\windows\system32\autorun\HowToUse\Images\function_01.gif
c:\windows\system32\autorun\HowToUse\Images\icon_contents01.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_contents02.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_contents03.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_guide01.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_guide02.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_guide03.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_install01.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_install02.jpg
c:\windows\system32\autorun\HowToUse\Images\icon_install03.jpg
c:\windows\system32\autorun\HowToUse\Images\index_bg.jpg
c:\windows\system32\autorun\HowToUse\Images\left-bk.gif
c:\windows\system32\autorun\HowToUse\Images\mane-image.jpg
c:\windows\system32\autorun\HowToUse\Images\menu-bk-00.gif
c:\windows\system32\autorun\HowToUse\Images\menu-bk-01.gif
c:\windows\system32\autorun\HowToUse\Images\menu-bk-02-white.gif
c:\windows\system32\autorun\HowToUse\Images\menu-bk-02.gif
c:\windows\system32\autorun\HowToUse\Images\menu-bk-white.gif
c:\windows\system32\autorun\HowToUse\Images\menu-white.gif
c:\windows\system32\autorun\HowToUse\Images\menu_arrow_dn.gif
c:\windows\system32\autorun\HowToUse\Images\menu_arrow_sm.gif
c:\windows\system32\autorun\HowToUse\Images\orange-light.gif
c:\windows\system32\autorun\HowToUse\Images\orange-light2.gif
c:\windows\system32\autorun\HowToUse\Images\sub-dot-gray.gif
c:\windows\system32\autorun\HowToUse\Images\table-1.jpg
c:\windows\system32\autorun\HowToUse\Images\Table-1B.jpg
c:\windows\system32\autorun\HowToUse\Images\table-2.jpg
c:\windows\system32\autorun\HowToUse\Images\top-bk0.gif
c:\windows\system32\autorun\HowToUse\Images\top-name.gif
c:\windows\system32\autorun\HowToUse\Images\transparent.gif
c:\windows\system32\autorun\HowToUse\Install\2k_NAV.htm
c:\windows\system32\autorun\HowToUse\Install\Howtouse-old.html
c:\windows\system32\autorun\HowToUse\Install\install.html
c:\windows\system32\autorun\HowToUse\Install\left-Install.html
c:\windows\system32\autorun\HowToUse\Install\menu-install.html
c:\windows\system32\autorun\HowToUse\Install\right-install.html
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_80211.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_App.html
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Driver.html
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_inf.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Launch.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2K_List.html
c:\windows\system32\autorun\HowToUse\Install\Win2K\2K_MODEM.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_speedstp.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_TouchPad.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_USB20.htm
c:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Utility.html
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211b.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211bg.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_a80211bg.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_aceroobe.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_am80211bg.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_amdcpu.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_App.html
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Arcade.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Audio.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_bluetooth.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\XP_cardreader.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmaker.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmmc.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Direct.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_DirectX.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Display.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Driver.html
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_easybut.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_eManager.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_ePower.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_FileCD.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_FIR.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Grid.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_inf.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_InviLink.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_lan.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Launch.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_List.html
c:\windows\system32\autorun\HowToUse\Install\WinXP\XP_MODEM.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_NBMgr.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_pcmcia.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_producer.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartap.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartc.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_speedstp.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_SunJVM.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_TouchPad.htm
c:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Utility.html
c:\windows\system32\autorun\CheckFiles.exe
c:\windows\system32\autorun\STRun.exe
c:\windows\Tasks\GlaryInitialize.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#23 Příspěvek od cicerone »

a zde zbytek:

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-20 do 2010-09-20 )))))))))))))))))))))))))))))))
.

2010-09-20 18:07 . 2010-09-20 18:07 -------- d-----w- c:\documents and settings\Pavel\DoctorWeb
2010-09-20 09:38 . 2010-09-20 09:38 -------- d-----w- C:\_OTM
2010-09-02 13:57 . 2010-05-21 10:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2010-09-02 13:57 . 2010-05-21 10:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2010-09-02 13:57 . 2010-09-02 13:57 -------- d-----w- c:\program files\MyDefrag v4.3.1

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-19 09:39 . 2010-05-08 08:28 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-18 09:24 . 2010-08-18 09:24 -------- d-----w- c:\program files\TrueSwitch
2010-08-18 09:23 . 2010-08-18 09:23 -------- d-----w- c:\program files\TrueSwitchEasyTransfer
2010-08-17 13:17 . 2004-08-18 18:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-15 11:00 . 2005-03-07 14:44 88006 ----a-w- c:\windows\system32\perfc005.dat
2010-08-15 11:00 . 2005-03-07 14:44 446728 ----a-w- c:\windows\system32\perfh005.dat
2010-08-07 12:25 . 2010-08-07 12:25 -------- d-----w- c:\program files\Investintech.com Inc
2010-08-07 12:25 . 2010-08-07 12:25 -------- d-----w- c:\program files\Common Files\SlimPDFReader
2010-08-05 11:53 . 2010-08-05 11:53 -------- d-----w- c:\program files\Common Files\soft602
2010-07-30 11:59 . 2010-07-30 11:59 11176 ----a-w- c:\windows\TrueProcess.exe
2010-07-22 15:46 . 2004-08-18 18:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-06-30 12:33 . 2004-08-18 18:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 12:27 . 2010-06-28 12:27 272536 ----a-w- c:\windows\system32\drivers\safetica.sys
2010-06-24 12:27 . 2004-08-18 18:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-18 18:00 1851904 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PlaxoUpdate"="c:\program files\Plaxo\3.23.0.11\PlaxoHelper_en.exe" [2009-10-01 403015]
"PlaxoSysTray"="c:\program files\Plaxo\3.23.0.11\PlaxoSysTray.exe" [2009-10-01 20480]
"FileHippo.com"="d:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"SiSPower"="SiSPower.dll" [2005-02-25 49152]
"LManager"="c:\program files\Launch Manager\QtZgAcer.EXE" [2005-10-12 315392]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024]
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 88363]
"AdslTaskBar"="stmctrl.dll" [2003-12-03 155648]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-07 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-07 688218]
"SiS Windows KeyHook"="c:\windows\system32\keyhook.exe" [2005-03-04 32768]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PCMService"="c:\program files\Arcade\PCMService.exe" [2005-03-09 49152]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"mouseElf"="c:\progra~1\SCROLL~1\MouseElf.EXE" [2004-09-20 196608]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-09 2048352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Utility Tray.lnk - c:\windows\system32\sistray.exe [2005-1-4 331776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 10:15 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe"
"BTCentre"=c:\genius\ioCentre4D\gBTMouseTask.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"WireLessMouse"=c:\program files\12025SC Wireless Combo Set\StartAutorun.exe MouseDrv.exe
"WireLessKeyboard"=c:\program files\12025SC Wireless Combo Set\StartAutorun.exe PS2USBKbdDrv.exe
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\BIN\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\TomTom HOME 2\\xulrunner\\TomTomHOMERuntime.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\SeaMonkey\\seamonkey.exe"=
"c:\\inet_srv\\apache\\bin\\Apache.exe"=
"c:\\inet_srv\\mysql\\bin\\mysqld.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\TomTom HOME 2\\xulrunner\\TomTomHOMERuntime.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [16.6.2009 20:48 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [16.6.2009 20:48 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [16.6.2009 20:48 108552]
R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27.4.2010 17:30 67656]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [25.6.2009 10:55 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [25.6.2009 10:55 297752]
R2 TomTomHOMEService;TomTomHOMEService;d:\program files\TomTom HOME 2\TomTomHOMEService.exe [24.8.2010 11:38 92008]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [5.11.2006 12:28 6656]
R3 Safetica;Safetica Encryption Driver;c:\windows\system32\drivers\safetica.sys [28.6.2010 14:27 272536]
R3 Stmatm;ATM/ADSL miniport;c:\windows\system32\drivers\stmatm.sys [14.6.2006 14:32 60255]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [29.8.2006 12:33 24786]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2010 17:52 136176]
S2 KeyP;KeyP;c:\windows\system32\DRIVERS\KeyP.sys --> c:\windows\system32\DRIVERS\KeyP.sys [?]
S3 TaurusUsb;ADSL Modem USB Service;c:\windows\system32\drivers\torususb.sys [14.6.2006 14:32 549421]
.
Obsah adresáře 'Naplánované úlohy'

2010-09-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 16:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} - hxxp://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37900.cab
FF - ProfilePath - c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dll
FF - component: c:\documents and settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\uz9bie8w.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-20 22:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-467697230-2095831606-1801553527-1005\Software\Hewlett-Packard\HPDJ Printing System Config\HP PSC 1500 series\Quicksets\B*]
"008"=dword:00000000
"009"=dword:00000000
"010"=dword:00000000
"012"=dword:0000292c
"013"=dword:0000288c
"015"=dword:00000000
"017"=dword:0000283c
"021"=dword:00000000
"022"=dword:00000001
"025"=dword:00000000
"026"=dword:00000000
"028"=dword:000028a4
"031"=dword:000028b8
"033"=dword:00000000
"036"=dword:00000001
"038"=dword:00000000
"042"=dword:00000000
"043"=dword:00000000
"046"=dword:00002955
"049"=dword:00002958
"060"=dword:00000001
"061"=dword:00000000
"062"=dword:00000000
"064"=dword:00000001
"065"=dword:00000000
"067"=dword:00000001
"068"=dword:00000001
"069"=dword:00000000
"072"=dword:00000000
"073"=dword:000028dc
"075"=dword:00002778
"078"=dword:0000290b
"080"=dword:00002711
"082"=dword:0000281b
"083"=dword:00000000
"085"=dword:00000000
"086"=dword:00000000
"087"=dword:00000000
"089"=dword:00000000
"090"=dword:00002778
"091"=dword:00000000
"092"=dword:00000064
"093"=dword:00000064
"096"=dword:00003390
"097"=dword:00000000
"099"=dword:0000290b
"100"=dword:00002711
"151"=dword:00000000
"152"=dword:00000001
"153"=dword:00000000
"154"=dword:00000001
"155"=dword:00000000
"156"=dword:00000000
"173"=dword:00000000
"178"=dword:00000000
"182"=dword:00000001
"185"=dword:00000000
"188"=dword:00000000
"192"=dword:0000100c
"193"=dword:00000000
"194"=dword:00000001
"196"=dword:00000000
"197"=dword:00001004
"199"=dword:00000000
"202"=dword:00000000
"203"=dword:00001008
"205"=dword:00000000
"208"=dword:0000100e
"209"=dword:00000000
"210"=dword:00000001
"212"=dword:00000000
"213"=dword:00001010
"215"=dword:00000000
"218"=dword:00000000
"219"=dword:00001014
"221"=dword:00000000
"227"=dword:00003afe
"229"=dword:0000296e
"230"=dword:00000000
"231"=dword:00000000
"238"=dword:00000000
"239"=dword:00000000
"247"=dword:00000000
"251"=dword:00000000
"255"=dword:00000000
"259"=dword:00000000
"263"=dword:00000000
"267"=dword:00000000
"271"=dword:00000000
"293"=dword:00002990
"Watermarks"=hex:00,00,01,01,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
"ID"=dword:4b706f3e
"Order"=dword:00000008
"AllowDelete"=dword:00000001
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(916)
d:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(1056)
c:\program files\Plaxo\3.23.0.11\plx_hook.dll
c:\program files\CyberLink\Shared Files\CLRCEngine.dll
c:\windows\system32\WhoRU.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\acer\eManager\anbmServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\progra~1\AVG\AVG8\avgam.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\Rundll32.exe
c:\windows\AGRSMMSG.exe
c:\windows\system32\rundll32.exe
c:\windows\mHotkey.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\Scroll Mouse\EMouse.exe
c:\windows\system32\wscntfy.exe
c:\program files\Symantec\LiveUpdate\AUpdate.exe
c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-09-20 22:55:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-20 20:55
ComboFix2.txt 2010-09-20 09:05
ComboFix3.txt 2010-09-20 08:43
ComboFix4.txt 2010-09-19 10:50

Před spuštěním: Volných bajtů: 12 536 446 976
Po spuštění: Volných bajtů: 12 365 627 392

- - End Of File - - 2C272FF294E74AEFDED964D7CEBB00D8
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#24 Příspěvek od cicerone »

Po příkazu Odstranit všechny nevyléčené infekce přichází nový výsledek v AVG:

"Test ""Test z průzkumníku"" byl dokončen."
"Infekce";"2";"2";"0"
"Složky vybrané k testování:";"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe;"
"Test zahájen:";"20. září 2010, 18:40:15"
"Test dokončen:";"20. září 2010, 18:40:21 (5 sekund(a))"
"Celkem otestováno objektů:";"2"
"Uživatel:";"Pavel"

"Infekce"
"Soubor";"Infekce";"Výsledek"
"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe";"Trojský kůň BackDoor.Generic13.CLS";"Smazáno"
"C:\WINDOWS\system32\autorun\Book\AcroBat\EN\Setup.exe:\AdbeRdr60enu.exe";"Trojský kůň BackDoor.Generic13.CLS";"Smazáno"


Předpokládám, že budou následovat stejné kroky ke smazání šikovných prográmků jako v předchozí relaci.

Každopádně děkuji za vstřícnost a přeji příjemný baboletní den.
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: "Trojský kůň BackDoor.Generic12.BICR"

#25 Příspěvek od Unlimited_Killer »

Ještě skriptík, smazal jsem totiž složku, kterou jsem nemusel mazat, jelikož ten vir je podle mě falešný poplach AVG. Čili ten soubor či složku přidejte do výjimek AVG a bude klid.

1) Skript do ComboFix-u
  • Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
  • Do něj vkopírujte následující text:

    Kód: Vybrat vše

    DeQuarantine::
C:\Qoobox\Quarantine\C\windows\system32\autorun

Quit::
  • Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
  • Přetáhněte tento soubor nad ComboFix a pusťte ho.
  • I tento soubor, i ComboFix musí být na Ploše!
    Obrázek
  • ComboFix se spustí a vykoná příkazy ze skriptu.
  • Počítač bude pravděpodobně restartován.
  • Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
inactive
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#26 Příspěvek od cicerone »

falešný poplach neumím posoudit, tento Trojan se jmenuje BackDoor.Generic13.CLS

zde je nový log ComboFix:

CheckFiles.exe -> C:\windows\system32\autorun\CheckFiles.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\STRun.exe -> C:\windows\system32\autorun\STRun.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\acer.ico -> C:\windows\system32\autorun\acer.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Autorun.exe -> C:\windows\system32\autorun\Autorun.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\AUTORUN.INF -> C:\windows\system32\autorun\AUTORUN.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\DEST.EXE -> C:\windows\system32\autorun\DEST.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\ScrnSvr\Setup.exe -> C:\windows\system32\autorun\ACER\ScrnSvr\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\A -> C:\windows\system32\autorun\ACER\TOOLS\A
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\Y -> C:\windows\system32\autorun\ACER\TOOLS\Y
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\AcerLang.txt -> C:\windows\system32\autorun\ACER\TOOLS\AcerLang.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\AddLang.bat -> C:\windows\system32\autorun\ACER\TOOLS\AddLang.bat
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\ara.ini -> C:\windows\system32\autorun\ACER\TOOLS\ara.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\ATTRIB.EXE -> C:\windows\system32\autorun\ACER\TOOLS\ATTRIB.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\Biosbsu.exe -> C:\windows\system32\autorun\ACER\TOOLS\Biosbsu.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\CDOPEN.COM -> C:\windows\system32\autorun\ACER\TOOLS\CDOPEN.COM
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\DBIOS.EXE -> C:\windows\system32\autorun\ACER\TOOLS\DBIOS.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\EDITINI.EXE -> C:\windows\system32\autorun\ACER\TOOLS\EDITINI.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\EJECT.EXE -> C:\windows\system32\autorun\ACER\TOOLS\EJECT.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\FORMAT.COM -> C:\windows\system32\autorun\ACER\TOOLS\FORMAT.COM
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\gdisk.exe -> C:\windows\system32\autorun\ACER\TOOLS\gdisk.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\heb.ini -> C:\windows\system32\autorun\ACER\TOOLS\heb.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\CHGBSU.EXE -> C:\windows\system32\autorun\ACER\TOOLS\CHGBSU.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\chkacer.exe -> C:\windows\system32\autorun\ACER\TOOLS\chkacer.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\LaunchRS.ocx -> C:\windows\system32\autorun\ACER\TOOLS\LaunchRS.ocx
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\MOUSE.EXE -> C:\windows\system32\autorun\ACER\TOOLS\MOUSE.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\MOUSEDRV.INI -> C:\windows\system32\autorun\ACER\TOOLS\MOUSEDRV.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\Pkunzip.exe -> C:\windows\system32\autorun\ACER\TOOLS\Pkunzip.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\REBOOT.EXE -> C:\windows\system32\autorun\ACER\TOOLS\REBOOT.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\RegActvX.exe -> C:\windows\system32\autorun\ACER\TOOLS\RegActvX.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\Restore.exe -> C:\windows\system32\autorun\ACER\TOOLS\Restore.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\SHELEXEC.EXE -> C:\windows\system32\autorun\ACER\TOOLS\SHELEXEC.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\SMARTDRV.EXE -> C:\windows\system32\autorun\ACER\TOOLS\SMARTDRV.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\SPAN.BMP -> C:\windows\system32\autorun\ACER\TOOLS\SPAN.BMP
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\STLink.INI -> C:\windows\system32\autorun\ACER\TOOLS\STLink.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\tha.ini -> C:\windows\system32\autorun\ACER\TOOLS\tha.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\XCOPY.EXE -> C:\windows\system32\autorun\ACER\TOOLS\XCOPY.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\XCOPY32.EXE -> C:\windows\system32\autorun\ACER\TOOLS\XCOPY32.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\XCOPY32.MOD -> C:\windows\system32\autorun\ACER\TOOLS\XCOPY32.MOD
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xphara.ini -> C:\windows\system32\autorun\ACER\TOOLS\xphara.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xphheb.ini -> C:\windows\system32\autorun\ACER\TOOLS\xphheb.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xphtha.ini -> C:\windows\system32\autorun\ACER\TOOLS\xphtha.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xppara.ini -> C:\windows\system32\autorun\ACER\TOOLS\xppara.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xppcan.ini -> C:\windows\system32\autorun\ACER\TOOLS\xppcan.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xppheb.ini -> C:\windows\system32\autorun\ACER\TOOLS\xppheb.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\TOOLS\xpptha.ini -> C:\windows\system32\autorun\ACER\TOOLS\xpptha.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\ACER\Wallpapr\Acer.jpg -> C:\windows\system32\autorun\ACER\Wallpapr\Acer.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\AcroBat\EN\Setup.exe -> C:\windows\system32\autorun\Book\AcroBat\EN\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\Modem.pdf -> C:\windows\system32\autorun\Book\Guide\Modem.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\CS\As3000_5000 OLM_Cze_0307.pdf -> C:\windows\system32\autorun\Book\Guide\CS\As3000_5000 OLM_Cze_0307.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\CS\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\CS\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\DA\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\DA\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\DE\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\DE\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\EL\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\EL\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\EN\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\EN\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\ES\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\ES\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\FI\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\FI\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\FR\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\FR\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\HU\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\HU\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\IT\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\IT\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\JA\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\JA\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\NL\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\NL\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\NO\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\NO\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\PL\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\PL\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\PT\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\PT\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\RU\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\RU\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\SC\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\SC\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\SK\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\SK\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\SV\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\SV\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Book\Guide\TC\Guide.pdf -> C:\windows\system32\autorun\Book\Guide\TC\Guide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\ReleaseNotes.html -> C:\windows\system32\autorun\Drivers\802BG\ReleaseNotes.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\Setup.ini -> C:\windows\system32\autorun\Drivers\802BG\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\Setup.iss -> C:\windows\system32\autorun\Drivers\802BG\Setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\AegisE2.dll -> C:\windows\system32\autorun\Drivers\802BG\AegisE2.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\AegisE5.dll -> C:\windows\system32\autorun\Drivers\802BG\AegisE5.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\AegisI2.exe -> C:\windows\system32\autorun\Drivers\802BG\AegisI2.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\AegisI5.exe -> C:\windows\system32\autorun\Drivers\802BG\AegisI5.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcm42rly.vxd -> C:\windows\system32\autorun\Drivers\802BG\bcm42rly.vxd
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcm43xx.cat -> C:\windows\system32\autorun\Drivers\802BG\bcm43xx.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcm43xxa.cat -> C:\windows\system32\autorun\Drivers\802BG\bcm43xxa.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\BCMLogo.gif -> C:\windows\system32\autorun\Drivers\802BG\BCMLogo.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\BCMLogon.dll -> C:\windows\system32\autorun\Drivers\802BG\BCMLogon.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwl5.inf -> C:\windows\system32\autorun\Drivers\802BG\bcmwl5.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwl5.sys -> C:\windows\system32\autorun\Drivers\802BG\bcmwl5.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwl5a.inf -> C:\windows\system32\autorun\Drivers\802BG\bcmwl5a.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlcpl.cpl -> C:\windows\system32\autorun\Drivers\802BG\bcmwlcpl.cpl
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwld2k.exe -> C:\windows\system32\autorun\Drivers\802BG\bcmwld2k.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\BCMWLD9X.EXE -> C:\windows\system32\autorun\Drivers\802BG\BCMWLD9X.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlhlp.chm -> C:\windows\system32\autorun\Drivers\802BG\bcmwlhlp.chm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlhom.exe -> C:\windows\system32\autorun\Drivers\802BG\bcmwlhom.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlhom.ini -> C:\windows\system32\autorun\Drivers\802BG\bcmwlhom.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlntp.sys -> C:\windows\system32\autorun\Drivers\802BG\bcmwlntp.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwltry.exe -> C:\windows\system32\autorun\Drivers\802BG\bcmwltry.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\bcmwlu00.exe -> C:\windows\system32\autorun\Drivers\802BG\bcmwlu00.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\data1.cab -> C:\windows\system32\autorun\Drivers\802BG\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\data1.hdr -> C:\windows\system32\autorun\Drivers\802BG\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\data2.cab -> C:\windows\system32\autorun\Drivers\802BG\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\ikernel.ex_ -> C:\windows\system32\autorun\Drivers\802BG\ikernel.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\is.exe -> C:\windows\system32\autorun\Drivers\802BG\is.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\launcher.ini -> C:\windows\system32\autorun\Drivers\802BG\launcher.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\layout.bin -> C:\windows\system32\autorun\Drivers\802BG\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\mdc.jpg -> C:\windows\system32\autorun\Drivers\802BG\mdc.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\MFC42.DLL -> C:\windows\system32\autorun\Drivers\802BG\MFC42.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\MFC42U.DLL -> C:\windows\system32\autorun\Drivers\802BG\MFC42U.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\MSVCP60.DLL -> C:\windows\system32\autorun\Drivers\802BG\MSVCP60.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\MSVCRT.DLL -> C:\windows\system32\autorun\Drivers\802BG\MSVCRT.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\setup.exe -> C:\windows\system32\autorun\Drivers\802BG\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\setup.inx -> C:\windows\system32\autorun\Drivers\802BG\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\vssver.scc -> C:\windows\system32\autorun\Drivers\802BG\vssver.scc
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\wltray.exe -> C:\windows\system32\autorun\Drivers\802BG\wltray.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\wltrynt.dll -> C:\windows\system32\autorun\Drivers\802BG\wltrynt.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\802BG\wltrysvc.exe -> C:\windows\system32\autorun\Drivers\802BG\wltrysvc.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerEM\setup.exe -> C:\windows\system32\autorun\Drivers\AcerEM\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerEM\setup.iss -> C:\windows\system32\autorun\Drivers\AcerEM\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\GridVistaU.ex_ -> C:\windows\system32\autorun\Drivers\AcerGrid\GridVistaU.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\GridVistaU64.ex_ -> C:\windows\system32\autorun\Drivers\AcerGrid\GridVistaU64.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU64.dll -> C:\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU64.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\Setup.exe -> C:\windows\system32\autorun\Drivers\AcerGrid\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\Setup.inf -> C:\windows\system32\autorun\Drivers\AcerGrid\Setup.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\Setup.XP -> C:\windows\system32\autorun\Drivers\AcerGrid\Setup.XP
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU.dll -> C:\windows\system32\autorun\Drivers\AcerGrid\HkWndMsgU.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\Readme.txt -> C:\windows\system32\autorun\Drivers\AcerGrid\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\SetupDev.dll -> C:\windows\system32\autorun\Drivers\AcerGrid\SetupDev.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\UNINST32.EX_ -> C:\windows\system32\autorun\Drivers\AcerGrid\UNINST32.EX_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\AcerGrid\WndHook.cfg -> C:\windows\system32\autorun\Drivers\AcerGrid\WndHook.cfg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\Setup.exe -> C:\windows\system32\autorun\Drivers\ARCADE\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\Setup.ini -> C:\windows\system32\autorun\Drivers\ARCADE\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\Setup.iss -> C:\windows\system32\autorun\Drivers\ARCADE\Setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\Custom.ini -> C:\windows\system32\autorun\Drivers\ARCADE\Custom.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\data1.cab -> C:\windows\system32\autorun\Drivers\ARCADE\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\data1.hdr -> C:\windows\system32\autorun\Drivers\ARCADE\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\data2.cab -> C:\windows\system32\autorun\Drivers\ARCADE\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\ikernel.ex_ -> C:\windows\system32\autorun\Drivers\ARCADE\ikernel.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\info.ini -> C:\windows\system32\autorun\Drivers\ARCADE\info.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\layout.bin -> C:\windows\system32\autorun\Drivers\ARCADE\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\PCinema.reg -> C:\windows\system32\autorun\Drivers\ARCADE\PCinema.reg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\setup.inx -> C:\windows\system32\autorun\Drivers\ARCADE\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\ARCADE\ureg.ini -> C:\windows\system32\autorun\Drivers\ARCADE\ureg.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\ChCfg.exe -> C:\windows\system32\autorun\Drivers\Audio\ChCfg.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Setup.exe -> C:\windows\system32\autorun\Drivers\Audio\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Setup.ini -> C:\windows\system32\autorun\Drivers\Audio\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\alcchkid.exe -> C:\windows\system32\autorun\Drivers\Audio\alcchkid.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\alcrmv.exe -> C:\windows\system32\autorun\Drivers\Audio\alcrmv.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\alcrmv64.exe -> C:\windows\system32\autorun\Drivers\Audio\alcrmv64.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\alcrmv9x.exe -> C:\windows\system32\autorun\Drivers\Audio\alcrmv9x.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\alcupd.exe -> C:\windows\system32\autorun\Drivers\Audio\alcupd.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\AlcUpd64.exe -> C:\windows\system32\autorun\Drivers\Audio\AlcUpd64.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\ALCXDEV.EXE -> C:\windows\system32\autorun\Drivers\Audio\ALCXDEV.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\data1.cab -> C:\windows\system32\autorun\Drivers\Audio\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\data1.hdr -> C:\windows\system32\autorun\Drivers\Audio\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\data2.cab -> C:\windows\system32\autorun\Drivers\Audio\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\GETDXVER.EXE -> C:\windows\system32\autorun\Drivers\Audio\GETDXVER.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\ikernel.ex_ -> C:\windows\system32\autorun\Drivers\Audio\ikernel.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\layout.bin -> C:\windows\system32\autorun\Drivers\Audio\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\README.TXT -> C:\windows\system32\autorun\Drivers\Audio\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\RtlExUpd.dll -> C:\windows\system32\autorun\Drivers\Audio\RtlExUpd.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\SetCDfmt.exe -> C:\windows\system32\autorun\Drivers\Audio\SetCDfmt.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\setup.inx -> C:\windows\system32\autorun\Drivers\Audio\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\SETUP.ISS -> C:\windows\system32\autorun\Drivers\Audio\SETUP.ISS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\SetupEx.ini -> C:\windows\system32\autorun\Drivers\Audio\SetupEx.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\SOUNDMAN.ICO -> C:\windows\system32\autorun\Drivers\Audio\SOUNDMAN.ICO
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Cool.bmp -> C:\windows\system32\autorun\Drivers\Audio\Ap\Cool.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Grass.bmp -> C:\windows\system32\autorun\Drivers\Audio\Ap\Grass.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Mpstd.exe -> C:\windows\system32\autorun\Drivers\Audio\Ap\Mpstd.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\AVRACK.INI -> C:\windows\system32\autorun\Drivers\Audio\Ap\AVRACK.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\AvRack2.exe -> C:\windows\system32\autorun\Drivers\Audio\Ap\AvRack2.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Classic.dll -> C:\windows\system32\autorun\Drivers\Audio\Ap\Classic.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\GrayScale.bmp -> C:\windows\system32\autorun\Drivers\Audio\Ap\GrayScale.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Magenta.bmp -> C:\windows\system32\autorun\Drivers\Audio\Ap\Magenta.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\MPIE4STD.EXE -> C:\windows\system32\autorun\Drivers\Audio\Ap\MPIE4STD.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\RtlRack.exe -> C:\windows\system32\autorun\Drivers\Audio\Ap\RtlRack.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Ap\Wooden.bmp -> C:\windows\system32\autorun\Drivers\Audio\Ap\Wooden.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\config\alcxinit.dat -> C:\windows\system32\autorun\Drivers\Audio\config\alcxinit.dat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.cat -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\ALCXWDM.SYS -> C:\windows\system32\autorun\Drivers\Audio\WDM\ALCXWDM.SYS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm0.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm0.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm1.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm1.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm10.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm10.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm11.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm11.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm12.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm12.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm13.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm13.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm14.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm14.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm15.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm15.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm16.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm16.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm17.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm17.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm18.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm18.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm19.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm19.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm2.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm2.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm20.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm20.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm21.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm21.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm22.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm22.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm23.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm23.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm24.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm24.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm3.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm3.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm4.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm4.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm5.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm5.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm6.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm6.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm7.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm7.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm8.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm9.inf -> C:\windows\system32\autorun\Drivers\Audio\WDM\Alcxwdm9.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\ALSndMgr.cpl -> C:\windows\system32\autorun\Drivers\Audio\WDM\ALSndMgr.cpl
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\ALSNDMGR.WAV -> C:\windows\system32\autorun\Drivers\Audio\WDM\ALSNDMGR.WAV
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\RtlCPAPI.dll -> C:\windows\system32\autorun\Drivers\Audio\WDM\RtlCPAPI.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\RTLCPL.EXE -> C:\windows\system32\autorun\Drivers\Audio\WDM\RTLCPL.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WDM\SoundMan.exe -> C:\windows\system32\autorun\Drivers\Audio\WDM\SoundMan.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.DRV -> C:\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.DRV
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.INI -> C:\windows\system32\autorun\Drivers\Audio\Win95\ALCX95.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT.DRV -> C:\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT.DRV
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT16.DLL -> C:\windows\system32\autorun\Drivers\Audio\Win95\ALSWWT16.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.DAT -> C:\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.DAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.TON -> C:\windows\system32\autorun\Drivers\Audio\Win95\SWWTAC97.TON
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.INF -> C:\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.VXD -> C:\windows\system32\autorun\Drivers\Audio\Win95\VALCX95.VXD
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.DLL -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.SYS -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\ALCXNT.SYS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.DAT -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.DAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.dll -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.sys -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\Alswwtnt.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.TON -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\ALSWWTNT.TON
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\MMDRV.DLL -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\MMDRV.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\Oemsetup.inf -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\Oemsetup.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Audio\WinNT4\SoundMan.exe -> C:\windows\system32\autorun\Drivers\Audio\WinNT4\SoundMan.exe
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#27 Příspěvek od cicerone »

Drivers\BTW\Data1.cab -> C:\windows\system32\autorun\Drivers\BTW\Data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\Inst.exe -> C:\windows\system32\autorun\Drivers\BTW\Inst.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\Setup.ini -> C:\windows\system32\autorun\Drivers\BTW\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0404.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0404.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0406.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0406.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0407.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0407.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0409.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0409.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x040a.ini -> C:\windows\system32\autorun\Drivers\BTW\0x040a.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x040b.ini -> C:\windows\system32\autorun\Drivers\BTW\0x040b.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x040c.ini -> C:\windows\system32\autorun\Drivers\BTW\0x040c.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0410.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0410.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0411.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0411.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0412.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0412.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0413.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0413.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0414.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0414.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0415.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0415.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0416.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0416.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0419.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0419.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x041d.ini -> C:\windows\system32\autorun\Drivers\BTW\0x041d.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\0x0804.ini -> C:\windows\system32\autorun\Drivers\BTW\0x0804.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1028.mst -> C:\windows\system32\autorun\Drivers\BTW\1028.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1030.mst -> C:\windows\system32\autorun\Drivers\BTW\1030.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1031.mst -> C:\windows\system32\autorun\Drivers\BTW\1031.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1033.mst -> C:\windows\system32\autorun\Drivers\BTW\1033.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1034.mst -> C:\windows\system32\autorun\Drivers\BTW\1034.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1035.mst -> C:\windows\system32\autorun\Drivers\BTW\1035.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1036.mst -> C:\windows\system32\autorun\Drivers\BTW\1036.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1040.mst -> C:\windows\system32\autorun\Drivers\BTW\1040.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1041.mst -> C:\windows\system32\autorun\Drivers\BTW\1041.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1042.mst -> C:\windows\system32\autorun\Drivers\BTW\1042.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1043.mst -> C:\windows\system32\autorun\Drivers\BTW\1043.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1044.mst -> C:\windows\system32\autorun\Drivers\BTW\1044.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1045.mst -> C:\windows\system32\autorun\Drivers\BTW\1045.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1046.mst -> C:\windows\system32\autorun\Drivers\BTW\1046.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1049.mst -> C:\windows\system32\autorun\Drivers\BTW\1049.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\1053.mst -> C:\windows\system32\autorun\Drivers\BTW\1053.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\2052.mst -> C:\windows\system32\autorun\Drivers\BTW\2052.mst
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\Autorun.inf -> C:\windows\system32\autorun\Drivers\BTW\Autorun.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\BBalloon.dll -> C:\windows\system32\autorun\Drivers\BTW\BBalloon.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\BtSetup.dll -> C:\windows\system32\autorun\Drivers\BTW\BtSetup.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btw.ico -> C:\windows\system32\autorun\Drivers\BTW\btw.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\BTW.msi -> C:\windows\system32\autorun\Drivers\BTW\BTW.msi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btw_ci.dll -> C:\windows\system32\autorun\Drivers\BTW\btw_ci.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btwusb.cat -> C:\windows\system32\autorun\Drivers\BTW\btwusb.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btwusb.inf -> C:\windows\system32\autorun\Drivers\BTW\btwusb.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btwusb.sys -> C:\windows\system32\autorun\Drivers\BTW\btwusb.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\btwusb9x.inf -> C:\windows\system32\autorun\Drivers\BTW\btwusb9x.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomBr.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomBr.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomCs.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomCs.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomCt.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomCt.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomDa.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomDa.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomDu.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomDu.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomEn.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomEn.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomFi.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomFi.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomFr.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomFr.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomGr.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomGr.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomIt.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomIt.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomJp.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomJp.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomKo.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomKo.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomNo.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomNo.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomPo.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomPo.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomRu.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomRu.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomSp.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomSp.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\CustomSw.ctm -> C:\windows\system32\autorun\Drivers\BTW\CustomSw.ctm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\frmupgr.sys -> C:\windows\system32\autorun\Drivers\BTW\frmupgr.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\instmsia.exe -> C:\windows\system32\autorun\Drivers\BTW\instmsia.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\instmsiw.exe -> C:\windows\system32\autorun\Drivers\BTW\instmsiw.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\license.dat -> C:\windows\system32\autorun\Drivers\BTW\license.dat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\MSVCP60.DLL -> C:\windows\system32\autorun\Drivers\BTW\MSVCP60.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\setup.exe -> C:\windows\system32\autorun\Drivers\BTW\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\setup2k.iss -> C:\windows\system32\autorun\Drivers\BTW\setup2k.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\setupXp.iss -> C:\windows\system32\autorun\Drivers\BTW\setupXp.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\Spylite.exe -> C:\windows\system32\autorun\Drivers\BTW\Spylite.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\UsrGuide.pdf -> C:\windows\system32\autorun\Drivers\BTW\UsrGuide.pdf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\BTW\svcpack\SvcPack.ini -> C:\windows\system32\autorun\Drivers\BTW\svcpack\SvcPack.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BurnRights.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\BurnRights.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\CDDVD-MAKER_TITLE.jpg -> C:\windows\system32\autorun\Drivers\CDMAKER\CDDVD-MAKER_TITLE.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\Data1.cab -> C:\windows\system32\autorun\Drivers\CDMAKER\Data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\NTI CD & DVD-Maker.msi -> C:\windows\system32\autorun\Drivers\CDMAKER\NTI CD & DVD-Maker.msi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\addfilter.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\addfilter.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\CDMaker.ver -> C:\windows\system32\autorun\Drivers\CDMAKER\CDMaker.ver
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\CDMKR32.INI -> C:\windows\system32\autorun\Drivers\CDMAKER\CDMKR32.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\Cdrw32.bdb -> C:\windows\system32\autorun\Drivers\CDMAKER\Cdrw32.bdb
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\htvcdsvcd.ax -> C:\windows\system32\autorun\Drivers\CDMAKER\htvcdsvcd.ax
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\logo_oem.jpg -> C:\windows\system32\autorun\Drivers\CDMAKER\logo_oem.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\NtiAspi.dll -> C:\windows\system32\autorun\Drivers\CDMAKER\NtiAspi.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\Readme.txt -> C:\windows\system32\autorun\Drivers\CDMAKER\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\setup.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\setup.iss -> C:\windows\system32\autorun\Drivers\CDMAKER\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\setup.log -> C:\windows\system32\autorun\Drivers\CDMAKER\setup.log
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\splash01.bmp -> C:\windows\system32\autorun\Drivers\CDMAKER\splash01.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\UPGRADE.htm -> C:\windows\system32\autorun\Drivers\CDMAKER\UPGRADE.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\WMDMDist.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\WMDMDist.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\WMFADist.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\WMFADist.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\WMFDist.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\WMFDist.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\Data1.cab -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\Data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\NTI Backup NOW! 4.msi -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\NTI Backup NOW! 4.msi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\Setup.BJF -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\Setup.BJF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\bunsplash.bmp -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\bunsplash.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\CDBAK32.INI -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\CDBAK32.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\Cdrw32.bdb -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\Cdrw32.bdb
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\NtiAspi.dll -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\NtiAspi.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\Readme.txt -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.exe -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.iss -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.log -> C:\windows\system32\autorun\Drivers\CDMAKER\BUN\setup.log
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\readme.rtf -> C:\windows\system32\autorun\Drivers\CPU\readme.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Arabic\license_ara.rtf -> C:\windows\system32\autorun\Drivers\CPU\Arabic\license_ara.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Brazilian_Portugese\license_bp.rtf -> C:\windows\system32\autorun\Drivers\CPU\Brazilian_Portugese\license_bp.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Czech\license_csy.rtf -> C:\windows\system32\autorun\Drivers\CPU\Czech\license_csy.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Danish\license_dan.rtf -> C:\windows\system32\autorun\Drivers\CPU\Danish\license_dan.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Dutch\license_dt.rtf -> C:\windows\system32\autorun\Drivers\CPU\Dutch\license_dt.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\English\license_en.rtf -> C:\windows\system32\autorun\Drivers\CPU\English\license_en.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Finnish\license_fin.rtf -> C:\windows\system32\autorun\Drivers\CPU\Finnish\license_fin.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\French\license_fr.rtf -> C:\windows\system32\autorun\Drivers\CPU\French\license_fr.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\French_Canadian\license_fc.rtf -> C:\windows\system32\autorun\Drivers\CPU\French_Canadian\license_fc.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\German\license_ger.rtf -> C:\windows\system32\autorun\Drivers\CPU\German\license_ger.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Greek\license_ell.rtf -> C:\windows\system32\autorun\Drivers\CPU\Greek\license_ell.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Hebrew\license_heb.rtf -> C:\windows\system32\autorun\Drivers\CPU\Hebrew\license_heb.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Hungarian\license_hun.rtf -> C:\windows\system32\autorun\Drivers\CPU\Hungarian\license_hun.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Iberian_Portugese\license_ptg.rtf -> C:\windows\system32\autorun\Drivers\CPU\Iberian_Portugese\license_ptg.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Italian\license_it.rtf -> C:\windows\system32\autorun\Drivers\CPU\Italian\license_it.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Japanese\license_jp.rtf -> C:\windows\system32\autorun\Drivers\CPU\Japanese\license_jp.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Korean\license_kor.rtf -> C:\windows\system32\autorun\Drivers\CPU\Korean\license_kor.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Norwegian\license_nw.rtf -> C:\windows\system32\autorun\Drivers\CPU\Norwegian\license_nw.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Polish\license_plk.rtf -> C:\windows\system32\autorun\Drivers\CPU\Polish\license_plk.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Russian\license_rus.rtf -> C:\windows\system32\autorun\Drivers\CPU\Russian\license_rus.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Simplified_Chinese\license_sch.rtf -> C:\windows\system32\autorun\Drivers\CPU\Simplified_Chinese\license_sch.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Spanish\license_esp.rtf -> C:\windows\system32\autorun\Drivers\CPU\Spanish\license_esp.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Swedish\license_sw.rtf -> C:\windows\system32\autorun\Drivers\CPU\Swedish\license_sw.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Traditional_Chinese\license_cht.rtf -> C:\windows\system32\autorun\Drivers\CPU\Traditional_Chinese\license_cht.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\Turkish\license_trk.rtf -> C:\windows\system32\autorun\Drivers\CPU\Turkish\license_trk.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Arabic\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Arabic\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Arabic\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Brazilian\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Brazilian\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Czech\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Czech\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Czech\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Danish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Danish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Danish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Dutch\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Dutch\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Dutch\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\English\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\English\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\English\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Finnish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Finnish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Finnish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\French\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\French\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\French\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\German\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\German\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\German\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Greek\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Greek\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Greek\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hebrew\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Hebrew\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hungarian\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Hungarian\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Simplified)\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Chinese (Traditional)\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Italian\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Italian\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Italian\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Japanese\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Japanese\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Japanese\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Korean\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Korean\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Korean\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Norwegian\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Norwegian\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Polish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Polish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Polish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Portuguese\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Portuguese\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Russian\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Russian\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Russian\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Spanish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Spanish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Spanish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Swedish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Swedish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Swedish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Turkish\AmdK8.cat -> C:\windows\system32\autorun\Drivers\CPU\XP\Turkish\AmdK8.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.inf -> C:\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.sys -> C:\windows\system32\autorun\Drivers\CPU\XP\Turkish\amdk8.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\data1.cab -> C:\windows\system32\autorun\Drivers\Lan\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\data1.hdr -> C:\windows\system32\autorun\Drivers\Lan\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\data2.cab -> C:\windows\system32\autorun\Drivers\Lan\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\DIAG.EXE -> C:\windows\system32\autorun\Drivers\Lan\DIAG.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\DIAG.TXT -> C:\windows\system32\autorun\Drivers\Lan\DIAG.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\engine32.cab -> C:\windows\system32\autorun\Drivers\Lan\engine32.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\inf2cat.exe -> C:\windows\system32\autorun\Drivers\Lan\inf2cat.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\inst2000.dll -> C:\windows\system32\autorun\Drivers\Lan\inst2000.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\IPDETECT.EXE -> C:\windows\system32\autorun\Drivers\Lan\IPDETECT.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\layout.bin -> C:\windows\system32\autorun\Drivers\Lan\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\refresh.exe -> C:\windows\system32\autorun\Drivers\Lan\refresh.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Remove.exe -> C:\windows\system32\autorun\Drivers\Lan\Remove.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\setup.boot -> C:\windows\system32\autorun\Drivers\Lan\setup.boot
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\setup.exe -> C:\windows\system32\autorun\Drivers\Lan\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\setup.ini -> C:\windows\system32\autorun\Drivers\Lan\setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\setup.inx -> C:\windows\system32\autorun\Drivers\Lan\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\setup.iss -> C:\windows\system32\autorun\Drivers\Lan\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SETUP.TXT -> C:\windows\system32\autorun\Drivers\Lan\SETUP.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\DOSBB.cnf -> C:\windows\system32\autorun\Drivers\Lan\BootRom\DOSBB.cnf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\NETWARE.TXT -> C:\windows\system32\autorun\Drivers\Lan\BootRom\NETWARE.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PROTOCOL.INI -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PROTOCOL.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\WINNT.TXT -> C:\windows\system32\autorun\Drivers\Lan\BootRom\WINNT.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\DOSBB.CNF -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\DOSBB.CNF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\Netsis.inf -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\Netsis.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\PROTOCOL.INI -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\PROTOCOL.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\sis900.dos -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\sis900.dos
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\W95BB.CNF -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\driver\W95BB.CNF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\AUTOEXEC.BAT -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\AUTOEXEC.BAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\CONFIG.SYS -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\CONFIG.SYS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\PROTOCOL.INI -> C:\windows\system32\autorun\Drivers\Lan\BootRom\boot95\SUBOOT\PROTOCOL.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\NDIS2drv\sis900.dos -> C:\windows\system32\autorun\Drivers\Lan\BootRom\NDIS2drv\sis900.dos
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.18 -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.18
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.19 -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.19
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.bev -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\PXE_m.bev
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\readme.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\relnote.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\relnote.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXE\RIS.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXE\RIS.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.18 -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.18
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.19 -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\PXERPL.19
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\Readme.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\RIS.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\PXERPL\RIS.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\RPL\RBOOT.ROM -> C:\windows\system32\autorun\Drivers\Lan\BootRom\RPL\RBOOT.ROM
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\BootRom\RPL\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Lan\BootRom\RPL\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\Readme.txt -> C:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\PROTOCOL.INI -> C:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\PROTOCOL.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\sis900.dos -> C:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\Ethernet\SIS900\sis900.dos
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\NIF\SIS900.nif -> C:\windows\system32\autorun\Drivers\Lan\MSLANMAN.DOS\DRIVERS\NIF\SIS900.nif
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Ndis2\dos\OEMSETUP.INF -> C:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\OEMSETUP.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Ndis2\dos\PROTOCOL.INI -> C:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\PROTOCOL.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Ndis2\dos\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Ndis2\dos\SIS900.DOS -> C:\windows\system32\autorun\Drivers\Lan\Ndis2\dos\SIS900.DOS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\NT40\OEMSETUP.INF -> C:\windows\system32\autorun\Drivers\Lan\NT40\OEMSETUP.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\NT40\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\NT40\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.HLP -> C:\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.HLP
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\NT40\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\nwclient\NET.CFG -> C:\windows\system32\autorun\Drivers\Lan\nwclient\NET.CFG
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\nwclient\readme.txt -> C:\windows\system32\autorun\Drivers\Lan\nwclient\readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\nwclient\SIS900.COM -> C:\windows\system32\autorun\Drivers\Lan\nwclient\SIS900.COM
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\nwclient\sis900.ins -> C:\windows\system32\autorun\Drivers\Lan\nwclient\sis900.ins
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\ETHERTSM.NLM -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\ETHERTSM.NLM
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\MSM.NLM -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\MSM.NLM
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\NBI.NLM -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\NBI.NLM
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.lan -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.lan
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.ldi -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.41x\sis900.ldi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.42\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.42\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.lan -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.lan
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.ldi -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.42\sis900.ldi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.5x\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.lan -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.lan
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.ldi -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.5x\sis900.ldi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.60\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.60\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.lan -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.lan
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.ldi -> C:\windows\system32\autorun\Drivers\Lan\Nwserver.60\sis900.ldi
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\pktdrv\readme.TXT -> C:\windows\system32\autorun\Drivers\Lan\pktdrv\readme.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\pktdrv\SIS900.EXE -> C:\windows\system32\autorun\Drivers\Lan\pktdrv\SIS900.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\sisfile\INST2000.DLL -> C:\windows\system32\autorun\Drivers\Lan\sisfile\INST2000.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\0404.lng -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\0404.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\040c.lng -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\040c.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\0411.lng -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\0411.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\oemnic.cat -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\oemnic.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\SISNIC2K.sys -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\SISNIC2K.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\SISNICXP.sys -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\SISNICXP.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\SRV2003\uninst.exe -> C:\windows\system32\autorun\Drivers\Lan\SRV2003\uninst.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WFW311\OEMSETUP.INF -> C:\windows\system32\autorun\Drivers\Lan\WFW311\OEMSETUP.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WFW311\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WFW311\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WFW311\SISNIC.386 -> C:\windows\system32\autorun\Drivers\Lan\WFW311\SISNIC.386
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\0404.lng -> C:\windows\system32\autorun\Drivers\Lan\Win2000\0404.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\040c.lng -> C:\windows\system32\autorun\Drivers\Lan\Win2000\040c.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\0411.lng -> C:\windows\system32\autorun\Drivers\Lan\Win2000\0411.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\Win2000\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\oemnic.cat -> C:\windows\system32\autorun\Drivers\Lan\Win2000\oemnic.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\Win2000\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\SISNIC2K.sys -> C:\windows\system32\autorun\Drivers\Lan\Win2000\SISNIC2K.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\SISNICXP.sys -> C:\windows\system32\autorun\Drivers\Lan\Win2000\SISNICXP.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\Win2000\uninst.exe -> C:\windows\system32\autorun\Drivers\Lan\Win2000\uninst.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95.SR2\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95.SR2\OEMNIC.CAT -> C:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\OEMNIC.CAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95.SR2\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95.SR2\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95.SR2\UNINST.EXE -> C:\windows\system32\autorun\Drivers\Lan\WIN95.SR2\UNINST.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\WIN95\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95\OEMNIC.CAT -> C:\windows\system32\autorun\Drivers\Lan\WIN95\OEMNIC.CAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WIN95\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\WIN95\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN95\UNINST.EXE -> C:\windows\system32\autorun\Drivers\Lan\WIN95\UNINST.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN98\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\WIN98\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN98\OEMNIC.CAT -> C:\windows\system32\autorun\Drivers\Lan\WIN98\OEMNIC.CAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN98\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WIN98\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN98\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\WIN98\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WIN98\UNINST.EXE -> C:\windows\system32\autorun\Drivers\Lan\WIN98\UNINST.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WINME\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\WINME\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WINME\OEMNIC.CAT -> C:\windows\system32\autorun\Drivers\Lan\WINME\OEMNIC.CAT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WINME\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WINME\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WINME\SISNIC.sys -> C:\windows\system32\autorun\Drivers\Lan\WINME\SISNIC.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WINME\UNINST.EXE -> C:\windows\system32\autorun\Drivers\Lan\WINME\UNINST.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\0404.lng -> C:\windows\system32\autorun\Drivers\Lan\WinXP\0404.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\040c.lng -> C:\windows\system32\autorun\Drivers\Lan\WinXP\040c.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\0411.lng -> C:\windows\system32\autorun\Drivers\Lan\WinXP\0411.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\NETOEM.INF -> C:\windows\system32\autorun\Drivers\Lan\WinXP\NETOEM.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\oemnic.cat -> C:\windows\system32\autorun\Drivers\Lan\WinXP\oemnic.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\README.TXT -> C:\windows\system32\autorun\Drivers\Lan\WinXP\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\SISNIC2K.sys -> C:\windows\system32\autorun\Drivers\Lan\WinXP\SISNIC2K.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\SISNICXP.sys -> C:\windows\system32\autorun\Drivers\Lan\WinXP\SISNICXP.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Lan\WinXP\uninst.exe -> C:\windows\system32\autorun\Drivers\Lan\WinXP\uninst.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.EXE.manifest -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.EXE.manifest
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.exe -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.inf -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Setup.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\CDROMUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\CDROMUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\COMFNUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\COMFNUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.INI -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\DELPREVV.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\DialCnt.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\DialCnt.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\DIALCTRL.EXE -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\DIALCTRL.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\DKbFltr.sys -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\DKbFltr.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\EXECBAT.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\EXECBAT.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\FiltrCoI.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\FiltrCoI.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.cfg -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.cfg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\InstCat.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\LGKCUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\LGKCUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MIXERUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MIXERUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMDUtl.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMDUtl.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMKEYBD.CFG -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMKEYBD.CFG
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\QtBtLib.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtBtLib.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.cat -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.exe -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.INF -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\QtZgAcer.INF
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Readme.txt -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Readme.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\RGNMAKER.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\RGNMAKER.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\RMDEVICE.EXE -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\RMDEVICE.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\SetupDev.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\SetupDev.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\SETUPDEV.INI -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\SETUPDEV.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\SisVGA.dll -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\SisVGA.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\SZUPFUTL.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\SZUPFUTL.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\UNINST32.EXE -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\UNINST32.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\WND2FILE.DLL -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\WND2FILE.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Dut.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Dut.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Fre.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Fre.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ger.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ger.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ita.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Ita.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Jap.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Jap.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Kor.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Kor.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Por.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Por.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Sch.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Sch.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Spa.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Spa.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Tch.htm -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Help\Help_Tch.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Dut -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Dut
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Eng -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Eng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Fre -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Fre
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ger -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ger
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ita -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Ita
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Jap -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Jap
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Kor -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Kor
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Por -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Por
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Sch -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Sch
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Spa -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Spa
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Tch -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\INFs\Setup.Tch
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\CRT.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\CRT.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\DVI.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\DVI.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\LCD.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\LCD.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-CRT.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-CRT.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-DVI.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-DVI.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-TV.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB-TV.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\NB.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\TV.png -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\MMRes\TV.png
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\MUTE.BMP -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\MUTE.BMP
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\UNMUTE.BMP -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\OSDRC\UNMUTE.BMP
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\LaunchM\WinXP\Panel\LManager.ICO -> C:\windows\system32\autorun\Drivers\LaunchM\WinXP\Panel\LManager.ICO
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic12.BICR"

#28 Příspěvek od cicerone »

Drivers\MODEM\AGRMDwxp.cat -> C:\windows\system32\autorun\Drivers\MODEM\AGRMDwxp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGRMDwxp.inf -> C:\windows\system32\autorun\Drivers\MODEM\AGRMDwxp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGRSM.sys -> C:\windows\system32\autorun\Drivers\MODEM\AGRSM.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\agrsmdel.exe -> C:\windows\system32\autorun\Drivers\MODEM\agrsmdel.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGRSMhom.exe -> C:\windows\system32\autorun\Drivers\MODEM\AGRSMhom.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGRSMhom.ini -> C:\windows\system32\autorun\Drivers\MODEM\AGRSMhom.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGRSMMsg.exe -> C:\windows\system32\autorun\Drivers\MODEM\AGRSMMsg.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\AGSETUP.INI -> C:\windows\system32\autorun\Drivers\MODEM\AGSETUP.INI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\agsetup1.dll -> C:\windows\system32\autorun\Drivers\MODEM\agsetup1.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\agsetup2.dll -> C:\windows\system32\autorun\Drivers\MODEM\agsetup2.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\agsetup3.EXE -> C:\windows\system32\autorun\Drivers\MODEM\agsetup3.EXE
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\MODEM\setup.exe -> C:\windows\system32\autorun\Drivers\MODEM\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\HardwarePlugIn.reg -> C:\windows\system32\autorun\Drivers\Producer\HardwarePlugIn.reg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Order.url -> C:\windows\system32\autorun\Drivers\Producer\Order.url
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Setup.exe -> C:\windows\system32\autorun\Drivers\Producer\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Setup.ini -> C:\windows\system32\autorun\Drivers\Producer\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Autorun.inf -> C:\windows\system32\autorun\Drivers\Producer\Autorun.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Custom.ini -> C:\windows\system32\autorun\Drivers\Producer\Custom.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\data1.cab -> C:\windows\system32\autorun\Drivers\Producer\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\data1.hdr -> C:\windows\system32\autorun\Drivers\Producer\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\data2.cab -> C:\windows\system32\autorun\Drivers\Producer\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\default.reg -> C:\windows\system32\autorun\Drivers\Producer\default.reg
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\ikernel.ex_ -> C:\windows\system32\autorun\Drivers\Producer\ikernel.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\info.ini -> C:\windows\system32\autorun\Drivers\Producer\info.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\layout.bin -> C:\windows\system32\autorun\Drivers\Producer\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\pfc.sys -> C:\windows\system32\autorun\Drivers\Producer\pfc.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\pfc.vxd -> C:\windows\system32\autorun\Drivers\Producer\pfc.vxd
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Producer.ico -> C:\windows\system32\autorun\Drivers\Producer\Producer.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\setup.inx -> C:\windows\system32\autorun\Drivers\Producer\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\setup.iss -> C:\windows\system32\autorun\Drivers\Producer\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\ureg.ini -> C:\windows\system32\autorun\Drivers\Producer\ureg.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\WMFDist.exe -> C:\windows\system32\autorun\Drivers\Producer\WMFDist.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\wnaspi32.dll -> C:\windows\system32\autorun\Drivers\Producer\wnaspi32.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_deu.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_deu.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_enu.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_enu.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_esp.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_esp.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_fra.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_fra.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_chs.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_chs.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_Cht.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_Cht.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_ita.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_ita.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_jpn.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_jpn.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_kor.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_kor.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Read_ptg.htm -> C:\windows\system32\autorun\Drivers\Producer\Readme\Read_ptg.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Readme1.gif -> C:\windows\system32\autorun\Drivers\Producer\Readme\Readme1.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Producer\Readme\Readme2.gif -> C:\windows\system32\autorun\Drivers\Producer\Readme\Readme2.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\DriverLanguageMap.xml -> C:\windows\system32\autorun\Drivers\Touchpad\DriverLanguageMap.xml
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\Setup.exe -> C:\windows\system32\autorun\Drivers\Touchpad\Setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\Setup.ini -> C:\windows\system32\autorun\Drivers\Touchpad\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynPD.inf -> C:\windows\system32\autorun\Drivers\Touchpad\SynPD.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTP.cat -> C:\windows\system32\autorun\Drivers\Touchpad\SynTP.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTP.ini -> C:\windows\system32\autorun\Drivers\Touchpad\SynTP.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTP.sys -> C:\windows\system32\autorun\Drivers\Touchpad\SynTP.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\data1.cab -> C:\windows\system32\autorun\Drivers\Touchpad\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\data1.hdr -> C:\windows\system32\autorun\Drivers\Touchpad\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\data2.cab -> C:\windows\system32\autorun\Drivers\Touchpad\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\ikernel.ex_ -> C:\windows\system32\autorun\Drivers\Touchpad\ikernel.ex_
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\InstNT.exe -> C:\windows\system32\autorun\Drivers\Touchpad\InstNT.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\layout.bin -> C:\windows\system32\autorun\Drivers\Touchpad\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\setup.inx -> C:\windows\system32\autorun\Drivers\Touchpad\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\setup.iss -> C:\windows\system32\autorun\Drivers\Touchpad\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynCntxt.rtf -> C:\windows\system32\autorun\Drivers\Touchpad\SynCntxt.rtf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynCom.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynCom.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynCtrl.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynCtrl.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynHid.inf -> C:\windows\system32\autorun\Drivers\Touchpad\SynHid.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynISDLL.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynISDLL.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynMood.exe -> C:\windows\system32\autorun\Drivers\Touchpad\SynMood.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPAPI.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPAPI.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPCo2.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPCo2.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPCOM.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPCOM.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPCpl.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPCpl.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.exe -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.ini -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPEnh.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPFcs.dll -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPFcs.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynTPLpr.exe -> C:\windows\system32\autorun\Drivers\Touchpad\SynTPLpr.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynUnst.ini -> C:\windows\system32\autorun\Drivers\Touchpad\SynUnst.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SynZMetr.exe -> C:\windows\system32\autorun\Drivers\Touchpad\SynZMetr.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\Tutorial.exe -> C:\windows\system32\autorun\Drivers\Touchpad\Tutorial.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\BP\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\BP\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\DK\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\DK\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\FI\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\FI\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\FR\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\FR\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\GR\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\GR\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\IT\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\IT\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\JP\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\JP\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\KR\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\KR\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\LS\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\LS\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\NL\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\NL\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\NO\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\NO\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SC\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\SC\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\SE\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\SE\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\TC\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\TC\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\TH\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\TH\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\Touchpad\US\ReadMe.txt -> C:\windows\system32\autorun\Drivers\Touchpad\US\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Setup.cmd -> C:\windows\system32\autorun\Drivers\VGA\Setup.cmd
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Setup.ini -> C:\windows\system32\autorun\Drivers\VGA\Setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Setup.iss -> C:\windows\system32\autorun\Drivers\VGA\Setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\data1.cab -> C:\windows\system32\autorun\Drivers\VGA\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\data1.hdr -> C:\windows\system32\autorun\Drivers\VGA\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\data2.cab -> C:\windows\system32\autorun\Drivers\VGA\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\engine32.cab -> C:\windows\system32\autorun\Drivers\VGA\engine32.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\layout.bin -> C:\windows\system32\autorun\Drivers\VGA\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\ReadMe.txt -> C:\windows\system32\autorun\Drivers\VGA\ReadMe.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setup.boot -> C:\windows\system32\autorun\Drivers\VGA\setup.boot
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setup.exe -> C:\windows\system32\autorun\Drivers\VGA\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setup.inx -> C:\windows\system32\autorun\Drivers\VGA\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\data1.cab -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\data1.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\data1.hdr -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\data1.hdr
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\data2.cab -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\data2.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\engine32.cab -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\engine32.cab
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\layout.bin -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\layout.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\README.TXT -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\README.TXT
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\RelNote.txt -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\RelNote.txt
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup-s.bat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup-s.bat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup.boot -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.boot
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup.ini -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup.inx -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.inx
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\setup.iss -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\setup.iss
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagpx.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2000\sisagpx.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagpx.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN2003\sisagpx.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\SISAGP.PCI -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WIN98\SISAGP.PCI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\SISAGP.PCI -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINME\SISAGP.PCI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagpx.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\current\WINXP\sisagpx.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagpx.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN2000\sisagpx.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\SISAGP.pci -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WIN98\SISAGP.pci
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\SISAGP.pci -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINME\SISAGP.pci
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.cat -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.inf -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagp.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagpx.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\AGP\old\WINXP\sisagpx.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\AGPFunc.dll -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\AGPFunc.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\ata133ap.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\ata133ap.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\instdrv.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\instdrv.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\SISAGP98.dll -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\SISAGP98.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\waitwnd.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\SISfiles\waitwnd.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SIS_LIB.DLL -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SIS_LIB.DLL
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SISPORT.SYS -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SISPORT.SYS
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SiSUSBrg.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win2K_XP\WinXPUSB\SiSUSBrg.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Mp_s3.exe -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Mp_s3.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Openhci.sys -> C:\windows\system32\autorun\Drivers\VGA\AGPPack\USB\Win9x\SiSFiles\Openhci.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0006.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0006.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0007.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0007.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0009.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0009.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\000a.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\000a.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\000b.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\000b.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0010.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0010.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0011.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0011.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0012.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0012.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0013.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0013.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0014.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0014.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0019.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0019.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\001d.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\001d.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\001e.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\001e.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0404.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0404.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\040c.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\040c.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0416.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0416.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0804.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0804.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0816.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0816.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\Language\0c0c.lng -> C:\windows\system32\autorun\Drivers\VGA\Language\0c0c.lng
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setupDLL\Instdrv.exe -> C:\windows\system32\autorun\Drivers\VGA\setupDLL\Instdrv.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setupDLL\IsUninst.exe -> C:\windows\system32\autorun\Drivers\VGA\setupDLL\IsUninst.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setupDLL\Progress.exe -> C:\windows\system32\autorun\Drivers\VGA\setupDLL\Progress.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\setupDLL\waitwnd.exe -> C:\windows\system32\autorun\Drivers\VGA\setupDLL\waitwnd.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup.bmp -> C:\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup16.bmp -> C:\windows\system32\autorun\Drivers\VGA\SETUPRES\Setup16.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\SETUPRES\title.bmp -> C:\windows\system32\autorun\Drivers\VGA\SETUPRES\title.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\LCDMode.exe -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\LCDMode.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\SiSApCom.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSApCom.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.ini -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.sys -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSCom.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\SiSHook.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\SiSHook.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.ini -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\sislib.ini
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\sisvb.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\sisvb.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\TVMode.dll -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\TVMode.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\315\oemrom.bin -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\315\oemrom.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\Xabre\oemrom.bin -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\9xBin\Xabre\oemrom.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\sis315.bin -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\sis315.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\xabre.bin -> C:\windows\system32\autorun\Drivers\VGA\utilDLL\ntBin\xabre.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\3DWizard\sisut3d.dll -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\3DWizard\sisut3d.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Gamma\gamma.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Gamma\gamma.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\General\Bk31x.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\General\Bk31x.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\General\logo.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\General\logo.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\trayicon.ico -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\trayicon.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\UNINS.ico -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\UNINS.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\XRotate.ico -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\ICO\XRotate.ico
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\650.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\650.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\651.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\651.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\740.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\740.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage1.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage1.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage2.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage2.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage3.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Info\mirage3.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SIS3D.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SIS3D.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISDM.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISDM.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISGAMMA.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISGAMMA.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISINFO.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISINFO.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTV.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTV.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTVLCD.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISTVLCD.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISVIDEO.AVI -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Manager\SISVIDEO.AVI
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Sistray\traylogo.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Sistray\traylogo.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\UtilRes\Video\overlay1.bmp -> C:\windows\system32\autorun\Drivers\VGA\UtilRes\Video\overlay1.bmp
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.exe -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\InstFunc.exe
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis650.bin -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis650.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis660.bin -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis660.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis740.bin -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis740.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis741.bin -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis741.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis760.bin -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sis760.bin
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSBase.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSBase.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgl.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgl.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.cat -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.cat
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.inf -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgr.inf
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrp.sys -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrp.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrv.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\sisgrv.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSInst.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSInst.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSParse.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSParse.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPInst.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPInst.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPower.dll -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\SiSPower.dll
C:\Qoobox\Quarantine\C\windows\system32\autorun\Drivers\VGA\WinXP_2K\srvkp.sys -> C:\windows\system32\autorun\Drivers\VGA\WinXP_2K\srvkp.sys
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Howtouse.html -> C:\windows\system32\autorun\HowToUse\Howtouse.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\_notes\dwSiteColumnsMe.xml -> C:\windows\system32\autorun\HowToUse\_notes\dwSiteColumnsMe.xml
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Contents\Howtouse-old.html -> C:\windows\system32\autorun\HowToUse\Contents\Howtouse-old.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Contents\menu-contents.html -> C:\windows\system32\autorun\HowToUse\Contents\menu-contents.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Contents\right-contents.html -> C:\windows\system32\autorun\HowToUse\Contents\right-contents.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Contents\contents.html -> C:\windows\system32\autorun\HowToUse\Contents\contents.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Contents\left-00.htm -> C:\windows\system32\autorun\HowToUse\Contents\left-00.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Guide\Howtouse-old.html -> C:\windows\system32\autorun\HowToUse\Guide\Howtouse-old.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Guide\left-guide.html -> C:\windows\system32\autorun\HowToUse\Guide\left-guide.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Guide\menu-guide.html -> C:\windows\system32\autorun\HowToUse\Guide\menu-guide.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Guide\right-guide.html -> C:\windows\system32\autorun\HowToUse\Guide\right-guide.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Guide\guide.html -> C:\windows\system32\autorun\HowToUse\Guide\guide.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Home\menu.html -> C:\windows\system32\autorun\HowToUse\Home\menu.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Home\right-main.htm -> C:\windows\system32\autorun\HowToUse\Home\right-main.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Home\top.html -> C:\windows\system32\autorun\HowToUse\Home\top.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Home\bd-main.html -> C:\windows\system32\autorun\HowToUse\Home\bd-main.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Home\left-00.htm -> C:\windows\system32\autorun\HowToUse\Home\left-00.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\function_01.gif -> C:\windows\system32\autorun\HowToUse\Images\function_01.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_contents01.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_contents01.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_contents02.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_contents02.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_contents03.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_contents03.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_guide01.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_guide01.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_guide02.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_guide02.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_guide03.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_guide03.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_install01.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_install01.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_install02.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_install02.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\icon_install03.jpg -> C:\windows\system32\autorun\HowToUse\Images\icon_install03.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\mane-image.jpg -> C:\windows\system32\autorun\HowToUse\Images\mane-image.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-bk-00.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-bk-00.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-bk-01.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-bk-01.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-bk-02-white.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-bk-02-white.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-bk-02.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-bk-02.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-bk-white.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-bk-white.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu-white.gif -> C:\windows\system32\autorun\HowToUse\Images\menu-white.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu_arrow_dn.gif -> C:\windows\system32\autorun\HowToUse\Images\menu_arrow_dn.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\menu_arrow_sm.gif -> C:\windows\system32\autorun\HowToUse\Images\menu_arrow_sm.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\orange-light.gif -> C:\windows\system32\autorun\HowToUse\Images\orange-light.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\orange-light2.gif -> C:\windows\system32\autorun\HowToUse\Images\orange-light2.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\sub-dot-gray.gif -> C:\windows\system32\autorun\HowToUse\Images\sub-dot-gray.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\transparent.gif -> C:\windows\system32\autorun\HowToUse\Images\transparent.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\bg.jpg -> C:\windows\system32\autorun\HowToUse\Images\bg.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\dot-gray.gif -> C:\windows\system32\autorun\HowToUse\Images\dot-gray.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\index_bg.jpg -> C:\windows\system32\autorun\HowToUse\Images\index_bg.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\left-bk.gif -> C:\windows\system32\autorun\HowToUse\Images\left-bk.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\table-1.jpg -> C:\windows\system32\autorun\HowToUse\Images\table-1.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\Table-1B.jpg -> C:\windows\system32\autorun\HowToUse\Images\Table-1B.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\table-2.jpg -> C:\windows\system32\autorun\HowToUse\Images\table-2.jpg
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\top-bk0.gif -> C:\windows\system32\autorun\HowToUse\Images\top-bk0.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Images\top-name.gif -> C:\windows\system32\autorun\HowToUse\Images\top-name.gif
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Howtouse-old.html -> C:\windows\system32\autorun\HowToUse\Install\Howtouse-old.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\left-Install.html -> C:\windows\system32\autorun\HowToUse\Install\left-Install.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\menu-install.html -> C:\windows\system32\autorun\HowToUse\Install\menu-install.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\right-install.html -> C:\windows\system32\autorun\HowToUse\Install\right-install.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\2k_NAV.htm -> C:\windows\system32\autorun\HowToUse\Install\2k_NAV.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\install.html -> C:\windows\system32\autorun\HowToUse\Install\install.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_Driver.html -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Driver.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_speedstp.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_speedstp.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_TouchPad.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_TouchPad.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_Utility.html -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Utility.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_80211.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_80211.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_App.html -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_App.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_inf.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_inf.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_Launch.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_Launch.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2K_List.html -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2K_List.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2K_MODEM.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2K_MODEM.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\Win2K\2k_USB20.htm -> C:\windows\system32\autorun\HowToUse\Install\Win2K\2k_USB20.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211bg.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211bg.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_a80211bg.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_a80211bg.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_aceroobe.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_aceroobe.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_am80211bg.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_am80211bg.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_bluetooth.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_bluetooth.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\XP_cardreader.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\XP_cardreader.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmaker.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmaker.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_DirectX.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_DirectX.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Display.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Display.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Driver.html -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Driver.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_easybut.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_easybut.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_eManager.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_eManager.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_InviLink.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_InviLink.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_producer.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_producer.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartap.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartap.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_speedstp.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_speedstp.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_TouchPad.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_TouchPad.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Utility.html -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Utility.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211b.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_80211b.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_amdcpu.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_amdcpu.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_App.html -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_App.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Arcade.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Arcade.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Audio.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Audio.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmmc.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_cdmmc.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Direct.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Direct.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_ePower.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_ePower.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_FileCD.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_FileCD.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_FIR.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_FIR.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Grid.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Grid.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_inf.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_inf.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_lan.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_lan.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_Launch.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_Launch.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_List.html -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_List.html
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\XP_MODEM.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\XP_MODEM.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_NBMgr.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_NBMgr.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_pcmcia.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_pcmcia.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartc.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_smartc.htm
C:\Qoobox\Quarantine\C\windows\system32\autorun\HowToUse\Install\WinXP\xp_SunJVM.htm -> C:\windows\system32\autorun\HowToUse\Install\WinXP\xp_SunJVM.htm
961 zkopˇrovaněch soubor…
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: "Trojský kůň BackDoor.Generic12.BICR"

#29 Příspěvek od Unlimited_Killer »

Na 99% je to falešný poplach AVG - výsledek na VirusTotalu je taky dobrý - jen 4/41, což opravdu vypadá na falešnou detekci.

1) Odinstalace ComboFixu
  • Proklikejte se přes Start do Spustit [klávesová zkratka je Win+R].
  • Do textového pole napište:

    Kód: Vybrat vše

    ComboFix /Uninstall
  • Stiskněte Enter.
  • Spustí se odinstalace ComboFixu, která smaže všechny jeho součásti.
2) OTCleaner
  • Stáhněte OTC a dvojklikem ho spusťte.
  • Vyskočí okénko, kde kliknete na 'CleanUp!'.
  • Potvrdíte kliknutím na 'Yes'.
  • Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
3) Nový RSIT log
inactive
Nahoru
cicerone
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 03 kvě 2010 02:20
Bydliště: Praha 1

Re: "Trojský kůň BackDoor.Generic13.CLS"

#30 Příspěvek od cicerone »

Nový RSIT log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2010-09-22 14:12:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (34%) free of 36 GB
Total RAM: 958 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:12:46, on 22.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
D:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\SCROLL~1\MouseElf.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\mHotkey.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe
C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
D:\Program Files\FileHippo.com\UpdateChecker.exe
D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Scroll Mouse\EMouse.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\download\RSIT_002.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\SCROLL~1\MouseElf.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe -a
O4 - HKCU\..\Run: [PlaxoSysTray] C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe
O4 - HKCU\..\Run: [FileHippo.com] "D:\Program Files\FileHippo.com\UpdateChecker.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/do ... se5059.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 6325434171
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promot ... r37900.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.teplice.cz/activex/AxisCamControl.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D17CDB6E-AE6D-11CF-96B8-444553540000} - https://download.macromedia.com/pub/sho ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

--
End of file - 10706 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SLOW-PCfighter.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-10 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-19 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"=SiSPower.dll,ModeAgent []
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-10-12 315392]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2005-11-16 385024]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-08 88363]
"AdslTaskBar"=stmctrl.dll,TaskBar []
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"SiS Windows KeyHook"=C:\WINDOWS\system32\keyhook.exe [2005-03-04 32768]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"LaunchApp"=Alaunch []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"mouseElf"=C:\PROGRA~1\SCROLL~1\MouseElf.EXE [2004-09-20 196608]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2004-12-08 550912]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2010-07-09 2048352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PlaxoUpdate"=C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe [2009-10-01 403015]
"PlaxoSysTray"=C:\Program Files\Plaxo\3.23.0.11\PlaxoSysTray.exe [2009-10-01 20480]
"FileHippo.com"=D:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\BIN\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="C:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\SeaMonkey\seamonkey.exe"="C:\Program Files\SeaMonkey\seamonkey.exe:*:Enabled:SeaMonkey"
"C:\inet_srv\apache\bin\Apache.exe"="C:\inet_srv\apache\bin\Apache.exe:*:Enabled:Apache"
"C:\inet_srv\mysql\bin\mysqld.exe"="C:\inet_srv\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe"="D:\Program Files\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe:*:Enabled:TomTom HOME"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-09-22 14:12:08 ----D---- C:\rsit
2010-09-22 10:59:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-21 22:15:56 ----D---- C:\WINDOWS\system32\autorun
2010-09-21 22:15:56 ----A---- C:\DeQuarantine.txt
2010-09-20 23:54:34 ----SHD---- C:\Recycled
2010-09-20 22:46:51 ----D---- C:\WINDOWS\temp
2010-09-20 20:09:01 ----A---- C:\WINDOWS\system32\setup_xp.ini
2010-09-19 11:55:30 ----HD---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-19 11:55:22 ----HD---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-19 11:55:18 ----HD---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-19 11:55:11 ----HD---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-19 11:55:03 ----HD---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-19 11:54:47 ----HD---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-19 11:48:22 ----HD---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-19 11:40:19 ----A---- C:\WINDOWS\system32\java.exe
2010-09-02 15:57:11 ----A---- C:\WINDOWS\system32\MyDefragScreenSaver_v4.3.1.exe
2010-09-02 15:57:10 ----D---- C:\Program Files\MyDefrag v4.3.1

======List of files/folders modified in the last 1 months======

2010-09-22 13:58:26 ----A---- C:\WINDOWS\system32\eRLog.ini
2010-09-20 22:50:02 ----A---- C:\WINDOWS\system.ini
2010-09-19 11:48:42 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-19 11:39:36 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2009-06-25 12552]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-07-18 36992]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-06-25 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2005-02-25 13312]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-08 1270540]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-02-24 2311680]
R3 BCM43XX;Broadcom 802.11 ovladač síťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-12-21 369024]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-04-13 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Safetica;Safetica Encryption Driver; C:\WINDOWS\system32\DRIVERS\safetica.sys [2010-06-28 272536]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2005-03-02 240640]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 Stmatm;ATM/ADSL miniport; C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-08-12 60255]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys []
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\WINDOWS\system32\Drivers\eusk2par.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys []
S2 KeyP;KeyP; C:\WINDOWS\SYSTEM32\DRIVERS\KeyP.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 TaurusUsb;ADSL Modem USB Service; C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-12-23 549421]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-05-15 100032]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-09-19 153376]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-15 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-24 545576]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-05-15 2086592]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“