Sakra...tak mám ten virus v pc zase (resp asi pořád)
Přitom od včera doteď šlo vše bez problémů. Musel být někde zavrtaný, protože se to stalo když jsem psal ve wordu.
A opět jsou tu znovu falešné poplachy, výzva k zaplacení licence "antiviru" a blokace internetu.
Tentokrát jsem ještě seriové číslo pro odblokování nezadavál, log jsem poslal známému přes skype a teď píši z jiného pc (nechci riskovat, že by se to nakopírovalo na flasku a zanesl bych si i notebook)
log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by kriz at 2011-07-26 17:19:44
Microsoft Windows 7 Home Premium
System drive C: has 119 GB (79%) free of 150 GB
Total RAM: 4087 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:53, on 25.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal
Running processes:
F:\X\Programy\Fraps\fraps.exe
C:\Users\kriz\AppData\Local\xtb.exe
F:\X\Programy\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\kriz.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 77.73.6.192:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\X\Programy\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "F:\X\Programy\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://F:\X\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\X\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) -
http://content.systemrequirementslab.co ... 1.72.0.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) -
https://www.battlefieldheroes.com/stati ... 0.67.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) -
https://battlefield.play4free.com/stati ... 0.53.2.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} -
http://service.futuremark.com/openapi/r ... s/FMSI.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7974 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
taskeng.exe {4E7A28C2-2EA7-4739-BDB3-F5DC3775B9B3}
F:\X\Programy\Fraps\fraps.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1768
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"F:\X\Programy\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
"F:\X\Programy\Fraps\fraps64.dat"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"taskhost.exe"
"C:\Users\kriz\AppData\Local\wby.exe" -gav C:\Windows\SysWOW64\0.24091423511760313.exe
Explorer.exe
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-465990855-3604300051-3132767143-100114_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-465990855-3604300051-3132767143-100114 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"F:\Documents\Download\stazene\virhelp_RSITx64.exe"
"C:\Program Files\trend micro\kriz.exe" /silentautolog
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - F:\X\Programy\Java\jre6\bin\jp2ssv.dll [2010-01-02 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 9728]
"1264470205"=C:\Users\kriz\AppData\Local\wby.exe [2011-07-26 262144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
F:\X\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
F:\X\Programy\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
F:\X\Programy\Java\jre6\bin\jusched.exe [2010-01-02 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=F:\X\Programy\VirtualCloneDrive\VCDDaemon.exe [2009-05-27 85160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
[17:30:08] norso_ "fwdre": ======File associations======
.exe - open - "C:\Users\kriz\AppData\Local\wby.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2011-07-26 17:19:44 ----D---- C:\rsit
2011-07-26 01:06:48 ----D---- C:\Program Files (x86)\Microsoft Security Client
2011-07-26 01:06:41 ----D---- C:\Program Files\Microsoft Security Client
2011-07-25 21:08:48 ----D---- C:\ProgramData\Kaspersky Lab
2011-07-25 19:30:22 ----D---- C:\Users\kriz\AppData\Roaming\Malwarebytes
2011-07-25 19:30:17 ----D---- C:\ProgramData\Malwarebytes
2011-07-25 19:30:14 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-07-25 18:59:18 ----SHD---- C:\$RECYCLE.BIN
2011-07-25 18:39:21 ----D---- C:\Windows\ERDNT
2011-07-25 17:12:50 ----D---- C:\Program Files\trend micro
2011-07-24 23:38:58 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-24 23:38:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-24 23:38:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-24 23:38:57 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-24 23:38:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-24 23:38:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-24 23:38:51 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-24 23:38:51 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-24 23:38:49 ----A---- C:\Windows\system32\win32k.sys
2011-07-24 23:38:48 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-07-24 23:38:48 ----A---- C:\Windows\system32\wow64win.dll
2011-07-24 23:38:48 ----A---- C:\Windows\system32\kernel32.dll
2011-07-24 23:38:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-07-24 23:38:47 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-07-24 23:38:47 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-07-24 23:38:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-07-24 23:38:47 ----A---- C:\Windows\system32\wow64cpu.dll
2011-07-24 23:38:47 ----A---- C:\Windows\system32\wow64.dll
2011-07-24 23:38:47 ----A---- C:\Windows\system32\winsrv.dll
2011-07-24 23:38:47 ----A---- C:\Windows\system32\ntvdm64.dll
2011-07-24 23:38:47 ----A---- C:\Windows\system32\conhost.exe
2011-07-24 23:38:44 ----A---- C:\Windows\SYSWOW64\user.exe
2011-06-29 13:28:50 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-06-29 13:28:50 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-06-29 13:28:50 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-06-29 13:28:50 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-06-29 13:28:50 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 13:28:49 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 13:28:48 ----A---- C:\Windows\SYSWOW64\tquery.dll
2011-06-29 13:28:48 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2011-06-29 13:28:48 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 13:28:47 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2011-06-29 13:28:47 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2011-06-29 13:28:47 ----A---- C:\Windows\SYSWOW64\mssph.dll
2011-06-29 13:28:47 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 13:28:47 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 13:28:47 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 13:28:47 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 13:28:46 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2011-06-29 13:28:46 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2011-06-29 13:28:46 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2011-06-29 13:28:46 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2011-06-29 13:28:46 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 13:28:46 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 13:28:46 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-27 16:17:43 ----D---- C:\ProgramData\eSellerate
2011-06-27 15:03:24 ----D---- C:\ProgramData\Sony
2011-06-27 15:03:20 ----D---- C:\Users\kriz\AppData\Roaming\Publish Providers
2011-06-27 15:00:02 ----D---- C:\Program Files (x86)\Sony
2011-06-27 14:56:58 ----D---- C:\Users\kriz\AppData\Roaming\Sony
[17:30:21] norso_ "fwdre": ======List of files/folders modified in the last 1 month======
2011-07-26 17:19:44 ----D---- C:\Windows\Prefetch
2011-07-26 17:16:49 ----D---- C:\Windows\SysWOW64
2011-07-26 17:16:49 ----D---- C:\ProgramData
2011-07-26 17:13:49 ----D---- C:\Windows\Temp
2011-07-26 16:44:27 ----D---- C:\Users\kriz\AppData\Roaming\Skype
2011-07-26 16:43:20 ----D---- C:\Users\kriz\AppData\Roaming\skypePM
2011-07-26 14:09:25 ----D---- C:\Windows\system32\config
2011-07-26 10:11:43 ----D---- C:\Windows\System32
2011-07-26 10:11:43 ----D---- C:\Windows\inf
2011-07-26 10:11:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-26 10:10:38 ----D---- C:\Windows\SoftwareDistribution
2011-07-26 10:09:48 ----AD---- C:\Windows
2011-07-26 10:08:13 ----D---- C:\Windows\system32\Tasks
2011-07-26 01:09:50 ----D---- C:\Windows\system32\catroot
2011-07-26 01:08:01 ----SHD---- C:\System Volume Information
2011-07-26 01:06:53 ----SHD---- C:\Windows\Installer
2011-07-26 01:06:53 ----D---- C:\Config.Msi
2011-07-26 01:06:50 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-07-26 01:06:49 ----D---- C:\Windows\system32\drivers
2011-07-26 01:06:48 ----RD---- C:\Program Files (x86)
2011-07-26 01:06:41 ----RD---- C:\Program Files
2011-07-26 01:03:24 ----HD---- C:\Windows\system32\GroupPolicy
2011-07-26 00:51:15 ----D---- C:\Windows\SYSWOW64\drivers
2011-07-26 00:24:37 ----D---- C:\Windows\system32\catroot2
2011-07-25 18:42:35 ----A---- C:\Windows\system.ini
2011-07-25 18:42:32 ----D---- C:\Windows\system32\drivers\etc
2011-07-25 18:41:23 ----D---- C:\Windows\AppPatch
2011-07-25 18:41:22 ----D---- C:\Program Files\Common Files
2011-07-25 18:41:22 ----D---- C:\Program Files (x86)\Common Files
2011-07-25 01:21:26 ----D---- C:\Users\kriz\AppData\Roaming\Opera
2011-07-25 00:59:11 ----D---- C:\Windows\winsxs
2011-07-25 00:57:41 ----D---- C:\Windows\system32\DriverStore
2011-07-25 00:43:53 ----D---- C:\Windows\Logs
2011-07-25 00:43:53 ----D---- C:\Windows\debug
2011-07-25 00:43:53 ----D---- C:\Users\kriz\AppData\Roaming\DAEMON Tools Lite
2011-07-25 00:33:22 ----A---- C:\Windows\system32\MRT.exe
2011-07-01 00:37:58 ----D---- C:\Program Files (x86)\Microsoft Office
2011-06-30 03:47:24 ----RSD---- C:\Windows\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-24 314016]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-24 43680]
R2 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Users\kriz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [2010-07-29 14544]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-07 195584]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-18 254528]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 36352]
S3 ALSysIO;ALSysIO; \??\C:\Users\kriz\AppData\Local\Temp\ALSysIO64.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-07 6659072]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpuz130;cpuz130; \??\C:\Users\kriz\AppData\Local\Temp\cpuz130\cpuz_x64.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-01-03 21832]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-07-30 19456]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-07-30 26624]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SIVDRIVER;SIV Kernel Driver; \??\C:\Windows\system32\Drivers\SIVX64.sys [2009-12-14 61504]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-07-30 9216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2010-07-30 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-07 202752]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-06-15 75136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
