VIRY.CZ

Co tohle

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Windows sekne pri aplikácii skriptu, pochybujem o tom že ho vykoná .... po restarte windows normalne ide

Spustte CF bez skriptu, "jen tak", mrknem ci neco udelal...log mi dejte

Prepacte ale vcera som už musel íst do práce tak som už neodpisoval ...

prikladám log :

ComboFix 12-04-07.01 - user 07.04.2012 8:51.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.767.602 [GMT 2:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\zhynbowcjiqat3.sys . . . is infected!! . . . Failed to find a valid replacement.
.
((((((((((((((((((((((((( Files Created from 2012-03-07 to 2012-04-07 )))))))))))))))))))))))))))))))
.
.
2012-04-06 11:08 . 2012-04-06 11:08 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-06 10:16 . 2012-04-06 10:16 -------- d-----w- c:\program files\trend micro
2012-04-06 10:16 . 2012-04-06 10:16 -------- d-----w- C:\rsit
2012-04-06 09:33 . 2012-04-06 09:33 -------- d-----w- c:\windows\system32\LogFiles
2012-04-06 08:33 . 2012-04-06 08:33 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes
2012-04-06 08:32 . 2012-04-06 08:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-04-06 08:32 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 08:32 . 2012-04-06 08:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-06 08:31 . 2012-04-06 08:44 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-05 07:48 . 2012-04-05 07:49 -------- d-----w- C:\6d5e47130691582ec809376870f7
2012-03-22 14:29 . 2012-04-03 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\529C505A0000A21B6A4CC3162830AC72
2012-03-13 08:26 . 2012-04-06 09:27 -------- d-----w- C:\directory
2012-03-13 08:26 . 2012-03-13 08:26 -------- d-----w- c:\documents and settings\user\Application Data\install
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-06 11:10 . 2004-08-03 21:14 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-04-06 08:44 . 2011-07-01 12:06 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:43 . 2011-12-17 19:43 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-06_11.48.41 )))))))))))))))))))))))))))))))))))))))))
.
- 2003-03-31 12:00 . 2012-04-06 09:39 68292 c:\windows\system32\perfc009.dat
+ 2003-03-31 12:00 . 2012-04-06 13:32 68292 c:\windows\system32\perfc009.dat
+ 2012-04-06 14:03 . 2012-04-06 14:03 22016 c:\windows\Installer\2dd158.msi
+ 2012-04-06 13:37 . 2012-04-06 13:37 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\18729514178d458aa1225dd068718d4e\PresentationFontCache.ni.exe
+ 2012-04-06 13:33 . 2012-04-06 13:33 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\0375dfa28e2f6ef7e89df9edede4b83d\PresentationCFFRasterizer.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2012-04-06 13:36 . 2012-04-06 13:36 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-04-06 09:37 . 2012-04-06 09:37 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-04-06 09:37 . 2012-04-06 09:37 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2003-03-31 12:00 . 2012-04-06 13:32 435396 c:\windows\system32\perfh009.dat
- 2003-03-31 12:00 . 2012-04-06 09:39 435396 c:\windows\system32\perfh009.dat
+ 2009-08-07 21:51 . 2009-08-07 21:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-12-13 07:58 . 2008-12-13 07:58 754688 c:\windows\Installer\99535.msp
+ 2012-04-06 13:36 . 2012-04-06 13:36 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2012-04-06 13:34 . 2012-04-06 13:34 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll
+ 2012-04-06 13:34 . 2012-04-06 13:34 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe
+ 2012-04-06 13:36 . 2012-04-06 13:36 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe
+ 2012-04-06 13:33 . 2012-04-06 13:33 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a10c2c7e38291c3ada631ad13e762818\PresentationFramework.Aero.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe
+ 2012-04-06 13:36 . 2012-04-06 13:36 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe
+ 2012-04-06 13:36 . 2012-04-06 13:36 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-04-06 13:24 . 2012-04-06 13:24 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2010-10-21 19:39 . 2010-10-21 19:39 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2012-04-06 13:24 . 2012-04-06 13:24 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-04-06 13:24 . 2012-04-06 13:24 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2010-10-21 19:39 . 2010-10-21 19:39 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2012-04-06 13:24 . 2012-04-06 13:24 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2010-10-21 19:39 . 2010-10-21 19:39 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-12-05 17:35 . 2008-12-05 17:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 21:51 . 2009-08-07 21:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d63164ac4ed5adabc6a1b0fdf07eee05\WindowsBase.ni.dll
+ 2012-04-06 13:32 . 2012-04-06 13:33 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll
+ 2012-04-06 13:34 . 2012-04-06 13:34 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll
+ 2012-04-06 13:34 . 2012-04-06 13:34 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll
+ 2012-04-06 13:34 . 2012-04-06 13:34 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-04-06 13:24 . 2012-04-06 13:24 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-10-21 19:39 . 2010-10-21 19:39 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-04-06 09:36 . 2012-04-06 09:36 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2012-04-06 09:38 . 2012-04-06 09:38 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-04-06 13:31 . 2012-04-06 13:31 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-04-06 09:37 . 2012-04-06 09:37 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-04-06 08:24 . 2012-03-04 14:23 54215544 c:\windows\system32\MRT.exe
- 2012-04-06 08:24 . 2012-04-06 08:24 54215544 c:\windows\system32\MRT.exe
+ 2009-08-14 18:32 . 2009-08-14 18:32 11110912 c:\windows\Installer\9953f.msp
+ 2008-12-13 08:21 . 2008-12-13 08:21 10473472 c:\windows\Installer\99529.msp
+ 2012-04-06 13:34 . 2012-04-06 13:34 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll
+ 2012-04-06 13:37 . 2012-04-06 13:37 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll
+ 2012-04-06 13:36 . 2012-04-06 13:36 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll
+ 2012-04-06 13:34 . 2012-04-06 13:34 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll
+ 2012-04-06 13:33 . 2012-04-06 13:33 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9f5dff344ac6ac923b5ade8ba1ab9382\PresentationCore.ni.dll
+ 2012-04-06 13:32 . 2012-04-06 13:32 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56 110592 -c--a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-28 11:57 136176 ----atw- c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 06:16 528384 -c--a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1798:TCP"= 1798:TCP:@xpsp2res.dll,-22009
"19020:TCP"= 19020:TCP:@xpsp2res.dll,-22009
.
R1 zhynbowcjiqat3;zhynbowcjiqat3.sys;c:\windows\system32\drivers\zhynbowcjiqat3.sys [6.4.2012 10:49 72192]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.9.2010 11:18 136176]
S2 mzdsxczv;Mouse Class Helper;c:\windows\System32\svchost.exe -k netsvcs [4.8.2004 0:56 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [6.4.2012 10:31 253600]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.9.2010 11:18 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
WDM_YAMAHAAC97
lcs
mzdsxczv
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 08:44]
.
2012-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-29 09:18]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-29 09:18]
.
2012-03-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003Core.job
- c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-28 11:57]
.
2012-04-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003UA.job
- c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-28 11:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6E14FE1F-8624-4746-A216-D10E1543D62D}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\y13d0ddj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-07 08:56
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\system32\drivers\zhynbowcjiqat3.sys 72192 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1060284298-1957994488-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F130BA5-9849-EFEF-8D0C-5C2D6112DE9B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paanfffoljnlonpakanbgepihldpanap"=hex:61,62,66,63,6e,6e,65,68,6a,68,70,67,63,
64,61,6e,67,6a,68,6e,67,69,65,6c,6d,61,65,6a,67,67,67,6c,6a,63,00,00
.
Completion time: 2012-04-07 08:57:46
ComboFix-quarantined-files.txt 2012-04-07 06:57
ComboFix2.txt 2012-04-06 11:52
.
Pre-Run: 489 472 000 bytes free
Post-Run: 523 382 784 voľných bajtov
.
- - End Of File - - 2CE249148582695935265AF0C73DD8F6

Stahnete Avenger http://forum.viry.cz/viewtopic.php?f=11&t=19832

Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

Kód: Vybrat vše

Files to delete:
c:\windows\system32\drivers\zhynbowcjiqat3.sys

Drivers to delete:
zhynbowcjiqat3
mzdsxczv

Folders to delete:
c:\documents and settings\All Users\Application Data\529C505A0000A21B6A4CC3162830AC72
C:\WINDOWS\$NtUninstallKB951376-v2$

Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

vykonáno

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "c:\windows\system32\drivers\zhynbowcjiqat3.sys" deleted successfully.
Driver "zhynbowcjiqat3" deleted successfully.
Driver "mzdsxczv" deleted successfully.
Folder "c:\documents and settings\All Users\Application Data\529C505A0000A21B6A4CC3162830AC72" deleted successfully.
Folder "C:\WINDOWS\$NtUninstallKB951376-v2$" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Este som si vcera nez sme zacali vsimol, ze virus natvoril hromadu priečinkov v PC z nahodnymi nazvami, ktore sa nedaju odstrániť, ale dalsie uz odvcera nevytvoril ako sa ich zbavit ?

Muzete sem dat screen tech slozek...

A aplikujte tenhle skript pro ComboFix (postup stejny)

Kód: Vybrat vše

KillAll::

File::
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003UA.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\Explorer.EXE"=-
"C:\WINDOWS\system32\wininet.exe"=-

NetSvc::
WDM_YAMAHAAC97
lcs
mzdsxczv

RegNull::
[HKEY_USERS\S-1-5-21-1060284298-1957994488-854245398-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F130BA5-9849-EFEF-8D0C-5C2D6112DE9B}*]

Reboot::

log z combofixu :

ComboFix 12-04-07.01 - user 07.04.2012 11:58:59.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.767.603 [GMT 2:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1957994488-854245398-1003UA.job
.
.
((((((((((((((((((((((((( Files Created from 2012-03-07 to 2012-04-07 )))))))))))))))))))))))))))))))
.
.
2012-04-06 11:08 . 2012-04-06 11:08 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-06 10:16 . 2012-04-06 10:16 -------- d-----w- c:\program files\trend micro
2012-04-06 10:16 . 2012-04-06 10:16 -------- d-----w- C:\rsit
2012-04-06 09:33 . 2012-04-06 09:33 -------- d-----w- c:\windows\system32\LogFiles
2012-04-06 08:33 . 2012-04-06 08:33 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes
2012-04-06 08:32 . 2012-04-06 08:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-04-06 08:32 . 2011-12-10 13:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-06 08:32 . 2012-04-06 08:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-06 08:31 . 2012-04-06 08:44 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-05 07:48 . 2012-04-05 07:49 -------- d-----w- C:\6d5e47130691582ec809376870f7
2012-03-13 08:26 . 2012-04-06 09:27 -------- d-----w- C:\directory
2012-03-13 08:26 . 2012-03-13 08:26 -------- d-----w- c:\documents and settings\user\Application Data\install
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-06 11:10 . 2004-08-03 21:14 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-04-06 08:44 . 2011-07-01 12:06 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-17 19:43 . 2011-12-17 19:43 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-03 22:56 110592 -c--a-w- c:\windows\system32\bthprops.cpl
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1798:TCP"= 1798:TCP:@xpsp2res.dll,-22009
"19020:TCP"= 19020:TCP:@xpsp2res.dll,-22009
.
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29.9.2010 11:18 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [6.4.2012 10:31 253600]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [29.9.2010 11:18 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{6E14FE1F-8624-4746-A216-D10E1543D62D}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\y13d0ddj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-04-07 12:05
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(252)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-04-07 12:10:59 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-07 10:10
ComboFix2.txt 2012-04-07 06:57
ComboFix3.txt 2012-04-06 11:52
.
Pre-Run: 353 775 616 bytes free
Post-Run: 164 646 912 voľných bajtov
.
- - End Of File - - D3DCAAC32EA2DD09CDAA739657B80931

tak a screen

Obrázek

Neco muze mit na svedomi ComboFix, ale tolik by jich byt nemelo...Jeste neco podobneho tvori i automaticke aktualizace. Uvidime po skonceni leceni...

CF udelal co mel

Nyni spustte TDSSKiller, vsude at je pripadne volba Skip, log pak sem

A tez poprosim o z RogueKilleru - volba Prohledat

12:22:14.0492 1140 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
12:22:14.0653 1140 ============================================================
12:22:14.0653 1140 Current date / time: 2012/04/07 12:22:14.0653
12:22:14.0653 1140 SystemInfo:
12:22:14.0653 1140
12:22:14.0653 1140 OS Version: 5.1.2600 ServicePack: 2.0
12:22:14.0653 1140 Product type: Workstation
12:22:14.0653 1140 ComputerName: USER-8E69AB6B10
12:22:14.0653 1140 UserName: user
12:22:14.0653 1140 Windows directory: C:\WINDOWS
12:22:14.0653 1140 System windows directory: C:\WINDOWS
12:22:14.0653 1140 Processor architecture: Intel x86
12:22:14.0653 1140 Number of processors: 1
12:22:14.0653 1140 Page size: 0x1000
12:22:14.0653 1140 Boot type: Normal boot
12:22:14.0653 1140 ============================================================
12:22:16.0535 1140 Drive \Device\Harddisk0\DR0 - Size: 0x9925B0000 (38.29 Gb), SectorSize: 0x200, Cylinders: 0x1386, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:22:16.0545 1140 Drive \Device\Harddisk1\DR5 - Size: 0x787FFE00 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:22:16.0545 1140 \Device\Harddisk0\DR0:
12:22:16.0545 1140 MBR used
12:22:16.0545 1140 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11F8A16
12:22:16.0555 1140 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x11F8A94, BlocksNum 0x3A962B1
12:22:16.0555 1140 \Device\Harddisk1\DR5:
12:22:16.0555 1140 MBR used
12:22:16.0555 1140 \Device\Harddisk1\DR5\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3C3FC0
12:22:16.0625 1140 Initialize success
12:22:16.0625 1140 ============================================================
12:22:20.0982 1984 ============================================================
12:22:20.0982 1984 Scan started
12:22:20.0982 1984 Mode: Manual; SigCheck; TDLFS;
12:22:20.0982 1984 ============================================================
12:22:21.0863 1984 Abiosdsk - ok
12:22:21.0913 1984 abp480n5 - ok
12:22:21.0973 1984 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:22:24.0116 1984 ACPI - ok
12:22:24.0206 1984 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:22:24.0477 1984 ACPIEC - ok
12:22:24.0587 1984 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:22:24.0617 1984 AdobeFlashPlayerUpdateSvc - ok
12:22:24.0667 1984 adpu160m - ok
12:22:24.0737 1984 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
12:22:25.0007 1984 aec - ok
12:22:25.0128 1984 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
12:22:25.0178 1984 AFD - ok
12:22:25.0238 1984 Aha154x - ok
12:22:25.0288 1984 aic78u2 - ok
12:22:25.0328 1984 aic78xx - ok
12:22:25.0388 1984 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
12:22:25.0668 1984 Alerter - ok
12:22:25.0749 1984 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
12:22:25.0859 1984 ALG - ok
12:22:25.0919 1984 AliIde - ok
12:22:25.0979 1984 AmdK7 (680ad1c1bb16239e28d8f33a54a7a3c7) C:\WINDOWS\system32\DRIVERS\amdk7.sys
12:22:26.0249 1984 AmdK7 - ok
12:22:26.0339 1984 amsint - ok
12:22:26.0419 1984 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS\System32\appmgmts.dll
12:22:26.0540 1984 AppMgmt - ok
12:22:26.0630 1984 asc - ok
12:22:26.0680 1984 asc3350p - ok
12:22:26.0730 1984 asc3550 - ok
12:22:26.0830 1984 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:22:26.0840 1984 aspnet_state - ok
12:22:26.0920 1984 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:22:27.0191 1984 AsyncMac - ok
12:22:27.0281 1984 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:22:27.0531 1984 atapi - ok
12:22:27.0611 1984 Atdisk - ok
12:22:27.0681 1984 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:22:27.0932 1984 Atmarpc - ok
12:22:28.0002 1984 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
12:22:28.0272 1984 AudioSrv - ok
12:22:28.0362 1984 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:22:28.0643 1984 audstub - ok
12:22:28.0733 1984 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:22:28.0993 1984 Beep - ok
12:22:29.0093 1984 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
12:22:29.0414 1984 BITS - ok
12:22:29.0524 1984 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
12:22:29.0814 1984 Browser - ok
12:22:29.0914 1984 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
12:22:30.0205 1984 BthEnum - ok
12:22:30.0295 1984 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:22:30.0525 1984 BthPan - ok
12:22:30.0626 1984 BTHPORT (95ef6f3f386d93ee1e4d9ca45a50252a) C:\WINDOWS\system32\Drivers\BTHport.sys
12:22:30.0666 1984 BTHPORT - ok
12:22:30.0746 1984 BthServ (a18cc8c9b3890b1b68bed213716fef6b) C:\WINDOWS\System32\bthserv.dll
12:22:31.0006 1984 BthServ - ok
12:22:31.0106 1984 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
12:22:31.0397 1984 BTHUSB - ok
12:22:31.0407 1984 catchme - ok
12:22:31.0507 1984 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:22:31.0767 1984 cbidf2k - ok
12:22:31.0837 1984 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:22:32.0108 1984 CCDECODE - ok
12:22:32.0198 1984 cd20xrnt - ok
12:22:32.0268 1984 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:22:32.0548 1984 Cdaudio - ok
12:22:32.0638 1984 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
12:22:32.0919 1984 Cdfs - ok
12:22:32.0999 1984 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:22:33.0279 1984 Cdrom - ok
12:22:33.0349 1984 Changer - ok
12:22:33.0430 1984 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
12:22:33.0670 1984 CiSvc - ok
12:22:33.0760 1984 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
12:22:34.0030 1984 ClipSrv - ok
12:22:34.0141 1984 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:22:34.0151 1984 clr_optimization_v2.0.50727_32 - ok
12:22:34.0201 1984 CmdIde - ok
12:22:34.0251 1984 COMSysApp - ok
12:22:34.0321 1984 Cpqarray - ok
12:22:34.0381 1984 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
12:22:34.0611 1984 CryptSvc - ok
12:22:34.0681 1984 dac2w2k - ok
12:22:34.0721 1984 dac960nt - ok
12:22:34.0792 1984 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
12:22:34.0922 1984 DcomLaunch - ok
12:22:35.0012 1984 Dhcp (cb6ca3e5261d65f6f809eed23bf167aa) C:\WINDOWS\System32\dhcpcsvc.dll
12:22:35.0302 1984 Dhcp - ok
12:22:35.0402 1984 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:22:35.0653 1984 Disk - ok
12:22:35.0693 1984 dmadmin - ok
12:22:35.0793 1984 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
12:22:36.0063 1984 dmboot - ok
12:22:36.0163 1984 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
12:22:36.0424 1984 dmio - ok
12:22:36.0524 1984 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:22:36.0764 1984 dmload - ok
12:22:36.0834 1984 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
12:22:37.0125 1984 dmserver - ok
12:22:37.0225 1984 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
12:22:37.0495 1984 DMusic - ok
12:22:37.0566 1984 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS\System32\dnsrslvr.dll
12:22:37.0816 1984 Dnscache - ok
12:22:37.0896 1984 dpti2o - ok
12:22:37.0976 1984 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
12:22:38.0246 1984 drmkaud - ok
12:22:38.0327 1984 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
12:22:38.0547 1984 ERSvc - ok
12:22:38.0617 1984 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
12:22:38.0697 1984 Eventlog - ok
12:22:38.0797 1984 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\system32\es.dll
12:22:38.0837 1984 EventSystem - ok
12:22:38.0917 1984 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
12:22:39.0218 1984 Fastfat - ok
12:22:39.0308 1984 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
12:22:39.0528 1984 FastUserSwitchingCompatibility - ok
12:22:39.0628 1984 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:22:39.0909 1984 Fdc - ok
12:22:39.0999 1984 FET5X86V (92cbce0913661ff966f9fb696a1775a5) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
12:22:40.0039 1984 FET5X86V - ok
12:22:40.0099 1984 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
12:22:40.0360 1984 Fips - ok
12:22:40.0440 1984 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:22:40.0710 1984 Flpydisk - ok
12:22:40.0790 1984 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:22:41.0051 1984 FltMgr - ok
12:22:41.0141 1984 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:22:41.0151 1984 FontCache3.0.0.0 - ok
12:22:41.0201 1984 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:22:41.0481 1984 Fs_Rec - ok
12:22:41.0571 1984 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:22:41.0812 1984 Ftdisk - ok
12:22:41.0902 1984 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:22:42.0162 1984 gameenum - ok
12:22:42.0222 1984 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:22:42.0513 1984 Gpc - ok
12:22:42.0583 1984 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:22:42.0593 1984 gupdate - ok
12:22:42.0613 1984 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:22:42.0633 1984 gupdatem - ok
12:22:42.0703 1984 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:22:42.0953 1984 helpsvc - ok
12:22:43.0003 1984 HidServ - ok
12:22:43.0103 1984 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:22:43.0344 1984 HidUsb - ok
12:22:43.0424 1984 hpn - ok
12:22:43.0494 1984 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
12:22:43.0534 1984 HTTP - ok
12:22:43.0604 1984 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
12:22:43.0845 1984 HTTPFilter - ok
12:22:43.0935 1984 i2omgmt - ok
12:22:43.0985 1984 i2omp - ok
12:22:44.0035 1984 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:22:44.0335 1984 i8042prt - ok
12:22:44.0465 1984 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:22:44.0526 1984 idsvc - ok
12:22:44.0616 1984 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:22:44.0856 1984 Imapi - ok
12:22:44.0936 1984 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
12:22:45.0166 1984 ImapiService - ok
12:22:45.0257 1984 ini910u - ok
12:22:45.0317 1984 IntelIde - ok
12:22:45.0387 1984 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:22:45.0617 1984 Ip6Fw - ok
12:22:45.0727 1984 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:22:45.0968 1984 IpFilterDriver - ok
12:22:46.0048 1984 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:22:46.0298 1984 IpInIp - ok
12:22:46.0398 1984 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:22:46.0649 1984 IpNat - ok
12:22:46.0739 1984 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:22:46.0989 1984 IPSec - ok
12:22:47.0109 1984 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:22:47.0199 1984 IRENUM - ok
12:22:47.0310 1984 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:22:47.0590 1984 isapnp - ok
12:22:47.0690 1984 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:22:47.0920 1984 Kbdclass - ok
12:22:48.0011 1984 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
12:22:48.0251 1984 kmixer - ok
12:22:48.0341 1984 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
12:22:48.0411 1984 KSecDD - ok
12:22:48.0491 1984 lanmanserver (93d32468d34e000cb3407947d1d6e22a) C:\WINDOWS\System32\srvsvc.dll
12:22:48.0752 1984 lanmanserver - ok
12:22:48.0842 1984 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
12:22:48.0892 1984 lanmanworkstation - ok
12:22:48.0952 1984 lbrtfdc - ok
12:22:49.0012 1984 lcs - ok
12:22:49.0092 1984 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
12:22:49.0352 1984 LmHosts - ok
12:22:49.0443 1984 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:22:49.0623 1984 McComponentHostService - ok
12:22:49.0703 1984 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
12:22:49.0973 1984 Messenger - ok
12:22:50.0094 1984 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:22:50.0304 1984 mnmdd - ok
12:22:50.0404 1984 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\system32\mnmsrvc.exe
12:22:50.0644 1984 mnmsrvc - ok
12:22:50.0714 1984 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
12:22:51.0005 1984 Modem - ok
12:22:51.0085 1984 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:22:51.0365 1984 Mouclass - ok
12:22:51.0465 1984 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:22:51.0676 1984 mouhid - ok
12:22:51.0746 1984 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
12:22:51.0986 1984 MountMgr - ok
12:22:52.0056 1984 mraid35x - ok
12:22:52.0156 1984 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:22:52.0407 1984 MRxDAV - ok
12:22:52.0527 1984 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:22:52.0597 1984 MRxSmb - ok
12:22:52.0657 1984 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\system32\msdtc.exe
12:22:52.0898 1984 MSDTC - ok
12:22:52.0988 1984 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
12:22:53.0228 1984 Msfs - ok
12:22:53.0288 1984 MSIServer - ok
12:22:53.0368 1984 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:22:53.0629 1984 MSKSSRV - ok
12:22:53.0719 1984 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:22:53.0919 1984 MSPCLOCK - ok
12:22:54.0019 1984 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
12:22:54.0260 1984 MSPQM - ok
12:22:54.0350 1984 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:22:54.0640 1984 mssmbios - ok
12:22:54.0750 1984 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
12:22:54.0971 1984 MSTEE - ok
12:22:55.0061 1984 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
12:22:55.0241 1984 ms_mpu401 - ok
12:22:55.0321 1984 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
12:22:55.0541 1984 Mup - ok
12:22:55.0621 1984 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:22:55.0842 1984 NABTSFEC - ok
12:22:55.0912 1984 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
12:22:56.0122 1984 NDIS - ok
12:22:56.0212 1984 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:22:56.0433 1984 NdisIP - ok
12:22:56.0523 1984 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:22:56.0733 1984 NdisTapi - ok
12:22:56.0823 1984 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:22:57.0124 1984 Ndisuio - ok
12:22:57.0204 1984 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:22:57.0424 1984 NdisWan - ok
12:22:57.0504 1984 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
12:22:57.0735 1984 NDProxy - ok
12:22:57.0815 1984 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:22:58.0035 1984 NetBIOS - ok
12:22:58.0105 1984 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:22:58.0315 1984 NetBT - ok
12:22:58.0395 1984 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
12:22:58.0606 1984 NetDDE - ok
12:22:58.0636 1984 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
12:22:58.0836 1984 NetDDEdsdm - ok
12:22:58.0916 1984 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:22:59.0147 1984 Netlogon - ok
12:22:59.0237 1984 Netman (dab9e6c7105d2ef49876fe92c524f565) C:\WINDOWS\System32\netman.dll
12:22:59.0477 1984 Netman - ok
12:22:59.0567 1984 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:22:59.0587 1984 NetTcpPortSharing - ok
12:22:59.0667 1984 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
12:22:59.0767 1984 Nla - ok
12:22:59.0868 1984 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
12:23:00.0108 1984 Npfs - ok
12:23:00.0218 1984 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
12:23:00.0448 1984 Ntfs - ok
12:23:00.0539 1984 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:23:00.0719 1984 NtLmSsp - ok
12:23:00.0799 1984 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
12:23:01.0059 1984 NtmsSvc - ok
12:23:01.0159 1984 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:23:01.0380 1984 Null - ok
12:23:01.0530 1984 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:23:01.0840 1984 nv - ok
12:23:01.0951 1984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:23:02.0161 1984 NwlnkFlt - ok
12:23:02.0251 1984 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:23:02.0491 1984 NwlnkFwd - ok
12:23:02.0541 1984 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:23:02.0551 1984 ose - ok
12:23:02.0672 1984 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
12:23:02.0902 1984 Parport - ok
12:23:02.0982 1984 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
12:23:03.0212 1984 PartMgr - ok
12:23:03.0282 1984 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:23:03.0533 1984 ParVdm - ok
12:23:03.0633 1984 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
12:23:03.0873 1984 PCI - ok
12:23:03.0943 1984 PCIDump - ok
12:23:03.0994 1984 PCIIde - ok
12:23:04.0064 1984 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:23:04.0274 1984 Pcmcia - ok
12:23:04.0354 1984 PDCOMP - ok
12:23:04.0404 1984 PDFRAME - ok
12:23:04.0434 1984 PDRELI - ok
12:23:04.0484 1984 PDRFRAME - ok
12:23:04.0524 1984 perc2 - ok
12:23:04.0564 1984 perc2hib - ok
12:23:04.0684 1984 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
12:23:04.0775 1984 PlugPlay - ok
12:23:04.0865 1984 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:23:05.0115 1984 PolicyAgent - ok
12:23:05.0185 1984 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:23:05.0406 1984 PptpMiniport - ok
12:23:05.0486 1984 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:23:05.0696 1984 ProtectedStorage - ok
12:23:05.0776 1984 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
12:23:06.0046 1984 PSched - ok
12:23:06.0127 1984 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
12:23:06.0147 1984 PSI_SVC_2 - ok
12:23:06.0227 1984 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:23:06.0427 1984 Ptilink - ok
12:23:06.0517 1984 ql1080 - ok
12:23:06.0567 1984 Ql10wnt - ok
12:23:06.0607 1984 ql12160 - ok
12:23:06.0647 1984 ql1240 - ok
12:23:06.0677 1984 ql1280 - ok
12:23:06.0747 1984 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:23:06.0998 1984 RasAcd - ok
12:23:07.0088 1984 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
12:23:07.0318 1984 RasAuto - ok
12:23:07.0418 1984 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:23:07.0619 1984 Rasl2tp - ok
12:23:07.0709 1984 RasMan (41a3c11e3517c962c9b44893bcec3b34) C:\WINDOWS\System32\rasmans.dll
12:23:07.0929 1984 RasMan - ok
12:23:08.0009 1984 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:23:08.0250 1984 RasPppoe - ok
12:23:08.0350 1984 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:23:08.0530 1984 Raspti - ok
12:23:08.0620 1984 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:23:08.0850 1984 Rdbss - ok
12:23:08.0941 1984 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:23:09.0151 1984 RDPCDD - ok
12:23:09.0261 1984 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:23:09.0471 1984 rdpdr - ok
12:23:09.0592 1984 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
12:23:09.0802 1984 RDPWD - ok
12:23:09.0932 1984 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
12:23:10.0162 1984 RDSessMgr - ok
12:23:10.0253 1984 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:23:10.0453 1984 redbook - ok
12:23:10.0533 1984 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
12:23:10.0743 1984 RemoteAccess - ok
12:23:10.0843 1984 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS\system32\regsvc.dll
12:23:11.0074 1984 RemoteRegistry - ok
12:23:11.0194 1984 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
12:23:11.0394 1984 RFCOMM - ok
12:23:11.0484 1984 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\system32\locator.exe
12:23:11.0685 1984 RpcLocator - ok
12:23:11.0795 1984 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\System32\rpcss.dll
12:23:11.0905 1984 RpcSs - ok
12:23:12.0015 1984 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:23:12.0245 1984 RSVP - ok
12:23:12.0346 1984 RT2500 (ae1e626f00180bfb3ca5a81fffc65332) C:\WINDOWS\system32\DRIVERS\RT2500.sys
12:23:12.0386 1984 RT2500 - ok
12:23:12.0476 1984 s125bus (06847aa6f3a9bf7c44134d00a2e578c0) C:\WINDOWS\system32\DRIVERS\s125bus.sys
12:23:12.0496 1984 s125bus - ok
12:23:12.0586 1984 s125mdfl (f83f88e1b125308fb5015ea0349502b0) C:\WINDOWS\system32\DRIVERS\s125mdfl.sys
12:23:12.0596 1984 s125mdfl - ok
12:23:12.0686 1984 s125mdm (402a97756c14940ad6ae5169c2fb105e) C:\WINDOWS\system32\DRIVERS\s125mdm.sys
12:23:12.0716 1984 s125mdm - ok
12:23:12.0806 1984 s125mgmt (82b14c51de76825ec769a6374e4c57d6) C:\WINDOWS\system32\DRIVERS\s125mgmt.sys
12:23:12.0816 1984 s125mgmt - ok
12:23:12.0896 1984 s125obex (bedfc5707c356fd073bf1a4afe442d91) C:\WINDOWS\system32\DRIVERS\s125obex.sys
12:23:12.0906 1984 s125obex - ok
12:23:12.0966 1984 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
12:23:13.0157 1984 SamSs - ok
12:23:13.0247 1984 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
12:23:13.0437 1984 SCardSvr - ok
12:23:13.0517 1984 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
12:23:13.0727 1984 Schedule - ok
12:23:13.0828 1984 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:23:13.0928 1984 Secdrv - ok
12:23:13.0988 1984 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
12:23:14.0268 1984 seclogon - ok
12:23:14.0358 1984 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
12:23:14.0539 1984 SENS - ok
12:23:14.0629 1984 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:23:14.0849 1984 serenum - ok
12:23:14.0919 1984 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
12:23:15.0120 1984 Serial - ok
12:23:15.0240 1984 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:23:15.0450 1984 Sfloppy - ok
12:23:15.0540 1984 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
12:23:15.0760 1984 SharedAccess - ok
12:23:15.0851 1984 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
12:23:16.0071 1984 ShellHWDetection - ok
12:23:16.0201 1984 Simbad - ok
12:23:16.0261 1984 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:23:16.0461 1984 SLIP - ok
12:23:16.0552 1984 Sparrow - ok
12:23:16.0642 1984 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
12:23:16.0842 1984 splitter - ok
12:23:16.0922 1984 Spooler (7435b108b935e42ea92ca94f59c8e717) C:\WINDOWS\system32\spoolsv.exe
12:23:17.0112 1984 Spooler - ok
12:23:17.0213 1984 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
12:23:17.0343 1984 sr - ok
12:23:17.0423 1984 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
12:23:17.0523 1984 srservice - ok
12:23:17.0613 1984 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
12:23:17.0683 1984 Srv - ok
12:23:17.0783 1984 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
12:23:17.0893 1984 SSDPSRV - ok
12:23:17.0984 1984 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS\system32\wiaservc.dll
12:23:18.0214 1984 stisvc - ok
12:23:18.0314 1984 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:23:18.0514 1984 streamip - ok
12:23:18.0594 1984 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:23:18.0805 1984 swenum - ok
12:23:18.0895 1984 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
12:23:19.0095 1984 swmidi - ok
12:23:19.0155 1984 SwPrv - ok
12:23:19.0195 1984 symc810 - ok
12:23:19.0255 1984 symc8xx - ok
12:23:19.0306 1984 sym_hi - ok
12:23:19.0356 1984 sym_u3 - ok
12:23:19.0416 1984 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
12:23:19.0636 1984 sysaudio - ok
12:23:19.0716 1984 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
12:23:19.0926 1984 SysmonLog - ok
12:23:20.0027 1984 TapiSrv (eb4a4187d74a8efdcbea3ea2cb1bdfbd) C:\WINDOWS\System32\tapisrv.dll
12:23:20.0227 1984 TapiSrv - ok
12:23:20.0327 1984 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:23:20.0457 1984 Tcpip - ok
12:23:20.0547 1984 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:23:20.0748 1984 TDPIPE - ok
12:23:20.0848 1984 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
12:23:21.0048 1984 TDTCP - ok
12:23:21.0148 1984 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:23:21.0358 1984 TermDD - ok
12:23:21.0459 1984 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
12:23:21.0679 1984 TermService - ok
12:23:21.0749 1984 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
12:23:21.0929 1984 Themes - ok
12:23:21.0989 1984 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS\system32\tlntsvr.exe
12:23:22.0110 1984 TlntSvr - ok
12:23:22.0160 1984 TosIde - ok
12:23:22.0240 1984 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
12:23:22.0450 1984 TrkWks - ok
12:23:22.0550 1984 uagp35 (49c805d42d75eddc9b6a7130999c9054) C:\WINDOWS\system32\DRIVERS\uagp35.sys
12:23:22.0740 1984 uagp35 - ok
12:23:22.0841 1984 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
12:23:23.0031 1984 Udfs - ok
12:23:23.0091 1984 ultra - ok
12:23:23.0201 1984 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
12:23:23.0401 1984 Update - ok
12:23:23.0482 1984 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS\System32\upnphost.dll
12:23:23.0612 1984 upnphost - ok
12:23:23.0732 1984 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
12:23:23.0952 1984 UPS - ok
12:23:24.0012 1984 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:23:24.0233 1984 usbccgp - ok
12:23:24.0313 1984 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:23:24.0523 1984 usbehci - ok
12:23:24.0613 1984 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:23:24.0833 1984 usbhub - ok
12:23:24.0924 1984 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:23:25.0114 1984 usbscan - ok
12:23:25.0214 1984 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:23:25.0414 1984 USBSTOR - ok
12:23:25.0484 1984 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:23:25.0685 1984 usbuhci - ok
12:23:25.0775 1984 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:23:25.0985 1984 usbvideo - ok
12:23:26.0065 1984 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
12:23:26.0266 1984 VgaSave - ok
12:23:26.0356 1984 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
12:23:26.0556 1984 ViaIde - ok
12:23:26.0646 1984 VIAudio (5e02b47671ec147251ab5487d039474d) C:\WINDOWS\system32\drivers\vinyl97.sys
12:23:26.0706 1984 VIAudio - ok
12:23:26.0786 1984 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
12:23:26.0997 1984 VolSnap - ok
12:23:27.0077 1984 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
12:23:27.0197 1984 VSS - ok
12:23:27.0297 1984 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
12:23:27.0487 1984 W32Time - ok
12:23:27.0587 1984 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:23:27.0808 1984 Wanarp - ok
12:23:27.0888 1984 WDICA - ok
12:23:27.0968 1984 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
12:23:28.0168 1984 wdmaud - ok
12:23:28.0238 1984 WDM_YAMAHAAC97 - ok
12:23:28.0298 1984 WebClient (5d0a442864bfbf3b19dcca4cd29f6e99) C:\WINDOWS\System32\webclnt.dll
12:23:28.0509 1984 WebClient - ok
12:23:28.0629 1984 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:23:28.0829 1984 winmgmt - ok
12:23:28.0939 1984 WmdmPmSN (c086483e3dba8c1c0a687ec8d5b3d4c1) C:\WINDOWS\system32\mspmsnsv.dll
12:23:29.0160 1984 WmdmPmSN - ok
12:23:29.0310 1984 Wmi (1081c185aed0660b2b5f173c3e023b23) C:\WINDOWS\System32\advapi32.dll
12:23:29.0480 1984 Wmi - ok
12:23:29.0610 1984 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:23:29.0811 1984 WmiApSrv - ok
12:23:29.0901 1984 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:23:30.0091 1984 WS2IFSL - ok
12:23:30.0211 1984 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
12:23:30.0411 1984 wscsvc - ok
12:23:30.0502 1984 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:23:30.0702 1984 WSTCODEC - ok
12:23:30.0772 1984 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
12:23:30.0982 1984 wuauserv - ok
12:23:31.0062 1984 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
12:23:31.0323 1984 WZCSVC - ok
12:23:31.0423 1984 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
12:23:31.0633 1984 xmlprov - ok
12:23:31.0723 1984 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:23:31.0954 1984 \Device\Harddisk0\DR0 - ok
12:23:31.0994 1984 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR5
12:23:34.0417 1984 \Device\Harddisk1\DR5 - ok
12:23:34.0437 1984 Boot (0x1200) (4c217f2cd03213f8a2bc1e27f8bd979e) \Device\Harddisk0\DR0\Partition0
12:23:34.0437 1984 \Device\Harddisk0\DR0\Partition0 - ok
12:23:34.0467 1984 Boot (0x1200) (d94d46aa6f6f9f0320cb9e864465d6e8) \Device\Harddisk0\DR0\Partition1
12:23:34.0467 1984 \Device\Harddisk0\DR0\Partition1 - ok
12:23:34.0497 1984 Boot (0x1200) (9c2ec72b94320d6ec434990b2476e32f) \Device\Harddisk1\DR5\Partition0
12:23:34.0497 1984 \Device\Harddisk1\DR5\Partition0 - ok
12:23:34.0507 1984 ============================================================
12:23:34.0507 1984 Scan finished
12:23:34.0507 1984 ============================================================
12:23:34.0668 1500 Detected object count: 0
12:23:34.0668 1500 Actual detected object count: 0
12:24:09.0698 1708 Deinitialize success

a dalsi

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spustené v : Normálny režim
Užívateľ: user [Práva Správcu]
Režim: Kontrola -- Dátum: 04/07/2012 12:25:23

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrov: 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤
[FAKED] mf.sys : c:\windows\system32\drivers\mf.sys --> CANNOT FIX
[FAKED] nic1394.sys : c:\windows\system32\drivers\nic1394.sys --> CANNOT FIX
[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Ovládač: [NAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Maxtor 6E040L0 +++++
--- User ---
[MBR] 637bf760da85dcfe04271171e221fec8
[BSP] 0e927195d6126622fddbeb01380ee729 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 9201 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 18844245 | Size: 29996 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB 2.0 Flash Disk USB Device +++++
--- User ---
[MBR] 16bb170d881993d75e02499f1e72f5e2
[BSP] dec9f0908d0564afbcbcc26fa1ab4266 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 63 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončené : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\windows\system32\drivers\mf.sys
c:\windows\system32\drivers\nic1394.sys
c:\windows\system32\drivers\nwlnknb.sys
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

https://www.virustotal.com/file/6c2354c ... 333795155/
https://www.virustotal.com/file/ad1fd07 ... 333795266/
https://www.virustotal.com/file/abe48d3 ... 333795441/

Poradim se s Tigzym, autorem RogueKilleru, co ty radky v logu presne znamenaji, prosim o strpeni...

prepáčte, že otravujem len sa chcem spýtať či už viete nejaký výsledok aby som vedel čo a ako či mám ten počítač vrátiť neopravený alebo ho ešte pár dní doma skúsiť zachranovať

Jeste prosim strpeni, analyzujem to...

Mezitim udelejte sken avptoolem http://forum.viry.cz/viewtopic.php?f=29&t=58179

VIRY.CZ

Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat

Re: Virus ktory spomalik pc a zahlcuje pamat