VIRY.CZ

Ahoj,
uz dlhsi cas mame problem s trojskym konom Olmarikom -> "Kontrola pri štarte operačná pamäť Operačná pamäť Win32/Olmarik trójsky kôň"
Skusal som robit scan s RootRepeal ale neuspesne... sekne sa pri obrazkoch zo zalohy Google Chrome (C:\Documents and Settings\Peshu\Local Settings\Application Data\Googles\Chrome\Application\3.0.195.32\Resources\Inspector\Images\ -> 8 .png suborov) ktore nejdu zmazat (zakazany pristup) ani vo Windows XP Safe Mode a nedostane sa do nich ani Nod32. (Crash Report na konci)
Podarilo sa mi ale spravit log z ComboFix (ma tu pri tom skoro vystrelo ) ktory je nizsie.
Dufam ze to zatial staci.
Za pomoc DAKUJEM

Log z ComboFix

ComboFix 10-07-01.02 - Peshu . 07. 2010 13:33:32.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1023.704 [GMT 2:00]
Running from: c:\documents and settings\Peshu\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\documents and settings\Peshu\Desktop\EZ-Tracks.com.lnk
c:\documents and settings\Peshu\Start Menu\Programs\videosoft
C:\FirePassword.exe
C:\resycled
c:\windows\system32\drivers\msqpdxbhcvndes.sys
c:\windows\system32\drivers\msqpdxkbmnetqs.sys
c:\windows\system32\drivers\msqpdxomyfrlvr.sys
c:\windows\system32\drivers\msqpdxpdvbxhxi.sys
c:\windows\system32\drivers\msqpdxrnkvvvxe.sys
c:\windows\system32\drivers\msqpdxveuypdwk.sys
c:\windows\system32\drivers\msqpdxwvvmkhbo.sys
c:\windows\system32\msqpdxdqjnmewp.dll
D:\resycled
E:\resycled
F:\resycled

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_msqpdxserv.sys
-------\Legacy_msqpdxserv.sys


((((((((((((((((((((((((( Files Created from 2010-06-03 to 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-06-25 08:02 . 2010-06-25 08:02 1 ----a-w- c:\documents and settings\Peshu\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-25 08:02 . 2010-06-25 08:02 -------- d-----w- c:\documents and settings\Peshu\Application Data\OpenOffice.org
2010-06-25 08:00 . 2010-06-25 08:00 -------- d-----w- c:\program files\OpenOffice.org 3
2010-06-05 14:46 . 2010-06-05 14:46 388096 ----a-r- c:\documents and settings\Peshu\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-05 14:46 . 2010-06-05 14:46 -------- d-----w- c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 11:23 . 2008-12-29 09:25 -------- d-----w- c:\documents and settings\Peshu\Application Data\Skype
2010-07-03 11:13 . 2008-12-29 10:34 70400 ----a-w- c:\documents and settings\Peshu\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-03 10:11 . 2008-12-29 09:28 -------- d-----w- c:\documents and settings\Peshu\Application Data\skypePM
2010-06-28 09:50 . 2010-02-27 19:16 -------- d-----w- c:\program files\SPlayer
2010-06-28 09:50 . 2010-02-27 19:17 -------- d-----w- c:\documents and settings\Peshu\Application Data\SPlayer
2010-06-17 09:59 . 2010-03-27 13:52 -------- d-----w- c:\documents and settings\Peshu\Application Data\vlc
2010-05-26 16:56 . 2010-05-26 16:56 71960 ----a-w- c:\documents and settings\Peshu\Application Data\Mozilla\Plugins\npoctoshape.dll
2010-05-26 16:56 . 2010-05-26 16:56 -------- d-----w- c:\documents and settings\Peshu\Application Data\Octoshape
2010-05-25 06:56 . 2010-05-25 06:56 503808 ----a-w- c:\documents and settings\Peshu\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-49c10cda-n\msvcp71.dll
2010-05-25 06:56 . 2010-05-25 06:56 499712 ----a-w- c:\documents and settings\Peshu\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-49c10cda-n\jmc.dll
2010-05-25 06:56 . 2010-05-25 06:56 348160 ----a-w- c:\documents and settings\Peshu\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-49c10cda-n\msvcr71.dll
2010-05-17 19:48 . 2010-05-17 19:48 -------- d-----w- c:\documents and settings\Peshu\Application Data\HPAppData
2010-05-14 16:36 . 2009-04-01 14:09 -------- d-----w- c:\program files\Google
2010-05-09 12:16 . 2010-05-09 12:16 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2010-05-09 12:16 . 2010-05-09 12:14 -------- d-----w- c:\documents and settings\Peshu\Application Data\HP
2010-05-09 12:16 . 2010-05-09 12:04 166615 ----a-w- c:\windows\hpoins36.dat
2010-05-09 12:14 . 2010-05-09 12:07 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-05-09 12:10 . 2008-12-29 08:38 -------- d-----w- c:\program files\HP
2010-05-09 12:09 . 2010-05-09 12:09 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-05-09 12:08 . 2008-12-29 08:42 -------- d-----w- c:\program files\Common Files\HP
2010-04-24 13:32 . 2010-04-24 13:32 921632 ----a-w- C:\PA7311.DAT
2010-04-15 14:52 . 2008-12-29 16:21 65536 ----a-w- c:\windows\OLE2VBDB.DAT
2009-05-01 09:24 . 2009-05-01 09:23 24 --sh--w- c:\windows\S96149121.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-12-09 17:40 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Peshu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-12-29 133104]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2008-10-09 200136]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-12-06 2387968]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"Octoshape Streaming Services"="c:\documents and settings\Peshu\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2009-01-08 70936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
"AudioDeck"="c:\program files\VIAudioi\SBADeck\ADeck.exe" [2004-06-24 7932416]
"Gainward"="c:\windows\TBPanel.exe" [2006-09-14 2162688]
"Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"TC UP"="e:\programs\TC UP\TC UP.exe" [2008-10-13 36352]
"WinampAgent"="e:\programs\Winamp\winampa.exe" [2008-09-12 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"InCD"="e:\programs\Nero\InCD\InCD.exe" [2006-03-23 1398272]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-28 111928]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-02-26 2140880]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Peshu\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"e:\\Programs\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [26. 2. 2010 6:41 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10. 6. 2008 19:56 95872]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13. 1. 2006 15:00 15872]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [23. 1. 2009 17:51 51072]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [29. 12. 2008 12:34 464264]
R2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [29. 12. 2008 12:34 234888]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [26. 2. 2010 6:41 810120]
R3 GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver;c:\windows\system32\drivers\getnd5b.sys [29. 12. 2008 10:22 44032]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\drivers\PA707UCM.SYS [8. 11. 2006 10:59 530304]
S2 gupdate1c9b2d377bba8bc;Služba Google Update (gupdate1c9b2d377bba8bc);c:\program files\Google\Update\GoogleUpdate.exe [1. 4. 2009 16:09 133104]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [28. 3. 2010 14:20 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [28. 3. 2010 14:20 8456]
S3 pspdisp;pspdisp;c:\windows\system32\drivers\pspdisp.sys [4. 8. 2009 18:04 3072]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29. 12. 2008 15:13 717296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-12-06 22:18 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 14:09]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-01 14:09]

2010-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-484061587-839522115-1003Core.job
- c:\documents and settings\Peshu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-27 09:12]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-484061587-839522115-1003UA.job
- c:\documents and settings\Peshu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-27 09:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.ez-tracks.com/?fromOMB=1
mStart Page = hxxp://home.ez-tracks.com/?fromOMB=1
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-nwiz - nwiz.exe
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 13:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-07-03 13:39:17
ComboFix-quarantined-files.txt 2010-07-03 11:39

Pre-Run: 1 136 123 904 bytes free
Post-Run: 1 269 858 304 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - B292DA82D2C5CE4210CD86DD1DFCDD5A


+ Crash report z RootRepeal

ROOTREPEAL CRASH REPORT
-------------------------
Windows Version: Windows XP SP2
Exception Code: 0xc0000005
Exception Address: 0x0041102f
Attempt to read from address: 0x10f6a860

Zdravím

Kdo vám poradil použít ComboFix Akorát jste mi zamaskoval stopy a můžete být rád, že Vám nezbořil systém.


Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

ComboFix som pouzil na zaklade jedneho topicu kde sa riesil tento isty problem, za zamaskovanie stop sa ospravedlnujem a som velmi rad ze sa mi nezboril system (do istej miery)
Dalej som spravil vsetko podla Vasho navodu a tu su logy:

MBR log

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys viaide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK


GMER logy
1.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-03 14:38:08
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Peshu\LOCALS~1\Temp\uwlcapoc.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)

---- EOF - GMER 1.0.15 ----
2.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-03 15:42:12
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\Peshu\LOCALS~1\Temp\uwlcapoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xF3625610]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xF3625C10]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0xF3625730]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0xF36254B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenThread [0xF3625570]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xF36256D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xF3625690]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xF3625650]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xF36257D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xF3625510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xF3625590]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xF36254D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xF36255D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xF3625750]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 3A3 804E3074 2 Bytes [90, 56] {NOP ; PUSH ESI}
.text ntoskrnl.exe!_abnormal_termination + 3A6 804E3077 1 Byte [F3]
.text ntoskrnl.exe!_abnormal_termination + 443 804E3114 2 Bytes [10, 55]
.text ntoskrnl.exe!_abnormal_termination + 446 804E3117 5 Bytes [F3, 90, 55, 62, F3]
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF6C6B380, 0x566465, 0xE8000020]
? C:\DOCUME~1\Peshu\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

pokracovanie

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[440] kernel32.dll!SetUnhandledExceptionFilter 7C810386 4 Bytes [C2, 04, 00, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2308] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2316] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2432] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2456] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2464] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2472] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2484] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2500] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2508] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2516] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtCreateFile + 6 7C90D688 4 Bytes [28, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtCreateFile + B 7C90D68D 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenFile + 6 7C90DD03 4 Bytes [68, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenFile + B 7C90DD08 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcess + 6 7C90DD81 4 Bytes [A8, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcess + B 7C90DD86 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcessToken + 6 7C90DD96 4 Bytes CALL 7B90F29C
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcessToken + B 7C90DD9B 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcessTokenEx + 6 7C90DDAB 4 Bytes [A8, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenProcessTokenEx + B 7C90DDB0 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThread + 6 7C90DDFF 4 Bytes [68, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThread + B 7C90DE04 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThreadToken + 6 7C90DE14 4 Bytes [68, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThreadToken + B 7C90DE19 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThreadTokenEx + 6 7C90DE29 4 Bytes CALL 7B90F330
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtOpenThreadTokenEx + B 7C90DE2E 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtQueryAttributesFile + 6 7C90DEE6 4 Bytes [A8, 00, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtQueryAttributesFile + B 7C90DEEB 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtQueryFullAttributesFile + 6 7C90DFB8 4 Bytes CALL 7B90F4BD
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtQueryFullAttributesFile + B 7C90DFBD 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtSetInformationFile + 6 7C90E5DF 4 Bytes [28, 01, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtSetInformationFile + B 7C90E5E4 1 Byte [E2]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtSetInformationThread + 6 7C90E648 4 Bytes [28, 02, 15, 00]
.text C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2524] ntdll.dll!NtSetInformationThread + B 7C90E64D 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)

Device \FileSystem\Fastfat \Fat kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)

---- EOF - GMER 1.0.15 ----

Dufam ze som uz nic nepokazil.

P.S. Po dokonceni prace ComboFixu mi uz Nod32 nevyhadzuje Olmarika po starte

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter



Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

Dejte nový log z RSIT.

Precistene a log z RSIT (zatial som sem iny nedaval )

Logfile of random's system information tool 1.07 (written by random/random)
Run by Peshu at 2010-07-03 17:38:41
Microsoft Windows XP Professional Service Pack 2
System drive C: has 2 GB (10%) free of 15 GB
Total RAM: 1023 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:47, on 3. 7. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\Programs\Nero\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\WINDOWS\TBPanel.exe
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
E:\Programs\Winamp\winampa.exe
E:\Programs\TC UP\totalcmd.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
E:\Programs\Nero\InCD\InCD.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Peshu\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
E:\~Download\RSIT.exe
C:\Program Files\trend micro\Peshu.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.ez-tracks.com/?fromOMB=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.ez-tracks.com/?fromOMB=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [TC UP] "E:\Programs\TC UP\TC UP.exe" /wnd=max
O4 - HKLM\..\Run: [WinampAgent] E:\Programs\Winamp\winampa.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] E:\Programs\Nero\InCD\InCD.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Peshu\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate1c9b2d377bba8bc) (gupdate1c9b2d377bba8bc) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - E:\Programs\Nero\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 10235 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-484061587-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1547161642-484061587-839522115-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-12-09 333192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"=C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2004-06-24 7932416]
"Gainward"=C:\WINDOWS\TBPanel.exe [2006-09-14 2162688]
"Monitor"=C:\WINDOWS\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"TC UP"=E:\Programs\TC UP\TC UP.exe [2008-10-13 36352]
"WinampAgent"=E:\Programs\Winamp\winampa.exe [2008-09-12 36352]
"Device Detector"=DevDetect.exe -autorun []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"InCD"=E:\Programs\Nero\InCD\InCD.exe [2006-03-23 1398272]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-01-28 111928]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-02-26 2140880]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Peshu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-12-29 133104]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-12-07 2387968]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"Octoshape Streaming Services"=C:\Documents and Settings\Peshu\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Peshu\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"E:\Programs\Vuze\Azureus.exe"="E:\Programs\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

======List of files/folders created in the last 1 months======

2010-07-03 17:38:41 ----D---- C:\rsit
2010-07-03 17:33:08 ----D---- C:\Program Files\CCleaner
2010-07-03 17:24:35 ----SHD---- C:\RECYCLER
2010-07-03 17:18:09 ----D---- C:\WINDOWS\system32\appmgmt
2010-07-03 13:29:03 ----A---- C:\Boot.bak
2010-07-03 13:29:00 ----RASHD---- C:\cmdcons
2010-07-03 12:48:54 ----A---- C:\RootRepeal report 07-03-10 (12-48-54).txt
2010-06-25 10:02:47 ----D---- C:\Documents and Settings\Peshu\Application Data\OpenOffice.org
2010-06-25 10:00:17 ----D---- C:\Program Files\OpenOffice.org 3
2010-06-05 16:46:16 ----D---- C:\Program Files\Trend Micro

======List of files/folders modified in the last 1 months======

2010-07-03 17:38:42 ----D---- C:\WINDOWS\Temp
2010-07-03 17:38:38 ----D---- C:\WINDOWS\Prefetch
2010-07-03 17:34:51 ----D---- C:\WINDOWS\Debug
2010-07-03 17:34:51 ----D---- C:\WINDOWS
2010-07-03 17:34:51 ----D---- C:\Documents and Settings\Peshu\Application Data\Azureus
2010-07-03 17:34:04 ----A---- C:\WINDOWS\DFC.INI
2010-07-03 17:33:08 ----RD---- C:\Program Files
2010-07-03 17:30:20 ----D---- C:\Documents and Settings\Peshu\Application Data\Skype
2010-07-03 17:28:22 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-07-03 17:24:34 ----D---- C:\WINDOWS\system32
2010-07-03 17:22:48 ----D---- C:\WINDOWS\Minidump
2010-07-03 17:21:59 ----SHD---- C:\System Volume Information
2010-07-03 17:21:59 ----D---- C:\WINDOWS\system32\Restore
2010-07-03 17:18:31 ----D---- C:\Documents and Settings\Peshu\Application Data\HPAppData
2010-07-03 17:18:09 ----SHD---- C:\WINDOWS\Installer
2010-07-03 17:18:09 ----D---- C:\Program Files\SweetIM
2010-07-03 17:17:57 ----D---- C:\Documents and Settings\All Users\Application Data\SweetIM
2010-07-03 14:27:04 ----D---- C:\WINDOWS\system32\drivers
2010-07-03 13:38:13 ----A---- C:\WINDOWS\system.ini
2010-07-03 13:36:07 ----D---- C:\WINDOWS\AppPatch
2010-07-03 13:36:03 ----D---- C:\Program Files\Common Files
2010-07-03 13:32:44 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-03 13:29:03 ----RASH---- C:\boot.ini
2010-07-03 12:11:22 ----D---- C:\Documents and Settings\Peshu\Application Data\skypePM
2010-06-28 11:50:46 ----D---- C:\Program Files\SPlayer
2010-06-28 11:50:17 ----D---- C:\Documents and Settings\Peshu\Application Data\SPlayer
2010-06-25 19:56:06 ----A---- C:\WINDOWS\WDICT32.INI
2010-06-25 10:01:20 ----RSD---- C:\WINDOWS\assembly
2010-06-25 10:00:31 ----RSD---- C:\WINDOWS\Fonts
2010-06-20 20:02:59 ----D---- C:\ALFA
2010-06-17 11:59:19 ----D---- C:\Documents and Settings\Peshu\Application Data\vlc
2010-06-13 18:51:55 ----D---- C:\WINDOWS\system32\wbem
2010-06-13 18:51:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-05 16:46:17 ----SD---- C:\Documents and Settings\Peshu\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-04 37376]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-02-26 95872]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2006-03-23 29440]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-23 33536]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2009-12-22 51072]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2002-07-27 5306]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GETNDIS;VIA Networking Velocity Family Giga-bit Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\getnd5b.sys [2003-09-02 44032]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-16 10232352]
R3 PAC7311;VGA SoC PC-Camera; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2006-11-08 530304]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-05-24 141696]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2006-03-23 102016]
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 pspdisp;pspdisp; C:\WINDOWS\system32\DRIVERS\pspdisp.sys [2009-08-04 3072]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
S3 WinUSB;WinUSB driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-12-09 464264]
R2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2008-12-09 234888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-02-26 810120]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R2 InCDsrv;InCD Helper; E:\Programs\Nero\InCD\InCDsrv.exe [2006-03-23 880128]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-12-07 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S2 gupdate1c9b2d377bba8bc;Služba Google Update (gupdate1c9b2d377bba8bc); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-01 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-02-26 33560]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100


V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

OK... nainstaloval som Sunbelt Kerio Personal Firewall... ak je to vsetko tak to zanamena ze uz mam cisty PC? Bez nejakych vacsich skod? Ak ano tak velmi pekne DAKUJEM za ochotu a cas

Ano, je to vše.

Mám podobný problém pri štarte eset piše hlášku -operačná pamäť win32/Olmarik trojsky kôň.
Skušal som ho odstránit s malwarebytes ale neuspešne.Vie niekto pomôct prikladam log s rsit,Ďakujem.
Logfile of random's system information tool 1.08 (written by random/random)
Run by I5 at 2011-02-27 13:44:23
Microsoft Windows 7 Ultimate
System drive C: has 83 GB (73%) free of 113 GB
Total RAM: 3582 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:44:31, on 27. 2. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Users\I5\Desktop\RSIT.exe
C:\Program Files\trend micro\I5.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GIGABYTEMOUSE] C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{19D9E8BD-2B13-4C13-843C-A46EE6D986BD}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{19D9E8BD-2B13-4C13-843C-A46EE6D986BD}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{19D9E8BD-2B13-4C13-843C-A46EE6D986BD}: NameServer = 192.168.1.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8294 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2011-01-13 241464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-08-29 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-08-29 798771]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2011-01-13 687808]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-11-08 2219184]
"GIGABYTEMOUSE"=C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [2009-11-26 1278464]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ConMet"=C:\Program Files\ConMet\ConMet.exe [2010-11-12 4252160]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2009-10-19 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]
C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [2010-03-08 5174568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Detector 4.lnk]
C:\PROGRA~1\OLYMPUS\DEVICE~1\DEVICE~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Orbitdownloader\orbitdm.exe"="C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-02-27 13:44:25 ----D---- C:\Program Files\trend micro
2011-02-27 13:44:23 ----D---- C:\rsit
2011-02-26 18:40:38 ----A---- C:\Windows\system32\drivers\pavboot.sys
2011-02-26 18:40:36 ----D---- C:\Program Files\Panda Security
2011-02-26 17:53:18 ----D---- C:\Windows\temp
2011-02-26 17:52:40 ----SHD---- C:\$RECYCLE.BIN
2011-02-26 12:49:43 ----D---- C:\Users\I5\AppData\Roaming\Malwarebytes
2011-02-26 12:49:36 ----D---- C:\ProgramData\Malwarebytes
2011-02-26 12:49:36 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-02-26 12:49:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-26 12:49:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-02-26 11:42:39 ----AD---- C:\ProgramData\TEMP
2011-02-25 20:07:55 ----D---- C:\Windows\system32\EventProviders
2011-02-25 20:07:49 ----D---- C:\20443756df1c75b80f
2011-02-20 13:55:13 ----A---- C:\Windows\system32\OpenCL.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvwgf2um.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvoglv32.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvgenco322040.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvdispco322090.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvcuvid.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvcuda.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\nvcompiler.dll
2011-02-20 13:55:12 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-02-20 13:54:37 ----D---- C:\NVIDIA
2011-02-19 10:10:55 ----D---- C:\Users\I5\AppData\Roaming\MozBackup
2011-02-16 18:14:20 ----D---- C:\Program Files\GIGABYTE
2011-02-11 19:42:21 ----D---- C:\Program Files\Graboid
2011-02-09 17:50:46 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 17:50:43 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 17:50:43 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 17:50:42 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 17:50:41 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 17:50:41 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 17:50:41 ----A---- C:\Windows\system32\ieui.dll
2011-02-09 17:50:41 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 17:50:40 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\jsproxy.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 17:50:40 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 17:50:34 ----A---- C:\Windows\system32\vbscript.dll
2011-02-09 17:50:34 ----A---- C:\Windows\system32\jscript.dll
2011-02-09 17:50:33 ----A---- C:\Windows\system32\kerberos.dll
2011-02-09 17:50:32 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 17:50:31 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 17:50:31 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 17:50:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 17:50:05 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 17:50:04 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-03 21:14:46 ----A---- C:\Windows\system32\TURegOpt.exe
2011-02-03 21:14:11 ----A---- C:\Windows\system32\uxtuneup.dll
2011-02-03 21:14:11 ----A---- C:\Windows\system32\authuitu.dll
2011-02-03 21:14:01 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-02-03 21:13:05 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-02-03 20:43:06 ----D---- C:\Program Files\Ashampoo

======List of files/folders modified in the last 1 months======

2011-02-27 13:44:31 ----D---- C:\Windows\Prefetch
2011-02-27 13:44:25 ----RD---- C:\Program Files
2011-02-27 13:40:47 ----D---- C:\Program Files\Fausto
2011-02-27 13:37:56 ----D---- C:\Windows\System32
2011-02-27 13:37:56 ----D---- C:\Windows\inf
2011-02-27 13:37:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-27 13:32:29 ----D---- C:\Users\I5\AppData\Roaming\ConMet
2011-02-27 13:32:13 ----D---- C:\ProgramData\ConMet
2011-02-27 13:32:01 ----D---- C:\ProgramData\NVIDIA
2011-02-27 13:31:55 ----AD---- C:\Windows
2011-02-27 13:22:45 ----D---- C:\Windows\system32\config
2011-02-27 12:57:52 ----D---- C:\Windows\Minidump
2011-02-27 12:56:53 ----D---- C:\Program Files\CCleaner
2011-02-27 12:56:08 ----D---- C:\Users\I5\AppData\Roaming\Orbit
2011-02-27 10:32:24 ----D---- C:\Windows\system32\drivers
2011-02-27 10:32:20 ----SHD---- C:\System Volume Information
2011-02-27 10:18:10 ----D---- C:\Windows\system32\Tasks
2011-02-27 10:16:02 ----D---- C:\Program Files\SlySoft
2011-02-26 21:39:23 ----D---- C:\Program Files\ESET
2011-02-26 21:38:10 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-02-26 18:40:12 ----D---- C:\Windows\Downloaded Program Files
2011-02-26 17:52:12 ----A---- C:\Windows\system.ini
2011-02-26 17:50:35 ----D---- C:\Windows\AppPatch
2011-02-26 17:50:34 ----D---- C:\Program Files\Common Files
2011-02-26 17:47:52 ----D---- C:\Windows\system32\catroot2
2011-02-26 17:03:48 ----D---- C:\Windows\system32\drivers\etc
2011-02-26 12:49:36 ----D---- C:\ProgramData
2011-02-26 12:22:35 ----SHD---- C:\Windows\Installer
2011-02-26 11:00:34 ----D---- C:\Users\I5\AppData\Roaming\uTorrent
2011-02-26 09:47:50 ----D---- C:\Windows\Tasks
2011-02-26 09:47:50 ----D---- C:\Windows\system32\wfp
2011-02-26 09:47:50 ----D---- C:\Windows\system32\wbem
2011-02-26 09:47:50 ----D---- C:\Windows\system32\sk-SK
2011-02-26 09:47:50 ----D---- C:\Windows\system32\en-US
2011-02-26 09:47:49 ----D---- C:\Windows\winsxs
2011-02-26 09:46:12 ----D---- C:\Windows\system32\sysprep
2011-02-26 09:46:08 ----RSD---- C:\Windows\Fonts
2011-02-26 09:46:08 ----D---- C:\Windows\TAPI
2011-02-26 09:46:08 ----D---- C:\Windows\system32\sppui
2011-02-26 09:46:08 ----D---- C:\Windows\system32\Setup
2011-02-26 09:46:08 ----D---- C:\Windows\system32\oobe
2011-02-26 09:46:08 ----D---- C:\Windows\system32\migwiz
2011-02-26 09:46:08 ----D---- C:\Windows\system32\migration
2011-02-26 09:46:08 ----D---- C:\Windows\system32\manifeststore
2011-02-26 09:46:08 ----D---- C:\Windows\system32\es-ES
2011-02-26 09:46:08 ----D---- C:\Windows\system32\en
2011-02-26 09:46:08 ----D---- C:\Windows\system32\DriverStore
2011-02-26 09:46:08 ----D---- C:\Windows\system32\drivers\UMDF
2011-02-26 09:46:08 ----D---- C:\Windows\system32\drivers\en-US
2011-02-26 09:46:08 ----D---- C:\Windows\system32\Dism
2011-02-26 09:46:08 ----D---- C:\Windows\system32\da-DK
2011-02-26 09:46:08 ----D---- C:\Windows\system32\cs-CZ
2011-02-26 09:46:08 ----D---- C:\Windows\system32\Boot
2011-02-26 09:46:08 ----D---- C:\Windows\system32\AdvancedInstallers
2011-02-26 09:46:08 ----D---- C:\Windows\servicing
2011-02-26 09:46:08 ----D---- C:\Windows\PolicyDefinitions
2011-02-26 09:46:07 ----SHD---- C:\Windows\BitLockerDiscoveryVolumeContents
2011-02-26 09:46:07 ----D---- C:\Windows\ehome
2011-02-26 09:46:07 ----D---- C:\Program Files\Windows Sidebar
2011-02-26 09:46:07 ----D---- C:\Program Files\Windows Photo Viewer
2011-02-26 09:46:07 ----D---- C:\Program Files\Windows Media Player
2011-02-26 09:46:07 ----D---- C:\Program Files\Windows Mail
2011-02-26 09:46:07 ----D---- C:\Program Files\Windows Defender
2011-02-26 09:46:07 ----D---- C:\Program Files\Internet Explorer
2011-02-26 09:46:07 ----D---- C:\Program Files\DVD Maker
2011-02-26 09:45:58 ----D---- C:\Windows\system32\spp
2011-02-26 09:45:58 ----D---- C:\Windows\system32\Speech
2011-02-26 09:45:58 ----D---- C:\Windows\system32\MUI
2011-02-26 09:45:52 ----D---- C:\Windows\system32\CodeIntegrity
2011-02-26 09:45:47 ----D---- C:\Program Files\ConMet
2011-02-26 09:45:44 ----D---- C:\Program Files\Windows Portable Devices
2011-02-26 09:44:44 ----D---- C:\Windows\registration
2011-02-26 09:42:31 ----D---- C:\Windows\Microsoft.NET
2011-02-26 09:42:02 ----RSD---- C:\Windows\assembly
2011-02-25 19:53:25 ----D---- C:\Windows\system32\catroot
2011-02-20 15:25:38 ----D---- C:\Program Files\JDownloader
2011-02-20 14:19:56 ----D---- C:\Users\I5\AppData\Roaming\vlc
2011-02-20 13:57:03 ----D---- C:\Config.Msi
2011-02-20 13:55:32 ----D---- C:\Program Files\NVIDIA Corporation
2011-02-20 09:29:57 ----D---- C:\Users\I5\AppData\Roaming\Skype
2011-02-19 09:16:46 ----D---- C:\Program Files\Duolabs
2011-02-19 09:12:33 ----D---- C:\Windows\Downloaded Installations
2011-02-09 20:38:48 ----D---- C:\ProgramData\Win7codecs
2011-02-09 19:48:30 ----D---- C:\Windows\debug
2011-02-09 17:51:23 ----A---- C:\Windows\system32\MRT.exe
2011-02-09 17:47:00 ----D---- C:\Users\I5\AppData\Roaming\dvdcss
2011-02-05 18:22:44 ----D---- C:\Users\I5\AppData\Roaming\MOBILedit
2011-02-03 21:19:32 ----D---- C:\ProgramData\TuneUp Software
2011-02-03 21:14:04 ----D---- C:\Users\I5\AppData\Roaming\TuneUp Software
2011-01-30 13:27:56 ----D---- C:\Users\I5\AppData\Roaming\Canon
2011-01-29 12:19:12 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2009-10-19 99440]
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-08-14 158272]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-08-14 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-08-14 581984]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2005-07-28 685056]
R2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-12-18 97792]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2007-10-28 96832]
R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-12-20 20952]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-26 58240]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2009-10-26 136704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-09-17 1086976]
R3 vmlitediskmp;vmlitediskmp; C:\Windows\system32\DRIVERS\vmlitediskmp.sys [2009-11-11 115800]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2007-06-17 186592]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-08-14 160288]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BCM43XX;ASUS 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-10-23 2494968]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2010-07-21 44432]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-09-04 23152]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2009-10-22 57800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-03-30 72520]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32.sys [2010-07-21 40848]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 rockusb;Driver for rockusb Device; C:\Windows\system32\DRIVERS\rockusb.sys [2006-03-22 73984]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WINUSB;WinUsb Driver; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 34944]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2007-07-19 689408]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-11-08 810144]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-01-07 608872]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-12-14 1517376]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-11-08 33584]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
S4 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-08-14 2480048]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 Olympus DVR Service;Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [2010-04-21 176128]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]

-----------------EOF-----------------

mojamoja píše:Mám podobný problém

Hezke nedelni odpoledne

Zalozte si prosim vlastni nove tema.
Zaprve, tim, ze lezete nekomu do tematu s vlastnim problemem, porusujete pravidla fora.
A zadruhe, je to pro vas vyhodnejsi, protoze si vas nekdo z radcu vsimne o hodne drive

Zdravím

Jak píše kolega, založte si, prosím, své vlastní téma.

Zde zamykám