Stažený soubor

Zpráva

anakin123 · #1 Příspěvek od **anakin123** » 26 led 2011 19:23

Dobrý den,
na známé sociální síti mi poslal kamarád zprávu, která obsahovala odkaz. Po kliknutí na obraz, se mi objevilo okénko pro stažení. Vypadalo to jako .JPG soubor. Stáhl jsem si to a po kliknutí na ten soubor, se mi objevila hláška pro spuštění. Klikl jsem spustit. Objevila se mi webová stránka, teď si nejsem jistý jestli ji mohu napsat - Myspace. Webovou stránku jsem zavřel, soubor jsem přesunul do nové složky, abych ho mohl zkontrolovat Avast! Free Antivirusem. Po otestování a znovu otevření složky, se soubor nikde nenacházel. Zkusil jsem počítač zkontrolovat Spyware Terminatorem, nic nenašel. Nyní počítač testuji Avastem, prozatím nic nenašel. Ale přesto se vás musím zeptat, jestli mám této situaci dávat poněkud větší zřetel. Ještě menší upozornění, ohledně antivirů, virusů atp. jsem začátečník.

Děkuji.

1danab · #2 Příspěvek od **1danab** » 26 led 2011 20:06

zdravím

stáhněte z mého podpisu RSIT, nechte skenovat a vložte mi sem výsledný log

anakin123 · #3 Příspěvek od **anakin123** » 26 led 2011 20:32

Tak zde je výsledný log:

Kód: Vybrat vše

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\System32\svchost.exe -k LPDService
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\System32\tcpsvcs.exe
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
taskeng.exe {C79E7D42-9FA3-4982-9C25-D3A2A8B65E33}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\DAODx.exe 
"C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe" 
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" 
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\splwow64.exe 2
"c:\windows\nvsvc32.exe"
C:\Windows\system32\AUDIODG.EXE 0x9e0
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" 
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe23_ Global\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 
"C:\Users\LH\Desktop\RSITx64.exe" 
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\LH\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2010-05-11 144944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-21 3318784]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-26 49664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-03-15 2369536]
"TurboV EVO"=C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2010-07-15 9936512]
"Six Engine"=C:\Program Files (x86)\ASUS\EPU\EPU.exe [2010-03-16 5309056]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-26 375000]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-25 98304]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-26 49664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Users\LH\Desktop\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-26 20:27:50 ----D---- C:\rsit
2011-01-26 20:27:50 ----D---- C:\Program Files\trend micro
2011-01-26 18:41:20 ----RSH---- C:\Windows\nvsvc32.exe
2011-01-24 15:15:01 ----D---- C:\Users\LH\AppData\Roaming\skypePM
2011-01-24 15:12:35 ----RD---- C:\Program Files (x86)\Skype
2011-01-24 15:12:34 ----D---- C:\Users\LH\AppData\Roaming\Skype
2011-01-24 15:12:31 ----D---- C:\ProgramData\Skype
2011-01-21 19:12:57 ----D---- C:\ProgramData\Nexon
2011-01-21 19:04:43 ----D---- C:\ProgramData\NexonEU
2011-01-21 19:04:43 ----D---- C:\Nexon
2011-01-17 21:12:01 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonIJMyPrinter
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonIJEPPEX2
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonEPP
2011-01-17 21:11:03 ----D---- C:\ProgramData\CanonIJPLM
2011-01-17 20:22:49 ----D---- C:\ProgramData\Canon IJ Network Tool
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNC5200U.dll
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNC5200L.dll
2011-01-17 20:18:20 ----D---- C:\ProgramData\CanonIJMSetup
2011-01-17 20:16:04 ----D---- C:\Program Files\Common Files\CANON
2011-01-17 20:15:56 ----D---- C:\ProgramData\CanonIJWSpt
2011-01-17 20:14:39 ----D---- C:\Program Files\Canon
2011-01-17 20:13:59 ----HD---- C:\ProgramData\CanonBJ
2011-01-17 20:13:56 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2011-01-17 20:13:44 ----A---- C:\Windows\system32\CNMLMAE.DLL
2011-01-17 20:13:37 ----A---- C:\Windows\system32\CNMIUAE.DLL
2011-01-17 20:13:30 ----HD---- C:\Program Files\CanonBJ
2011-01-17 20:13:23 ----D---- C:\Windows\system32\STRING
2011-01-17 20:13:23 ----A---- C:\Windows\system32\CNMN6UI.DLL
2011-01-17 20:13:23 ----A---- C:\Windows\system32\CNMN6PPM.DLL
2011-01-17 20:12:38 ----D---- C:\Program Files (x86)\Canon
2011-01-16 10:16:16 ----D---- C:\Program Files (x86)\City Life Deluxe
2011-01-15 13:55:37 ----D---- C:\Users\LH\AppData\Roaming\Real
2011-01-05 19:32:10 ----D---- C:\Program Files (x86)\ruse
2011-01-04 20:01:40 ----D---- C:\Program Files\Officers
2010-12-30 15:55:07 ----D---- C:\Users\LH\AppData\Roaming\GHISLER
2010-12-30 15:55:07 ----D---- C:\Program Files (x86)\totalcmd
2010-12-30 15:55:07 ----A---- C:\Windows\UC.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\RAR.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\PKZIP.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\PKUNZIP.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\NOCLOSE.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\LHA.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\ARJ.PIF
2010-12-27 17:11:51 ----A---- C:\Windows\SYSWOW64\Common_nat.dll
2010-12-27 17:11:18 ----A---- C:\Windows\SYSWOW64\X Mod Packer V.1.0_nat.dll
2010-12-27 10:45:54 ----SHD---- C:\ProgramData\SecuROM

======List of files/folders modified in the last 1 months======

2011-01-26 20:27:50 ----RD---- C:\Program Files
2011-01-26 19:32:00 ----D---- C:\Windows\system32\config
2011-01-26 19:27:30 ----D---- C:\Windows\System32
2011-01-26 19:27:30 ----D---- C:\Windows\inf
2011-01-26 19:27:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-26 19:22:15 ----D---- C:\Windows\Temp
2011-01-26 18:44:00 ----D---- C:\Users\LH\AppData\Roaming\Spyware Terminator
2011-01-26 18:43:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-01-26 18:41:20 ----D---- C:\Windows
2011-01-26 18:40:41 ----D---- C:\Windows\Prefetch
2011-01-26 18:02:40 ----D---- C:\Windows\system32\drivers
2011-01-26 18:02:12 ----D---- C:\Windows\system32\NDF
2011-01-26 14:17:24 ----D---- C:\ProgramData\Spyware Terminator
2011-01-26 14:16:27 ----D---- C:\Windows\system32\catroot2
2011-01-24 15:46:17 ----SHD---- C:\Windows\Installer
2011-01-24 15:46:11 ----D---- C:\Windows\system32\Tasks
2011-01-24 15:46:09 ----D---- C:\Program Files (x86)\Common Files
2011-01-24 15:41:27 ----SHD---- C:\System Volume Information
2011-01-24 15:25:47 ----D---- C:\Windows\system32\FxsTmp
2011-01-24 15:15:03 ----D---- C:\Windows\SysWOW64
2011-01-24 15:12:35 ----RD---- C:\Program Files (x86)
2011-01-24 15:12:31 ----HD---- C:\ProgramData
2011-01-17 20:22:43 ----D---- C:\Windows\twain_32
2011-01-17 20:22:42 ----RSD---- C:\Windows\Media
2011-01-17 20:16:04 ----D---- C:\Program Files\Common Files
2011-01-17 20:13:55 ----D---- C:\Windows\system32\catroot
2011-01-17 20:13:54 ----D---- C:\Windows\system32\DriverStore
2011-01-16 17:07:32 ----SD---- C:\Users\LH\AppData\Roaming\Microsoft
2011-01-11 15:09:29 ----RSD---- C:\Windows\assembly
2011-01-11 15:08:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-01-11 14:59:05 ----D---- C:\Program Files (x86)\Activision
2011-01-06 18:52:28 ----D---- C:\ProgramData\Adobe
2011-01-06 18:52:11 ----D---- C:\Users\LH\AppData\Roaming\Adobe
2011-01-06 18:50:55 ----D---- C:\Program Files (x86)\Adobe
2011-01-04 17:32:39 ----D---- C:\Downloads
2010-12-28 20:12:57 ----D---- C:\Users\LH\AppData\Roaming\BITS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-11 115824]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-02 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-05-06 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-05-06 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-05-06 51280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 22096]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 63568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 7767040]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 279040]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-03-02 1301504]
S3 a3lhirek;a3lhirek; C:\Windows\system32\drivers\a3lhirek.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2010-06-24 109056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-02 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-12-02 189248]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2010-12-21 948775]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

1danab · #4 Příspěvek od **1danab** » 26 led 2011 20:54

log není celý...zopakujte to znovu a vložte mi sem celý log

anakin123 · #5 Příspěvek od **anakin123** » 26 led 2011 21:05

Kód: Vybrat vše

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe"
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\System32\svchost.exe -k LPDService
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\System32\tcpsvcs.exe
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
atieclxx
taskeng.exe {C79E7D42-9FA3-4982-9C25-D3A2A8B65E33}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\DAODx.exe 
"C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe" 
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" 
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" 
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
"C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" 
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\splwow64.exe 2
"c:\windows\nvsvc32.exe"
C:\Windows\system32\AUDIODG.EXE 0x9e0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe24_ Global\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 
"C:\Users\LH\Desktop\RSITx64.exe" 

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\LH\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2010-05-11 144944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-12-21 3318784]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-26 49664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-03-15 2369536]
"TurboV EVO"=C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe [2010-07-15 9936512]
"Six Engine"=C:\Program Files (x86)\ASUS\EPU\EPU.exe [2010-03-16 5309056]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-10-26 375000]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-25 98304]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2011-01-26 49664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Users\LH\Desktop\facebook-pic000934519.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2011-01-26 20:27:50 ----D---- C:\rsit
2011-01-26 20:27:50 ----D---- C:\Program Files\trend micro
2011-01-26 18:41:20 ----RSH---- C:\Windows\nvsvc32.exe
2011-01-24 15:15:01 ----D---- C:\Users\LH\AppData\Roaming\skypePM
2011-01-24 15:12:35 ----RD---- C:\Program Files (x86)\Skype
2011-01-24 15:12:34 ----D---- C:\Users\LH\AppData\Roaming\Skype
2011-01-24 15:12:31 ----D---- C:\ProgramData\Skype
2011-01-21 19:12:57 ----D---- C:\ProgramData\Nexon
2011-01-21 19:04:43 ----D---- C:\ProgramData\NexonEU
2011-01-21 19:04:43 ----D---- C:\Nexon
2011-01-17 21:12:01 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonIJMyPrinter
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonIJEPPEX2
2011-01-17 21:11:59 ----HD---- C:\ProgramData\CanonEPP
2011-01-17 21:11:03 ----D---- C:\ProgramData\CanonIJPLM
2011-01-17 20:22:49 ----D---- C:\ProgramData\Canon IJ Network Tool
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNC5200U.dll
2011-01-17 20:22:42 ----A---- C:\Windows\SYSWOW64\CNC5200L.dll
2011-01-17 20:18:20 ----D---- C:\ProgramData\CanonIJMSetup
2011-01-17 20:16:04 ----D---- C:\Program Files\Common Files\CANON
2011-01-17 20:15:56 ----D---- C:\ProgramData\CanonIJWSpt
2011-01-17 20:14:39 ----D---- C:\Program Files\Canon
2011-01-17 20:13:59 ----HD---- C:\ProgramData\CanonBJ
2011-01-17 20:13:56 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2011-01-17 20:13:44 ----A---- C:\Windows\system32\CNMLMAE.DLL
2011-01-17 20:13:37 ----A---- C:\Windows\system32\CNMIUAE.DLL
2011-01-17 20:13:30 ----HD---- C:\Program Files\CanonBJ
2011-01-17 20:13:23 ----D---- C:\Windows\system32\STRING
2011-01-17 20:13:23 ----A---- C:\Windows\system32\CNMN6UI.DLL
2011-01-17 20:13:23 ----A---- C:\Windows\system32\CNMN6PPM.DLL
2011-01-17 20:12:38 ----D---- C:\Program Files (x86)\Canon
2011-01-16 10:16:16 ----D---- C:\Program Files (x86)\City Life Deluxe
2011-01-15 13:55:37 ----D---- C:\Users\LH\AppData\Roaming\Real
2011-01-05 19:32:10 ----D---- C:\Program Files (x86)\ruse
2011-01-04 20:01:40 ----D---- C:\Program Files\Officers
2010-12-30 15:55:07 ----D---- C:\Users\LH\AppData\Roaming\GHISLER
2010-12-30 15:55:07 ----D---- C:\Program Files (x86)\totalcmd
2010-12-30 15:55:07 ----A---- C:\Windows\UC.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\RAR.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\PKZIP.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\PKUNZIP.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\NOCLOSE.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\LHA.PIF
2010-12-30 15:55:07 ----A---- C:\Windows\ARJ.PIF
2010-12-27 17:11:51 ----A---- C:\Windows\SYSWOW64\Common_nat.dll
2010-12-27 17:11:18 ----A---- C:\Windows\SYSWOW64\X Mod Packer V.1.0_nat.dll
2010-12-27 10:45:54 ----SHD---- C:\ProgramData\SecuROM
2010-12-26 19:21:55 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2010-12-26 19:20:48 ----D---- C:\Windows\SYSWOW64\xlive
2010-12-26 19:20:48 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-12-26 18:17:02 ----D---- C:\Program Files (x86)\Rockstar Games
2010-12-23 22:22:23 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2010-12-23 22:22:23 ----A---- C:\Windows\SYSWOW64\xvidcore.dll
2010-12-23 14:20:16 ----D---- C:\Program Files (x86)\Fraps
2010-12-21 21:16:05 ----D---- C:\Program Files (x86)\BreakPoint Software
2010-12-21 16:32:22 ----D---- C:\Users\LH\AppData\Roaming\Spyware Terminator
2010-12-21 16:32:21 ----D---- C:\ProgramData\Spyware Terminator
2010-12-21 16:32:20 ----D---- C:\Program Files (x86)\Spyware Terminator
2010-12-19 18:57:19 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2010-12-19 17:46:12 ----D---- C:\Program Files\Electronic Arts
2010-12-19 08:41:06 ----A---- C:\Windows\game.ini
2010-12-18 18:49:07 ----A---- C:\Windows\SYSWOW64\Msvcr71.dll
2010-12-18 18:49:07 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2010-12-18 18:49:07 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2010-12-18 11:48:37 ----D---- C:\Program Files (x86)\GamePark
2010-12-16 20:24:44 ----SHD---- C:\Windows\ftpcache
2010-12-16 17:33:49 ----D---- C:\Windows\SYSWOW64\BestPractices
2010-12-16 17:33:48 ----D---- C:\Windows\system32\BestPractices
2010-12-16 17:33:45 ----D---- C:\inetpub
2010-12-15 21:30:27 ----A---- C:\Windows\hpdj3600.ini
2010-12-15 19:17:46 ----D---- C:\Users\LH\AppData\Roaming\Opera
2010-12-15 19:17:37 ----D---- C:\Program Files (x86)\Opera
2010-12-13 16:59:07 ----D---- C:\Program Files (x86)\Farming Simulator 2011
2010-12-04 14:08:52 ----D---- C:\Program Files (x86)\Playlogic
2010-12-04 11:03:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-12-04 10:58:42 ----D---- C:\Program Files (x86)\2K Games
2010-12-04 10:22:29 ----D---- C:\ProgramData\Test Drive Unlimited
2010-12-04 10:01:52 ----D---- C:\Program Files (x86)\Atari
2010-12-03 21:29:54 ----D---- C:\Windows\Minidump
2010-12-03 17:15:08 ----RHD---- C:\Users\LH\AppData\Roaming\SecuROM
2010-12-03 16:29:55 ----D---- C:\ProgramData\Codemasters
2010-12-03 16:27:43 ----A---- C:\Windows\SYSWOW64\mkl_vml_p4.dll
2010-12-03 16:27:43 ----A---- C:\Windows\SYSWOW64\mkl_vml_p3.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\rapture3d_oal.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_vml_def.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_p4.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_p3.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_lapack64.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_lapack32.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\mkl_def.dll
2010-12-03 16:27:42 ----A---- C:\Windows\SYSWOW64\libguide40.dll
2010-12-03 16:27:41 ----D---- C:\Program Files (x86)\BRS
2010-12-03 16:26:58 ----RA---- C:\Windows\SYSWOW64\tmp8C89.tmp
2010-12-03 16:26:58 ----D---- C:\Program Files (x86)\OpenAL
2010-12-03 16:26:58 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2010-12-03 16:26:58 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2010-12-03 16:26:58 ----A---- C:\Windows\system32\wrap_oal.dll
2010-12-03 16:26:58 ----A---- C:\Windows\system32\OpenAL32.dll
2010-12-03 16:25:42 ----RA---- C:\Windows\SYSWOW64\tmp8C78.tmp
2010-12-03 16:19:20 ----D---- C:\Program Files (x86)\Codemasters
2010-12-03 15:09:52 ----D---- C:\Downloads
2010-12-02 21:50:41 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2010-12-02 21:50:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2010-12-02 21:50:38 ----A---- C:\Windows\SYSWOW64\pbsvc_moh.exe
2010-12-02 21:50:33 ----D---- C:\ProgramData\Electronic Arts
2010-12-02 21:50:26 ----D---- C:\ProgramData\Adobe
2010-12-02 21:50:24 ----D---- C:\Program Files (x86)\Adobe
2010-12-02 21:46:31 ----D---- C:\Program Files (x86)\Electronic Arts
2010-12-02 21:29:56 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2010-12-02 21:29:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2010-12-02 21:29:56 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2010-12-02 21:29:56 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2010-12-02 21:29:56 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-12-02 21:29:56 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-12-02 21:29:56 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-12-02 21:29:56 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2010-12-02 21:29:55 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-12-02 21:29:55 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-12-02 21:29:55 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-12-02 21:29:54 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2010-12-02 21:29:54 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2010-12-02 21:29:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2010-12-02 21:29:54 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-12-02 21:29:54 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-12-02 21:29:54 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-12-02 21:29:53 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2010-12-02 21:29:53 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2010-12-02 21:29:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-12-02 21:29:53 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-12-02 21:29:53 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-12-02 21:29:53 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-12-02 21:29:50 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-12-02 21:29:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-12-02 21:29:49 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-12-02 21:29:48 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-12-02 21:29:48 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-12-02 21:29:48 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-12-02 21:29:48 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-12-02 21:29:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-12-02 21:29:48 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-12-02 21:29:48 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-12-02 21:29:48 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-12-02 21:29:48 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-12-02 21:29:48 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-12-02 21:29:47 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-12-02 21:29:47 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-12-02 21:29:46 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-12-02 21:29:45 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-12-02 21:29:45 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-12-02 21:29:45 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-12-02 21:29:45 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-12-02 21:29:45 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-12-02 21:29:45 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-12-02 21:29:45 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-12-02 21:29:45 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-12-02 21:29:44 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-12-02 21:29:44 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-12-02 21:29:44 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-12-02 21:29:44 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-12-02 21:29:44 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-12-02 21:29:44 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-12-02 21:29:44 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-12-02 21:29:44 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-12-02 21:29:43 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-12-02 21:29:43 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-12-02 21:29:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-12-02 21:29:43 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-12-02 21:29:43 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-12-02 21:29:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-12-02 21:29:42 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-12-02 21:29:42 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-12-02 21:29:42 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-12-02 21:29:42 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-12-02 21:29:42 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-12-02 21:29:42 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-12-02 21:29:41 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-12-02 21:29:41 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-12-02 21:29:41 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-12-02 21:29:41 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-12-02 21:29:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-12-02 21:29:41 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-12-02 21:29:41 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-12-02 21:29:41 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-12-02 21:29:41 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-12-02 21:29:41 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-12-02 21:29:40 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\xinput1_3.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-12-02 21:29:40 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-12-02 21:29:39 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-12-02 21:29:39 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-12-02 21:29:39 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-12-02 21:29:39 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-12-02 21:29:39 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-12-02 21:29:39 ----A---- C:\Windows\system32\d3dx10.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-12-02 21:29:38 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\xinput1_2.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-12-02 21:29:38 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-12-02 21:29:37 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-12-02 21:29:37 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-12-02 21:29:37 ----A---- C:\Windows\system32\xinput1_1.dll
2010-12-02 21:29:37 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-12-02 21:29:36 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-12-02 21:29:36 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-12-02 21:29:34 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-12-02 21:29:34 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-12-02 21:29:33 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-12-02 21:29:33 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-12-02 21:29:33 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-12-02 21:29:33 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-12-02 21:29:32 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-12-02 21:29:32 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-12-02 21:29:32 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-12-02 21:29:32 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-12-02 21:29:31 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-12-02 21:29:31 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-12-02 21:29:30 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-12-02 21:29:30 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-12-02 21:29:29 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-12-02 21:29:29 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-12-02 21:29:28 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-12-02 21:29:28 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-12-02 21:23:58 ----D---- C:\Program Files (x86)\Activision
2010-12-02 20:57:58 ----D---- C:\Users\LH\AppData\Roaming\Dev-Cpp
2010-12-02 20:57:50 ----D---- C:\Dev-Cpp
2010-12-02 18:55:37 ----D---- C:\Users\LH\AppData\Roaming\ATI
2010-12-02 18:55:37 ----D---- C:\ProgramData\ATI
2010-12-02 18:51:31 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-12-02 18:51:16 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-12-02 18:51:00 ----D---- C:\Users\LH\AppData\Roaming\DAEMON Tools Lite
2010-12-02 18:50:58 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-12-02 18:45:35 ----D---- C:\Program Files (x86)\Lavalys
2010-12-02 18:44:48 ----D---- C:\Users\LH\AppData\Roaming\WinRAR
2010-12-02 18:44:27 ----D---- C:\Program Files\WinRAR
2010-12-02 18:44:00 ----D---- C:\Program Files (x86)\The KMPlayer
2010-12-02 18:43:36 ----D---- C:\Program Files (x86)\CCleaner
2010-12-02 18:43:07 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-12-02 18:43:00 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2010-12-02 18:42:46 ----A---- C:\Windows\system32\coinst.dll
2010-12-02 18:42:45 ----A---- C:\Windows\system32\ATIDEMGX.dll
2010-12-02 18:42:17 ----D---- C:\Program Files (x86)\ATI Technologies
2010-12-02 18:41:02 ----D---- C:\Program Files\ATI Technologies
2010-12-02 18:36:38 ----D---- C:\Users\LH\AppData\Roaming\Macromedia
2010-12-02 18:36:37 ----D---- C:\Users\LH\AppData\Roaming\Adobe
2010-12-02 18:36:27 ----D---- C:\ProgramData\ASUS OC Profiles
2010-12-02 18:34:36 ----D---- C:\ProgramData\Norton
2010-12-02 18:33:49 ----D---- C:\ProgramData\NortonInstaller
2010-12-02 18:32:44 ----D---- C:\RaidTool
2010-12-02 18:32:40 ----A---- C:\Windows\system32\drivers\jraid.sys
2010-12-02 18:32:38 ----D---- C:\Windows\RaidTool
2010-12-02 18:32:01 ----D---- C:\Program Files (x86)\Renesas Electronics
2010-12-02 18:30:59 ----HD---- C:\Program Files (x86)\DeviceVM
2010-12-02 18:29:40 ----D---- C:\Windows\SYSWOW64\Macromed
2010-12-02 18:29:35 ----RA---- C:\Windows\SYSWOW64\drivers\AsIO.sys
2010-12-02 18:29:35 ----RA---- C:\Windows\SYSWOW64\AsIO.dll
2010-12-02 18:29:34 ----D---- C:\Program Files (x86)\ASUS
2010-12-02 18:29:31 ----D---- C:\Program Files\ASUS
2010-12-02 18:29:31 ----A---- C:\Windows\SYSWOW64\drivers\AsInsHelp64.sys
2010-12-02 18:29:31 ----A---- C:\Windows\SYSWOW64\drivers\AsInsHelp32.sys
2010-12-02 18:28:52 ----A---- C:\Windows\system32\RTNUninst64.dll
2010-12-02 18:28:52 ----A---- C:\Windows\system32\RtNicProp64.dll
2010-12-02 18:28:52 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2010-12-02 18:28:17 ----D---- C:\Program Files (x86)\Realtek
2010-12-02 18:28:00 ----D---- C:\Program Files\DIFX
2010-12-02 18:27:57 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-02 18:27:57 ----D---- C:\Program Files (x86)\AMD
2010-12-02 18:27:57 ----A---- C:\Windows\system32\drivers\usbfilter.sys
2010-12-02 18:27:53 ----A---- C:\Windows\system32\drivers\AtiPcie.sys
2010-12-02 18:27:51 ----D---- C:\Program Files\ATI
2010-12-02 18:26:58 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-02 18:26:32 ----A---- C:\Windows\system32\VIASysFx.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\VIAPropPageExt.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\ViaMicArrayPropPageExt.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\ViaMicArrayAPO.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\nQPropPageExt.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\nQAPO.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\Dts2PropPageExt.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\Dts2APO.dll
2010-12-02 18:26:32 ----A---- C:\Windows\system32\drivers\viahduaa.sys
2010-12-02 18:26:09 ----N---- C:\Windows\difxapi.dll
2010-12-02 18:26:09 ----D---- C:\Program Files (x86)\VIA
2010-12-02 18:25:54 ----SHD---- C:\Windows\Installer
2010-12-02 18:25:46 ----A---- C:\Windows\Ascd_log.ini
2010-12-02 18:24:31 ----A---- C:\Windows\Language_trs.ini
2010-12-02 18:24:27 ----A---- C:\Windows\Ascd_tmp.ini
2010-12-02 18:22:23 ----D---- C:\Users\LH\AppData\Roaming\Identities
2010-12-02 18:22:12 ----SD---- C:\Users\LH\AppData\Roaming\Microsoft
2010-12-02 18:22:12 ----D---- C:\Users\LH\AppData\Roaming\Media Center Programs
2010-12-02 18:21:09 ----SHD---- C:\Recovery
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Šablony
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Plocha
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Oblíbené položky
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Nabídka Start
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Dokumenty
2010-12-02 18:21:09 ----SHD---- C:\ProgramData\Data aplikací
2010-12-02 18:21:07 ----D---- C:\Windows\SoftwareDistribution
2010-12-02 01:16:30 ----D---- C:\Windows\Prefetch
2010-12-02 01:16:17 ----ASH---- C:\pagefile.sys
2010-12-02 01:16:16 ----SHD---- C:\System Volume Information
2010-12-02 01:16:16 ----ASH---- C:\hiberfil.sys
2010-12-02 01:15:31 ----D---- C:\Windows\Panther
2010-12-01 20:22:25 ----D---- C:\Program Files (x86)\Microsoft Works
2010-12-01 20:21:58 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2010-12-01 20:21:43 ----D---- C:\Windows\PCHEALTH
2010-12-01 20:21:43 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-12-01 20:20:26 ----D---- C:\Program Files\Microsoft Office
2010-12-01 20:20:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2010-12-01 20:19:57 ----D---- C:\ProgramData\Microsoft Help
2010-12-01 20:19:57 ----D---- C:\Program Files (x86)\Microsoft Office
2010-12-01 20:18:57 ----RHD---- C:\MSOCache
2010-12-01 20:16:33 ----A---- C:\Windows\libem.INI
2010-12-01 20:16:30 ----D---- C:\Users\LH\AppData\Roaming\FlashGet
2010-12-01 20:16:30 ----D---- C:\Users\LH\AppData\Roaming\BITS
2010-12-01 20:16:28 ----D---- C:\Users\LH\AppData\Roaming\FlashGetBHO
2010-12-01 20:16:25 ----D---- C:\Program Files (x86)\FlashGet Network
2010-12-01 20:01:50 ----D---- C:\Users\LH\AppData\Roaming\Mozilla
2010-12-01 20:01:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-01 19:57:52 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-12-01 19:57:51 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-12-01 19:57:50 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-12-01 19:57:47 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-12-01 19:57:45 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-12-01 19:57:27 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-12-01 19:57:26 ----D---- C:\ProgramData\Alwil Software
2010-12-01 19:57:26 ----D---- C:\Program Files\Alwil Software
2010-11-28 11:50:08 ----A---- C:\Windows\SYSWOW64\frapsvid.dll
2010-11-28 11:50:04 ----A---- C:\Windows\system32\frapsv64.dll

======List of files/folders modified in the last 3 months======

2011-01-26 20:34:41 ----D---- C:\Windows\system32\drivers
2011-01-26 20:27:50 ----RD---- C:\Program Files
2011-01-26 19:32:00 ----D---- C:\Windows\system32\config
2011-01-26 19:27:30 ----D---- C:\Windows\System32
2011-01-26 19:27:30 ----D---- C:\Windows\inf
2011-01-26 19:27:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-26 19:22:15 ----D---- C:\Windows\Temp
2011-01-26 18:41:20 ----D---- C:\Windows
2011-01-26 18:02:12 ----D---- C:\Windows\system32\NDF
2011-01-26 14:16:27 ----D---- C:\Windows\system32\catroot2
2011-01-24 15:46:11 ----D---- C:\Windows\system32\Tasks
2011-01-24 15:46:09 ----D---- C:\Program Files (x86)\Common Files
2011-01-24 15:25:47 ----D---- C:\Windows\system32\FxsTmp
2011-01-24 15:15:03 ----D---- C:\Windows\SysWOW64
2011-01-24 15:12:35 ----RD---- C:\Program Files (x86)
2011-01-24 15:12:31 ----HD---- C:\ProgramData
2011-01-17 20:22:43 ----D---- C:\Windows\twain_32
2011-01-17 20:22:42 ----RSD---- C:\Windows\Media
2011-01-17 20:16:04 ----D---- C:\Program Files\Common Files
2011-01-17 20:13:55 ----D---- C:\Windows\system32\catroot
2011-01-17 20:13:54 ----D---- C:\Windows\system32\DriverStore
2011-01-11 15:09:29 ----RSD---- C:\Windows\assembly
2010-12-26 19:20:54 ----D---- C:\Windows\winsxs
2010-12-25 10:55:41 ----D---- C:\Windows\Tasks
2010-12-16 18:14:14 ----D---- C:\Windows\rescache
2010-12-16 17:41:35 ----D---- C:\Windows\Microsoft.NET
2010-12-16 17:33:49 ----D---- C:\Windows\SYSWOW64\migration
2010-12-16 17:33:49 ----D---- C:\Windows\SYSWOW64\inetsrv
2010-12-16 17:33:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-16 17:33:49 ----D---- C:\Windows\system32\migration
2010-12-16 17:33:49 ----D---- C:\Windows\system32\inetsrv
2010-12-16 17:33:49 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 17:33:49 ----D---- C:\Windows\PolicyDefinitions
2010-12-16 17:33:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-16 17:33:48 ----D---- C:\Windows\system32\drivers\etc
2010-12-13 21:58:42 ----D---- C:\Windows\system32\wdi
2010-12-12 17:29:44 ----SD---- C:\ProgramData\Microsoft
2010-12-11 12:49:29 ----D---- C:\Windows\debug
2010-12-09 16:46:04 ----D---- C:\Windows\system32\LogFiles
2010-12-05 16:28:42 ----D---- C:\Windows\Logs
2010-12-02 21:46:30 ----SHD---- C:\$Recycle.Bin
2010-12-02 21:27:19 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-02 18:32:01 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-02 18:29:35 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-02 18:26:00 ----D---- C:\Windows\system32\restore
2010-12-02 18:22:12 ----RD---- C:\Users
2010-12-02 18:21:09 ----D---- C:\Program Files\Windows NT
2010-12-02 01:18:49 ----D---- C:\Windows\system32\sysprep
2010-12-02 01:15:10 ----D---- C:\Windows\Setup
2010-12-01 20:22:12 ----D---- C:\Program Files (x86)\MSBuild
2010-12-01 20:21:56 ----D---- C:\Windows\ShellNew
2010-12-01 20:21:46 ----RSD---- C:\Windows\Fonts
2010-12-01 20:20:12 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-11 115824]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-02 834544]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-04-22 13440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-05-06 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-05-06 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-05-06 51280]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 22096]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 63568]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 7767040]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 279040]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 15416]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-05-31 333928]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-03-02 1301504]
S3 a3lhirek;a3lhirek; C:\Windows\system32\drivers\a3lhirek.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2010-06-24 109056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-26 223464]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2010-12-02 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2010-12-02 189248]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 10240]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2010-12-21 948775]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

1danab · #6 Příspěvek od **1danab** » 26 led 2011 21:16

dobře, uděláme to jinak

stáhněte si OTL z tohoto odkazu http://oldtimer.geekstogo.com/OTL.exe

stažený soubor spusťte jako správce

v otevřeném okně stiskněte tlačítko Prohledat, čímž spustíte sken; vyčkejte prosím dokončení skenu (cca 5 minut); poté se vám otevře okno Poznámkového bloku s logem, jehož obsah sem zkopírujte

anakin123 · #7 Příspěvek od **anakin123** » 26 led 2011 21:24

Já se omlouvám, ale jak jsem již říkal, ohledně virusů atp. jsem začátečník.

Zde log:

========== Processes (SafeList) ==========

PRC - [2011.01.26 21:19:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\LH\Desktop\OTL.exe
PRC - [2011.01.26 18:41:20 | 000,049,664 | RHS- | M] () -- c:\Windows\nvsvc32.exe
PRC - [2010.12.21 16:32:22 | 003,318,784 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010.12.11 18:12:32 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.12.11 18:12:32 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.12.02 21:50:48 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010.12.02 21:50:38 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.07.07 10:58:02 | 001,089,664 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\TurboV EVO\TurboVHelp.exe
PRC - [2010.06.24 07:19:50 | 000,109,056 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
PRC - [2010.05.06 22:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.04.27 03:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.04.05 11:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.04.01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.16 18:22:40 | 005,309,056 | ---- | M] (
ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\EPU\EPU.exe
PRC - [2010.03.02 19:52:00 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.26 13:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.03.30 07:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe

========== Modules (SafeList) ==========

MOD - [2011.01.26 21:19:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\LH\Desktop\OTL.exe
MOD - [2009.07.14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.08.26 02:57:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.05.06 22:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009.07.14 02:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\TCPSVCS.EXE -- (simptcp)
SRV - [2010.12.21 16:32:22 | 000,948,775 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2010.12.02 21:50:48 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010.12.02 21:50:38 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.06.24 07:19:50 | 000,109,056 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.04.05 11:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.07.14 02:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.12.02 18:51:31 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.08.26 04:37:26 | 007,767,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.26 02:20:56 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.15 13:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.07.07 11:26:46 | 000,050,696 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2010.05.31 04:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.05.06 22:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.04.27 02:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.04.27 02:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.03.02 12:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010.01.11 12:28:35 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.07.16 04:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 02:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "seznam.cz"
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.15 13:55:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.15 13:55:47 | 000,000,000 | ---D | M]

[2010.12.01 20:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LH\AppData\Roaming\mozilla\Extensions
[2011.01.26 19:14:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LH\AppData\Roaming\mozilla\Firefox\Profiles\othpxw0h.default\extensions
[2010.12.01 20:17:13 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\LH\AppData\Roaming\mozilla\Firefox\Profiles\othpxw0h.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2011.01.26 19:14:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.01.24 15:12:43 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.12.01 21:36:56 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.12.01 21:36:56 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.12.01 21:36:56 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.12.01 21:36:56 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.12.01 21:36:56 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\LH\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\Windows\nvsvc32.exe ()
O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU\EPU.exe (
ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\Windows\nvsvc32.exe ()
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\LH\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2 192.168.5.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{388b2767-fe3d-11df-869d-20cf30e43acd}\Shell - "" = AutoRun
O33 - MountPoints2\{388b2767-fe3d-11df-869d-20cf30e43acd}\Shell\AutoRun\command - "" = F:\steambackup.exe
O33 - MountPoints2\{5e7b8e66-fda9-11df-95ed-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5e7b8e66-fda9-11df-95ed-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.26 21:19:45 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\LH\Desktop\OTL.exe
[2011.01.26 20:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.01.26 20:27:50 | 000,000,000 | ---D | C] -- C:\rsit
[2011.01.24 15:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.01.24 15:46:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.01.24 15:15:01 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Roaming\skypePM
[2011.01.24 15:12:35 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.01.24 15:12:34 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Roaming\Skype
[2011.01.24 15:12:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.01.21 19:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011.01.21 19:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011.01.21 19:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU
[2011.01.21 19:04:43 | 000,000,000 | ---D | C] -- C:\Nexon
[2011.01.21 17:59:25 | 1210,015,669 | ---- | C] (Nexon) -- C:\Users\LH\Desktop\Combatarms_eu.exe
[2011.01.17 21:12:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011.01.17 21:11:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMyPrinter
[2011.01.17 21:11:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJEPPEX2
[2011.01.17 21:11:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonEPP
[2011.01.17 21:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2011.01.17 20:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon IJ Network Tool
[2011.01.17 20:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
[2011.01.17 20:18:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJMSetup
[2011.01.17 20:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG5200 series
[2011.01.17 20:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\CANON
[2011.01.17 20:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2011.01.17 20:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
[2011.01.17 20:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2011.01.17 20:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2011.01.17 20:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series Manual
[2011.01.17 20:13:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2011.01.17 20:13:56 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2011.01.17 20:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
[2011.01.17 20:13:30 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2011.01.17 20:13:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\STRING
[2011.01.17 20:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2011.01.16 10:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Score
[2011.01.16 10:16:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Life Deluxe
[2011.01.15 20:26:14 | 000,000,000 | ---D | C] -- C:\Users\LH\Desktop\RUSE
[2011.01.15 20:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zaparit
[2011.01.15 13:55:37 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Roaming\Real
[2011.01.07 20:43:52 | 000,000,000 | ---D | C] -- C:\Users\LH\Desktop\Filmy
[2011.01.06 18:50:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.01.05 19:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ruse
[2011.01.04 20:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Officers
[2010.12.30 16:10:23 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Local\GHISLER
[2010.12.30 15:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\totalcmd
[2010.12.30 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2010.12.30 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\LH\AppData\Roaming\GHISLER
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.01.26 21:19:52 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\LH\Desktop\OTL.exe
[2011.01.26 20:27:26 | 000,832,273 | ---- | M] () -- C:\Users\LH\Desktop\RSITx64.exe
[2011.01.26 19:27:30 | 001,530,668 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.01.26 19:27:30 | 000,655,988 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.01.26 19:27:30 | 000,637,956 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.01.26 19:27:30 | 000,129,268 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.01.26 19:27:30 | 000,111,578 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.01.26 19:26:57 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 19:26:57 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.26 18:41:20 | 000,049,664 | RHS- | M] () -- C:\Windows\nvsvc32.exe
[2011.01.26 14:16:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.26 14:16:01 | 3219,791,872 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.25 18:50:02 | 000,010,591 | ---- | M] () -- C:\Users\LH\Desktop\This later wrote one girl.docx
[2011.01.24 15:46:09 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.24 15:15:03 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.23 19:37:34 | 000,016,260 | ---- | M] () -- C:\Users\LH\Desktop\KM900 arena.docx
[2011.01.21 19:06:41 | 000,001,630 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2011.01.21 19:01:23 | 1210,015,669 | ---- | M] (Nexon) -- C:\Users\LH\Desktop\Combatarms_eu.exe
[2011.01.17 20:15:57 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2011.01.17 20:14:26 | 000,002,354 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5200 series Příručka online.lnk
[2011.01.16 10:25:58 | 000,001,122 | ---- | M] () -- C:\Users\LH\Desktop\City Life Deluxe.lnk
[2011.01.15 23:23:33 | 858,076,819 | ---- | M] () -- C:\Users\LH\Desktop\CITY LIFE DELUXE CZ.part2.rar
[2011.01.15 20:18:24 | 1048,576,000 | ---- | M] () -- C:\Users\LH\Desktop\CITY LIFE DELUXE CZ.part1.rar
[2011.01.05 22:03:30 | 001,159,910 | ---- | M] () -- C:\Users\LH\Desktop\Smetanka lékařská.docx
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.01.26 20:27:25 | 000,832,273 | ---- | C] () -- C:\Users\LH\Desktop\RSITx64.exe
[2011.01.26 18:41:20 | 000,049,664 | RHS- | C] () -- C:\Windows\nvsvc32.exe
[2011.01.25 18:50:01 | 000,010,591 | ---- | C] () -- C:\Users\LH\Desktop\This later wrote one girl.docx
[2011.01.24 15:46:09 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.01.24 15:15:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.21 19:06:41 | 000,001,630 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2011.01.17 20:22:42 | 000,013,056 | ---- | C] () -- C:\Windows\SysWow64\CNC1749D.TBL
[2011.01.17 20:15:57 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
[2011.01.17 20:14:26 | 000,002,354 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5200 series Příručka online.lnk
[2011.01.16 20:12:12 | 000,016,260 | ---- | C] () -- C:\Users\LH\Desktop\KM900 arena.docx
[2011.01.16 10:25:58 | 000,001,122 | ---- | C] () -- C:\Users\LH\Desktop\City Life Deluxe.lnk
[2011.01.15 20:18:38 | 858,076,819 | ---- | C] () -- C:\Users\LH\Desktop\CITY LIFE DELUXE CZ.part2.rar
[2011.01.15 18:24:47 | 1048,576,000 | ---- | C] () -- C:\Users\LH\Desktop\CITY LIFE DELUXE CZ.part1.rar
[2011.01.07 15:52:19 | 000,759,661 | ---- | C] () -- C:\Users\LH\Desktop\RUSE-Trainer-4.exe
[2011.01.06 18:51:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.12.30 15:55:07 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.12.23 22:22:23 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.23 22:22:23 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.12.19 18:57:19 | 001,547,176 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.19 13:42:38 | 000,000,880 | ---- | C] () -- C:\Users\LH\AppData\Local\SRDownloader.nast
[2010.12.19 08:41:06 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2010.12.15 21:30:27 | 000,006,788 | ---- | C] () -- C:\Windows\hpdj3600.ini
[2010.12.02 18:29:35 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.12.02 18:29:35 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.12.02 18:29:31 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.12.02 18:29:31 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.12.02 18:25:46 | 000,043,758 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.12.02 18:24:31 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.12.02 18:24:27 | 000,030,223 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.12.01 20:16:33 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.10.22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== LOP Check ==========

[2010.12.28 20:12:57 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\BITS
[2010.12.02 21:23:36 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\DAEMON Tools Lite
[2010.12.02 21:08:44 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\Dev-Cpp
[2010.12.01 20:16:30 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\FlashGet
[2010.12.01 20:16:28 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\FlashGetBHO
[2010.12.30 15:58:12 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\GHISLER
[2010.12.15 19:17:46 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\Opera
[2011.01.26 18:44:00 | 000,000,000 | ---D | M] -- C:\Users\LH\AppData\Roaming\Spyware Terminator
[2009.07.14 06:08:49 | 000,022,022 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

1danab · #8 Příspěvek od **1danab** » 26 led 2011 22:03

poprosím vás, zda byste text vyjmul z kódu, špatně se mi čte a mám dneska dost unavené oči

1danab · #9 Příspěvek od **1danab** » 27 led 2011 17:13

vydržíte prosím do večera? před chvílí jsem přišla z práce a musím teď zase odejít, omlouvám se, ale mám toho dnes nějak moc

anakin123 · #10 Příspěvek od **anakin123** » 27 led 2011 17:15

Jistě, antiviry nic nenašly. Ale zajímalo by mě, proč ten odkaz náhle zmizel. Pořešíme to až přijdete.

1danab · #11 Příspěvek od **1danab** » 27 led 2011 21:14

spusťte znovu OTL, do dolního okýnka zkopírujte následující skript:

Kód: Vybrat vše

:OTL
O4 - HKLM..\Run: [NVIDIA driver monitor] c:\Windows\nvsvc32.exe ()
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\Windows\nvsvc32.exe ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
[2011.01.24 15:15:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

poté klikněte na Opravit
až proběhne oprava, vyskočí tabulka kde se vás to zeptá, jestli chcete otevřít protokol, dejte Ano a jeho text mi sem zkopírujte

anakin123 · #12 Příspěvek od **anakin123** » 27 led 2011 22:39

Nevím jestli je to součást testu, ale když jsem zadal do té tabulky skript, který jste mi nadiktovala, objevila se po kliknutí na opravit hláška avastu, že byl nalezen a přesunut Malware - Trojský kůň. Zde výsledný log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
c:\Windows\nvsvc32.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor deleted successfully.
File c:\Windows\nvsvc32.exe not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}\ not found.
File {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}\ not found.
File {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysWOW64\ezsidmv.dat moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LH
->Temp folder emptied: 601468323 bytes
->Temporary Internet Files folder emptied: 115517023 bytes
->FireFox cache emptied: 108323338 bytes
->Opera cache emptied: 1274887 bytes
->Flash cache emptied: 18081393 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41778 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 21959048 bytes

Total Files Cleaned = 828,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LH
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.20.6 log created on 01272011_223306

Files\Folders moved on Reboot...
C:\Users\LH\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

1danab · #13 Příspěvek od **1danab** » 29 led 2011 12:23

ta hláška Avastu je v pořádku
jinak oprava proběhla dobře a vše je ok

máte tedy ještě nějaký problém s pc?

anakin123 · #14 Příspěvek od **anakin123** » 29 led 2011 12:27

Aha, tak děkuji. Jinak dnes jsem si všiml, že mi ten program OTL zmizel z počítače. Ve virové truhle není. Zkoušel jsem i prohledat počítač. Nikde ani stopa po něm.

1danab · #15 Příspěvek od **1danab** » 29 led 2011 14:09

zřejmě ho Avast smazal, což vůbec nevadí a tudíž je to v pořádku

VIRY.CZ

Stažený soubor

Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor

Re: Stažený soubor