VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

driver.exe

https://forum.viry.cz:443/viewtopic.php?t=111776

Stránka 1 z 1

driver.exe

Napsal: 15 kvě 2011 18:24
od kmetino
Logfile of random's system information tool 1.08 (written by random/random)
Run by Windows at 2011-05-15 19:22:36
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 21 GB (42%) free of 50 GB
Total RAM: 2046 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:43, on 15.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Electronic Arts\EADM\EADMUI.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Games\Game Alarm\Updater.exe
C:\Games\Game Alarm\gamealarm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\WINDOWS\system32\FsUsbExService.Exe
D:\Downloads\hamachi-2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Electronic Arts\EADM\EADM.exe
C:\PROGRA~1\ELECTR~1\EADM\EACoreServer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Windows\Desktop\RSIT.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\trend micro\Windows.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.htm ... sb&sysid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss ... ffID=17981
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.htm ... sb&sysid=2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GEST] m‘|\ü
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Downloads\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BabylonToolbar] "C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I
O4 - HKLM\..\Run: [driver.exe] C:\WINDOWS\driver.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [ZE18MW23GY] C:\DOCUME~1\Windows\LOCALS~1\Temp\Prj.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Electronic Arts\EADM\EADMUI.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvoriť mobilnú obľúbenú položku... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9899477453
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1ca71dbf1a750f2) (gupdate1ca71dbf1a750f2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Downloads\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - http://transformice.org/pictures/transf ... rplane.jpg

--
End of file - 11813 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}]
MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
CescrtHlpr Object - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [2010-11-07 225720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]
UrlHelper Class - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll [2010-09-14 585136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-04-29 1490312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504]
{0974BA1E-64EC-11DE-B2A5-E43756D89593} - MediaBar - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll [2009-12-20 87480]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-04-29 1490312]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [2010-11-07 184760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-02-13 16857600]
"GEST"=m‘|\ü []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"NPSStartup"= []
"DATAMNGR"=C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE [2010-09-14 972728]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"LogMeIn Hamachi Ui"=D:\Downloads\hamachi-2-ui.exe [2011-03-28 1910152]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"BabylonToolbar"=C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe [2010-11-07 286720]
"driver.exe"=C:\WINDOWS\driver.exe [2011-05-02 3]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-04-29 395144]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-09-22 1871872]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-12-10 116056]
"ZE18MW23GY"=C:\DOCUME~1\Windows\LOCALS~1\Temp\Prj.exe []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2011-04-06 323392]
"EADM"=C:\Program Files\Electronic Arts\EADM\EADMUI.exe [2011-04-03 11857920]

C:\Documents and Settings\Windows\Start Menu\Programs\Startup
Game Alarm.lnk - C:\Games\Game Alarm\gamealarm.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\WINDOWS\RTHDCPL.exe"="C:\WINDOWS\RTHDCPL.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\userinit.exe"="C:\WINDOWS\system32\userinit.exe:*:Enabled:ENABLE"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\SecondLife\SLVoice.exe"="C:\Program Files\SecondLife\SLVoice.exe:*:Disabled:SLVoice"
"C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe"="C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe:*:Enabled:Truck Racing by Renault Trucks"
"C:\Program Files\Ski Jumping 2005\SkiJumping2005.exe"="C:\Program Files\Ski Jumping 2005\SkiJumping2005.exe:*:Enabled:SkiJumping2005"
"C:\Program Files\Metin2_CZ\metin2.exe"="C:\Program Files\Metin2_CZ\metin2.exe:*:Enabled:Metin2 CZ"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\SindicateM2 - Kopie (6)\metin2client.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\SindicateM2 - Kopie (6)\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\SindicateM2 - Kopie (6)\client.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client"
"C:\Documents and Settings\Windows\Desktop\SindicateM2 - Kopie (6)\client.bin"="C:\Documents and Settings\Windows\Desktop\SindicateM2 - Kopie (6)\client.bin:*:Enabled:client"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Documents and Settings\Windows\Local Settings\Temp\FJ_Downloader.exe"="C:\Documents and Settings\Windows\Local Settings\Temp\FJ_Downloader.exe:*:Enabled:FreeJack_Downloader"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Metin2\metin2client.bin"="C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client"
"D:\preberané veci\metin2.bin"="D:\preberané veci\metin2.bin:*:Enabled:metin2"
"D:\Dokumenty\Downloads\Metin2client.bin"="D:\Dokumenty\Downloads\Metin2client.bin:*:Enabled:Metin2client"
"C:\Documents and Settings\Windows\Desktop\Metin2 United\Metin2client.bin"="C:\Documents and Settings\Windows\Desktop\Metin2 United\Metin2client.bin:*:Enabled:Metin2client"
"D:\Downloads\Greek World Mt2\Greek World Mt2\mc.exe"="D:\Downloads\Greek World Mt2\Greek World Mt2\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\MT2 Flamek Official Client\MT2 Flamek Official Client\mc.exe"="C:\Documents and Settings\Windows\Desktop\MT2 Flamek Official Client\MT2 Flamek Official Client\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Super mt2\MT2 Flamek Official Client\MT2 Flamek Official Client\mc.exe"="C:\Documents and Settings\Windows\Desktop\Super mt2\MT2 Flamek Official Client\MT2 Flamek Official Client\mc.exe:*:Enabled:mc"
"D:\adam\metin2client.bin"="D:\adam\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Action\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Action\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Ironju2\metin2client.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Ironju2\metin2client.bin:*:Enabled:metin2client"
"D:\PuMT2 1.0 Client\metin2client.bin"="D:\PuMT2 1.0 Client\metin2client.bin:*:Enabled:metin2client"
"D:\Metin2\metin2client.bin"="D:\Metin2\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Ironju2\Not Starter.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Ironju2\Not Starter.exe:*:Enabled:Not Starter"
"D:\adam\Program\Bin\tribesv_mpdemo_en.exe"="D:\adam\Program\Bin\tribesv_mpdemo_en.exe:*:Enabled:tribesv_mpdemo_en"
"D:\adam\mc.exe"="D:\adam\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\EliteRo-MT2 Game\Launcher.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\EliteRo-MT2 Game\Launcher.exe:*:Enabled:Launcher"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\NerdMT2 Ultimativer Client\NerdMT2.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\NerdMT2 Ultimativer Client\NerdMT2.exe:*:Enabled:Customizable 2010 Client Launcher"
"C:\Program Files\Mijagi-MT2 Network\Mijagi-MT2 Network\metin2client.bin"="C:\Program Files\Mijagi-MT2 Network\Mijagi-MT2 Network\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\KingWorld\KingWorld.exe"="C:\Program Files\KingWorld\KingWorld.exe:*:Enabled:KingWorld"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\longju3\metin2.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\longju3\metin2.bin:*:Enabled:Longju3 Client Launcher"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Kópia – Ironju2\Not Starter.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Kópia – Ironju2\Not Starter.exe:*:Enabled:Not Starter"
"C:\Program Files\KingArt Company\Greek World Mt2\Greek World Mt2\mc.exe"="C:\Program Files\KingArt Company\Greek World Mt2\Greek World Mt2\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\XtremeMt2\metin2client.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\XtremeMt2\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\XtremeMt2\XtremeMt2.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\XtremeMt2\XtremeMt2.exe:*:Enabled:XtremeMt2"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\4yOursMT2 by VeGaS\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\4yOursMT2 by VeGaS\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\4yOursMT2 by VeGaS\Metin2.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\4yOursMT2 by VeGaS\Metin2.exe:*:Enabled:Metin2"
"C:\Documents and Settings\Windows\Desktop\DarknessMt2\mc.exe"="C:\Documents and Settings\Windows\Desktop\DarknessMt2\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\WorldOfWarMetin2\mc.exe"="C:\Documents and Settings\Windows\Desktop\WorldOfWarMetin2\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\ShadowMt\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\ShadowMt\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\WorldOfSky\metin2.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\WorldOfSky\metin2.bin:*:Enabled:Customizable 2010 Client Launcher"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\WorldOfSky\Starter.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\WorldOfSky\Starter.exe:*:Enabled:Customizable 2010 Client Launcher"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Bloodpack-Mt2\BloodPack2.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Bloodpack-Mt2\BloodPack2.exe:*:Enabled:Customizable 2010 Client Launcher"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Client by abesgaara v2.5 - New Year's Edition\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Client by abesgaara v2.5 - New Year's Edition\mc.exe:*:Enabled:mc"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\RoyalStarsMT\RSMT.bin"="C:\Documents and Settings\Windows\Desktop\Adam Hry\RoyalStarsMT\RSMT.bin:*:Enabled:RSMT"
"D:\adam\Valkyrie Mt2\valk2client.bin"="D:\adam\Valkyrie Mt2\valk2client.bin:*:Enabled:valk2client"
"D:\adam\Tribes Vengeance\Program\Bin\TV_CD_DVD.exe"="D:\adam\Tribes Vengeance\Program\Bin\TV_CD_DVD.exe:*:Enabled:Tribes Vengeance"
"C:\Documents and Settings\Windows\Desktop\Sindicate\client.bin"="C:\Documents and Settings\Windows\Desktop\Sindicate\client.bin:*:Enabled:client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Paradise2\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Paradise2\mc.exe:*:Enabled:mc"
"C:\Program Files\Outstand Design\Metin 2 - Reflex of Glory\metin2.bin"="C:\Program Files\Outstand Design\Metin 2 - Reflex of Glory\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2 Kingdom\metinkingdom.exe"="C:\Program Files\Metin2 Kingdom\metinkingdom.exe:*:Enabled:Customizable 2010 Client Launcher"
"D:\PuMT2 1.0 Client\Launcher.exe"="D:\PuMT2 1.0 Client\Launcher.exe:*:Enabled:Launcher"
"D:\adam\Valkyrie Mt2\Valkyrie Mt2\valk2client.bin"="D:\adam\Valkyrie Mt2\Valkyrie Mt2\valk2client.bin:*:Enabled:valk2client"
"C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Spreme\mc.exe"="C:\Documents and Settings\Windows\Desktop\Adam Hry\Metin2Spreme\mc.exe:*:Enabled:mc"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"

======List of files/folders created in the last 1 months======

2011-05-15 19:22:36 ----DC---- C:\rsit
2011-05-12 17:36:25 ----DC---- C:\Documents and Settings\Windows\Application Data\Unity
2011-05-02 17:25:32 ----A---- C:\WINDOWS\driver.exe
2011-04-30 12:35:22 ----D---- C:\Program Files\Metin2
2011-04-26 21:02:42 ----DC---- C:\Documents and Settings\Windows\Application Data\BabylonToolbar
2011-04-26 20:43:41 ----A---- C:\WINDOWS\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2011-04-26 20:30:40 ----D---- C:\Program Files\BabylonToolbar
2011-04-26 20:19:53 ----DC---- C:\Documents and Settings\All Users\Application Data\EA Logs
2011-04-26 17:03:47 ----RHDC---- C:\Documents and Settings\Windows\Application Data\SecuROM
2011-04-25 16:15:14 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-04-25 16:14:21 ----D---- C:\Program Files\DAEMON Tools Lite
2011-04-21 18:43:09 ----A---- C:\WINDOWS\War3Unin.pif
2011-04-21 18:43:09 ----A---- C:\WINDOWS\War3Unin.exe
2011-04-21 18:41:54 ----D---- C:\Program Files\Warcraft III
2011-04-21 18:02:20 ----DC---- C:\Documents and Settings\Windows\Application Data\DAEMON Tools Pro
2011-04-21 18:02:20 ----DC---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro

======List of files/folders modified in the last 1 months======

2011-05-15 19:22:43 ----D---- C:\Program Files\Trend Micro
2011-05-15 19:22:38 ----D---- C:\WINDOWS\Temp
2011-05-15 19:22:19 ----D---- C:\WINDOWS\Prefetch
2011-05-15 19:21:21 ----DC---- C:\Documents and Settings\Windows\Application Data\DNA
2011-05-15 18:45:38 ----D---- C:\WINDOWS\system32
2011-05-15 18:45:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-15 18:41:34 ----D---- C:\Program Files\Common Files\Akamai
2011-05-15 18:41:21 ----DC---- C:\Documents and Settings\Windows\Application Data\Skype
2011-05-15 18:41:17 ----D---- C:\Program Files\DNA
2011-05-15 15:30:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-15 11:11:34 ----DC---- C:\ALFA
2011-05-14 17:38:18 ----D---- C:\OLYMP
2011-05-14 17:38:16 ----A---- C:\WINDOWS\ODBC.INI
2011-05-13 20:01:14 ----D---- C:\Program Files\Ask.com
2011-05-13 20:01:13 ----SD---- C:\WINDOWS\Tasks
2011-05-13 20:01:10 ----SHD---- C:\WINDOWS\Installer
2011-05-13 18:57:07 ----D---- C:\Program Files\Mozilla Firefox
2011-05-11 19:28:03 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-05 14:18:43 ----D---- C:\WINDOWS\system32\drivers
2011-05-04 13:43:07 ----D---- C:\WINDOWS\WinSxS
2011-05-02 17:25:32 ----D---- C:\WINDOWS
2011-05-01 14:47:03 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-30 12:35:22 ----RD---- C:\Program Files
2011-04-26 20:31:14 ----DC---- C:\Documents and Settings\All Users\Application Data\Electronic Arts
2011-04-26 16:58:11 ----D---- C:\WINDOWS\system32\DirectX
2011-04-26 16:58:11 ----D---- C:\Program Files\Electronic Arts
2011-04-26 16:58:09 ----HD---- C:\WINDOWS\inf
2011-04-26 16:57:57 ----RSD---- C:\WINDOWS\assembly
2011-04-26 16:52:31 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-22 17:27:37 ----DC---- C:\Documents and Settings\Windows\Application Data\skypePM
2011-04-17 11:41:06 ----D---- C:\temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-09-28 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-10 691696]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-04-25 218688]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-01-11 51072]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-02-14 4676096]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 XDva359;XDva359; \??\C:\WINDOWS\system32\XDva359.sys []
S3 XDva383;XDva383; \??\C:\WINDOWS\system32\XDva383.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2008-07-17 80392]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-10 238952]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; D:\Downloads\hamachi-2.exe [2011-03-28 1242504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S2 gupdate1ca71dbf1a750f2;Služba Google Update (gupdate1ca71dbf1a750f2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-30 133104]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-30 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: driver.exe

Napsal: 15 kvě 2011 19:25
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: driver.exe

Napsal: 24 kvě 2011 13:41
od kmetino
Tento problém som riešil na diaľku a dotyčná osoba nie je schopná mi poslať log s ComboFix-u.
Takže sa ospravelňujem a topic môžete uzavrieť.
Za pochopenie ďakujem.

Re: driver.exe

Napsal: 24 kvě 2011 17:42
od Rudy
Nemáte zač a zamykám.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz