VIRY.CZ

Zdravím vás a žádám o pomoc a radu. Při stahování jedné hry mi avast hlásil že je v jednom partu vir a nechtěl ho stáhnout, tak jsem avast vypnul,
myslel jsem si, že to zase hlásí keygen nebo něco podobného. Každopádně po naistalování a zapnutí avastu se mi v počítači děly hrozné věci.
Nakonec jsem si nepřehrál ani film, moc toho nešlo.
Přečetl jsem si jak jste tu řešili již téměř totožný problém, tak jsem postupoval podle toho.

Až když jsem udělal vše jsem zjistil, že jsem sem měl nejdříve hodit log z RSIT, takže pokud ho potřebujete, tak ho sem můžu hodit s tím, že bude aktuální až po všech těchto úkonech.
1. Nejdřív jsem použil RKill, myslím, že to proběhlo tak jak mělo.
2. Stáhl jsem ComboFix na plochu a přejmenoval na Beruska.com. Vše proběhlo asi jak mělo, viz níže log. Jediný problém je v tom, že mi nešel odinstalovat podle návodu a nikde jinde jsem ho nenašel.
3. Pak jsem použil T-Cleaner, nějak to proběhlo (nejsem si jistý jestli v pořádku), tak jsem nakonec použil ještě CCleaner a myslím, že dobrý.
4. Pak jsem chtěl smazat body pro obnovení dle návodu "riffa" ale to mi nešlo, návod mi neseděl na moji verzi win7, tak jsem to nechal být.
5. Pak jsem použil AVPTool, který mi dizinfikoval 605 šmejdů. Viz log níže.
Ted až tohle odešlu tak zkusím ještě použít OTC, TFC a znova Ccleaner.

Prosím Vás o zkouknutí a radu, pokud jsem udělal něco špatně.

LOG Z ComboFix

ComboFix 11-11-03.01 - Míra 03.11.2011 17:52:50.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4008.2525 [GMT 1:00]
Spuštěný z: c:\users\MÝra\Desktop\Beruska.com
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
c:\programdata\FullRemove.exe
c:\programdata\Roaming
c:\windows\AsDebug.log
c:\windows\directx.sys
c:\windows\svchost.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-03 do 2011-11-03 )))))))))))))))))))))))))))))))
.
.
2011-11-03 16:56 . 2011-11-03 16:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-03 16:56 . 2011-11-03 16:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-03 16:09 . 2011-11-03 16:09 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C07E3D1-AFBB-40ED-A321-86D8279B8BFE}\offreg.dll
2011-11-01 15:44 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5C07E3D1-AFBB-40ED-A321-86D8279B8BFE}\mpengine.dll
2011-10-30 21:34 . 2011-10-30 21:34 -------- d-----w- c:\users\Public\CyberLink
2011-10-23 12:59 . 2011-10-26 19:00 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-23 12:59 . 2011-10-23 12:59 682280 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-10-23 12:59 . 2011-10-23 12:59 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-21 21:24 . 2011-10-21 21:24 -------- d-----w- c:\program files (x86)\EA GAMES
2011-10-19 21:45 . 2011-10-19 21:45 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-19 21:43 . 2011-10-19 21:46 -------- d-----w- c:\programdata\Microsoft Help
2011-10-19 21:43 . 2011-10-19 21:43 -------- d-----r- C:\MSOCache
2011-10-19 18:37 . 2011-10-19 18:37 -------- d-----w- c:\programdata\KONAMI
2011-10-19 18:37 . 2011-10-19 18:37 -------- d-----w- c:\program files (x86)\KONAMI
2011-10-15 17:44 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-14 19:47 . 2011-10-18 19:14 -------- d-----w- c:\programdata\Codemasters
2011-10-14 19:46 . 2011-10-14 19:46 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 -------- d-----w- c:\program files (x86)\OpenAL
2011-10-14 19:46 . 2008-04-28 13:53 805400 ----a-r- c:\windows\SysWow64\tmp8490.tmp
2011-10-14 19:45 . 2008-04-28 13:53 805400 ----a-r- c:\windows\SysWow64\tmp848F.tmp
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\SysWow64\Wat
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\system32\Wat
2011-10-13 20:12 . 2011-11-01 19:28 -------- d-----w- c:\program files (x86)\Activision
2011-10-13 18:39 . 2011-10-13 18:39 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-10-13 15:12 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-10-12 18:36 . 2011-10-12 18:36 -------- d-----w- c:\program files (x86)\7-Zip
2011-10-12 18:35 . 2011-10-12 18:35 -------- d-----w- c:\program files (x86)\Webteh
2011-10-12 18:33 . 2011-10-12 18:33 -------- d-----w- c:\program files\CDBurnerXP
2011-10-12 18:31 . 2011-10-12 18:31 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-12 18:31 . 2011-10-12 18:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-10-12 18:31 . 2011-10-12 18:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\programdata\DVD Shrink
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\program files (x86)\DVD Shrink
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-10-12 18:28 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Winamp
2011-10-12 18:20 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-12 18:20 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-12 18:20 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-12 18:20 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-12 18:20 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-12 18:20 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-12 18:20 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-12 18:20 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-12 18:20 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\programdata\AVAST Software
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\program files\AVAST Software
2011-10-12 16:46 . 2011-10-12 16:46 -------- d-----w- c:\programdata\FolderView
2011-10-12 16:46 . 2011-11-03 16:07 -------- d-----w- C:\ASUS.DAT
2011-10-12 16:45 . 2011-10-12 16:46 -------- d-----w- c:\users\Míra
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-23 09:35 . 2011-07-29 13:52 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-12 16:46 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\progra~2\DAEMON~1\DTLite.exe" [2011-11-03 4952384]
"Sidebar"="c:\progra~1\WI4223~1\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2011-11-03 370464]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-11-03 2059504]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-11-03 772944]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-11-03 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-11-03 212096]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2011-11-03 146488]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-11-03 1643008]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Míra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 590000]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-10-12 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-01 177136]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-01 2697240]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-11-01 225032]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-11-03 1362768]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-01 177136]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-11-01 373744]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-02-08 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 20:37]
.
2011-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 20:37]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-11-03 365568]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Míra\AppData\Roaming\Mozilla\Firefox\Profiles\hwkt67cf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
------- Asociace souborů -------
.
exefile=c:\windows\svchost.com "%1" %*
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-UpdateLBPShortCut - c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdateP2GoShortCut - c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-11-03 17:58:28
ComboFix-quarantined-files.txt 2011-11-03 16:58
.
Před spuštěním: Volných bajtů: 242 546 360 320
Po spuštění: Volných bajtů: 242 359 230 464
.
- - End Of File - - 00B8113C6722E1FC3BD238A4CB2E5C08

Log z AVPTool

Status: Disinfected (events: 603)
3.11.2011 18:58:06 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe High
3.11.2011 18:58:13 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\APRP\aprp.exe High
3.11.2011 18:58:22 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe High
3.11.2011 18:58:28 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe High
3.11.2011 18:58:31 Disinfected virus Virus.Win32.Neshta.a c:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe High
3.11.2011 18:58:33 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe High
3.11.2011 18:58:43 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE High
3.11.2011 18:58:47 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe High
3.11.2011 18:58:50 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe High
3.11.2011 18:58:58 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe High
3.11.2011 18:59:00 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Google\Update\GoogleUpdate.exe High
3.11.2011 18:59:02 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe High
3.11.2011 18:59:06 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe High
3.11.2011 18:59:12 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe High
3.11.2011 18:59:14 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE High
3.11.2011 18:59:15 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE High
3.11.2011 18:59:19 Disinfected virus Virus.Win32.Neshta.a c:\ProgramData\Partner\Partner.exe High
3.11.2011 18:59:28 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE High
3.11.2011 18:59:34 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe High
3.11.2011 19:00:02 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe High
3.11.2011 19:00:04 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe High
3.11.2011 19:00:33 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\7-Zip\7zFM.exe High
3.11.2011 19:00:36 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe High
3.11.2011 19:00:44 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Google\Chrome\Application\chrome.exe High
3.11.2011 19:00:49 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Mozilla Firefox\firefox.exe High
3.11.2011 19:00:52 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Family Safety\fsui.exe High
3.11.2011 19:00:57 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\CyberLink\LabelPrint\LabelPrint.exe High
3.11.2011 19:01:00 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Installer\LangSelector.exe High
3.11.2011 19:01:03 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\lotrbfme2.exe High
3.11.2011 19:01:05 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe High
3.11.2011 19:01:08 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe High
3.11.2011 19:01:09 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE High
3.11.2011 19:01:11 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE High
3.11.2011 19:01:14 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Nuance\PDF Reader\bin\PDFReader.exe High
3.11.2011 19:01:17 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe High
3.11.2011 19:01:26 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe High
3.11.2011 19:01:28 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE High
3.11.2011 19:01:32 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Winamp\winamp.exe High
3.11.2011 19:01:34 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe High
3.11.2011 19:01:35 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe High
3.11.2011 19:01:37 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE High
3.11.2011 19:01:39 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Installer\wlarp.exe High
3.11.2011 19:01:40 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Mail\wlmail.exe High
3.11.2011 19:01:42 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Installer\wlsettings.exe High
3.11.2011 19:01:43 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Installer\wlstartup.exe High
3.11.2011 19:01:45 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Mesh\WLSync.exe High
3.11.2011 19:01:46 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe High
3.11.2011 19:02:00 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\eauninstall.exe High
3.11.2011 19:02:10 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe High
3.11.2011 19:02:13 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe High
3.11.2011 19:02:16 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\7-Zip\7zG.exe High
3.11.2011 19:02:18 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe High
3.11.2011 19:02:35 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe High
3.11.2011 19:02:36 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe High
3.11.2011 19:02:39 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe High
3.11.2011 19:02:41 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe High
3.11.2011 19:02:42 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe High
3.11.2011 19:02:44 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Activision\Modern Warfare 2\SKIDROW.exe High
3.11.2011 19:02:50 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\Support\EReg.exe High
3.11.2011 19:02:52 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\Support\EasyInfo.exe High
3.11.2011 19:02:54 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\lotrbfme.exe High
3.11.2011 19:02:57 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe High
3.11.2011 19:02:59 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe High
3.11.2011 19:03:01 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe High
3.11.2011 19:03:04 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\Setup.exe High
3.11.2011 19:03:06 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\Setup.exe High
3.11.2011 19:03:08 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\KONAMI\Pro Evolution Soccer 2011\settings.exe High
3.11.2011 19:03:11 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Webteh\BSplayer\bspadmin.exe High
3.11.2011 19:03:15 Disinfected virus Virus.Win32.Neshta.a c:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe High
3.11.2011 19:03:49 Disinfected virus Virus.Win32.Neshta.a c:\Users\Míra\AppData\Local\Temp\RarSFX0\helper64.exe High
3.11.2011 19:04:51 Disinfected virus Virus.Win32.Neshta.a d:\DOWNLOAD\SRDOWN~1.EXE High
3.11.2011 19:05:00 Disinfected virus Virus.Win32.Neshta.a d:\INSTAL\7z921.exe High
3.11.2011 19:05:24 Disinfected virus Virus.Win32.Neshta.a c:\program files (x86)\microsoft office\Office12\MSTORE.EXE High
3.11.2011 19:05:52 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\FLEXnet\Connect\11\dwusplay.exe High
3.11.2011 19:05:52 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\FLEXnet\Connect\11\ISDM.exe High
3.11.2011 19:05:52 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\FLEXnet\Connect\11\issch.exe High
3.11.2011 19:05:53 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\FLEXnet\Connect\11\agent.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\WLMerger.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\Download\4EA94CCE\updatus.11038169_RUNASUSER.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\Download\58798903\updatus.11230966_RUNASUSER.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\Download\B3F1262E\updatus.11324286_RUNASUSER.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\Download\E6232DA4\updatus.11234113_RUNASUSER.exe High
3.11.2011 19:05:57 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\NVIDIA\Updatus\Download\CC3B80B4\updatus.11265698_RUNASUSER.exe High
3.11.2011 19:05:58 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\OberonGameConsole\Asus\OberonMediaAutoUpdate.exe High
3.11.2011 19:06:03 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe High
3.11.2011 19:06:03 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\All Users\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe High
3.11.2011 19:06:12 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Local\PunkBuster\WAW\pb\PnkBstrB.exe High
3.11.2011 19:06:30 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe High
3.11.2011 19:06:30 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe High
3.11.2011 19:06:31 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe High
3.11.2011 19:06:32 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\FFDShow\unins000.exe High
3.11.2011 19:06:32 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe High
3.11.2011 19:06:32 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe High
3.11.2011 19:06:32 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe High
3.11.2011 19:06:32 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe High
3.11.2011 19:06:40 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\Downloads\ccsetup312.exe High
3.11.2011 19:06:45 Disinfected virus Virus.Win32.Neshta.a C:\Documents and Settings\Míra\Downloads\T-Cleaner.exe High
3.11.2011 19:07:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsActive.exe High
3.11.2011 19:07:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsChange.exe High
3.11.2011 19:07:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsChkDev.exe High
3.11.2011 19:07:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsCopy.exe High
3.11.2011 19:07:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsInsDrv.exe High
3.11.2011 19:07:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsInst.exe High
3.11.2011 19:07:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsMarker.exe High
3.11.2011 19:07:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsNonWhqlInst.exe High
3.11.2011 19:07:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsP1Sysprep.exe High
3.11.2011 19:07:46 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsShell.exe High
3.11.2011 19:07:46 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsStar64.exe High
3.11.2011 19:07:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\DEVCON.EXE High
3.11.2011 19:07:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\AsStart.exe High
3.11.2011 19:07:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\InstAll.exe High
3.11.2011 19:07:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\SERROR.exe High
3.11.2011 19:07:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\I386\Hotfxchk.exe High
3.11.2011 19:07:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\LIB\ReInst.exe High
3.11.2011 19:07:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Alcor\AU6437\XP32_XP64_Vista32_Vista64_Win7_32_Win7_64_1.8.17.26026\instmsia.exe High
3.11.2011 19:07:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Alcor\AU6437\XP32_XP64_Vista32_Vista64_Win7_32_Win7_64_1.8.17.26026\Setup.exe High
3.11.2011 19:07:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Alcor\AU6437\XP32_XP64_Vista32_Vista64_Win7_32_Win7_64_1.8.17.26026\instmsiw.exe High
3.11.2011 19:07:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Alcor\AU6437\XP32_XP64_Vista32_Vista64_Win7_32_Win7_64_1.8.17.26026\program files\AmIcoSingLun\x32\AmIcoSinglun.exe High
3.11.2011 19:07:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\AI_Recovery\Vista32_Vista64_Win7_32_Win7_64_1.0.13\Setup.exe High
3.11.2011 19:07:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Alcor\AU6437\XP32_XP64_Vista32_Vista64_Win7_32_Win7_64_1.8.17.26026\program files\AmIcoSingLun\x64\AmIcoSinglun64.exe High
3.11.2011 19:07:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\ASUS_K73SV_K73E_Screensaver_V2\XP32_Vista32_Win7_32_Win7_64_AsusScr_K3_Series_ENG_Basic\AsScrInst.exe High
3.11.2011 19:07:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\ATKPackage\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0008\Setup.exe High
3.11.2011 19:07:53 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\FancyStart\Vista32_Vista64_Win7_32_Win7_64_1.1.0\Setup.exe High
3.11.2011 19:07:53 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\eManual(K73SD_K73E_K73SV)\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.3\eManualInst.exe High
3.11.2011 19:07:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\FastBoot\Win7_64_1.0.8\Setup.exe High
3.11.2011 19:07:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\LifeFrame3\Vista32_Vista64_Win7_32_Win7_64_3.0.0021\Setup.exe High
3.11.2011 19:07:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\ASUS_K73SV_K73E_Screensaver_V2\XP32_Vista32_Win7_32_Win7_64_AsusScr_K3_Series_ENG_Basic\AsScrProIns.exe High
3.11.2011 19:07:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\LiveUpdate\XP32_Vista32_Vista64_Win7_32_Win7_64_2.5.9\remove.exe High
3.11.2011 19:07:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\LiveUpdate\XP32_Vista32_Vista64_Win7_32_Win7_64_2.5.9\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\Power4Gear_Hybrid\Vista32_Vista64_Win7_32_Win7_64_1.1.43\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\Splendid(K73E_K73SD_K73SV)\XP32_Vista32_Vista64_Win7_32_Win7_64_1.02.0031\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\SmartLogon\Vista32_Vista64_Win7_32_Win7_64_1.0.0011\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\WINFLASH\XP32_Vista32_Vista64_Win7_32_Win7_64_2.31.1\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\ChCfg.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\ASUS\Wireless_Console_3\XP32_Vista32_Vista64_Win7_32_Win7_64_3.0.19\Setup.exe High
3.11.2011 19:07:55 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Setup.exe High
3.11.2011 19:07:56 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\AERTSrv.exe High
3.11.2011 19:07:56 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\FMAPP.exe High
3.11.2011 19:07:58 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\RtHDVBg.exe High
3.11.2011 19:07:59 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\RtkAudioService.exe High
3.11.2011 19:08:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\RtlUpd.exe High
3.11.2011 19:08:01 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\SkyTel.exe High
3.11.2011 19:08:02 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\vncutil.exe High
3.11.2011 19:08:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista\RtkNGUI.exe High
3.11.2011 19:08:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\AERTSr64.exe High
3.11.2011 19:08:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\FMAPP.exe High
3.11.2011 19:08:06 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\RtkAudioService64.exe High
3.11.2011 19:08:08 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\RAVBg64.exe High
3.11.2011 19:08:10 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\RtlUpd64.exe High
3.11.2011 19:08:12 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\RtkNGUI64.exe High
3.11.2011 19:08:13 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\SkyTel.exe High
3.11.2011 19:08:13 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Audio\Realtek\ALC269\Vista32_Vista64_Win7_32_Win7_64_6.0.1.6324\Vista64\vncutil64.exe High
3.11.2011 19:08:15 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Setup.exe High
3.11.2011 19:08:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\Inst.exe High
3.11.2011 19:08:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\instmsia.exe High
3.11.2011 19:08:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\instmsiw.exe High
3.11.2011 19:08:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\Setup.exe High
3.11.2011 19:08:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\brcmVista\DPInst.exe High
3.11.2011 19:08:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win32\brcmWin7\DPInst.exe High
3.11.2011 19:08:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\Inst.exe High
3.11.2011 19:08:23 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\instmsia.exe High
3.11.2011 19:08:24 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\instmsiw.exe High
3.11.2011 19:08:25 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\Setup.exe High
3.11.2011 19:08:25 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\brcmVista\DPInst.exe High
3.11.2011 19:08:26 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Azurewave\BT(audio_pack)\Vista32_Vista64_Win7_32_Win7_64_6.2.5.600\Win64\brcmWin7\DPInst.exe High
3.11.2011 19:08:28 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Intel\IntelBT\Win7_64_1.1.0.0537\Setup.exe High
3.11.2011 19:08:30 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Bluetooth\Intel\IntelBT3.0_HS\Win7_64_1.1.0.0157\Setup.exe High
3.11.2011 19:08:30 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\MKE\INSTALL.EXE High
3.11.2011 19:08:30 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\MKE\SETUP.EXE High
3.11.2011 19:08:30 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TEAC\INSTALL.EXE High
3.11.2011 19:08:31 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TEAC\DOS\CDPLAYER.EXE High
3.11.2011 19:08:31 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TEAC\WINDOWS\SETUP.EXE High
3.11.2011 19:08:31 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TEAC\WINDOWS\3_1\CDP.EXE High
3.11.2011 19:08:32 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TEAC\WINDOWS\95\CDP95.EXE High
3.11.2011 19:08:32 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\CDROM\TOSHIBA\INSTALL.EXE High
3.11.2011 19:08:32 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Chipset\Intel\INFUpdate\XP32_Vista32_Vista64_Win7_32_Win7_64_9.2.0.1015\Setup.exe High
3.11.2011 19:08:34 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Chipset\Intel\INFUpdate\XP32_Vista32_Vista64_Win7_32_Win7_64_9.2.0.1015\ia64\Difx64.exe High
3.11.2011 19:08:34 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Chipset\Intel\INFUpdate\XP32_Vista32_Vista64_Win7_32_Win7_64_9.2.0.1015\x64\Difx64.exe High
3.11.2011 19:08:34 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\difx64.exe High
3.11.2011 19:08:36 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Setup.exe High
3.11.2011 19:08:37 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\GfxUI.exe High
3.11.2011 19:08:37 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\hkcmd.exe High
3.11.2011 19:08:38 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\igfxext.exe High
3.11.2011 19:08:39 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\igfxpers.exe High
3.11.2011 19:08:40 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\igfxtray.exe High
3.11.2011 19:08:41 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\igfxsrvc.exe High
3.11.2011 19:08:41 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Graphics\igxpun.exe High
3.11.2011 19:08:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\Intel Control Center\SetupICC.exe High
3.11.2011 19:08:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics\Vista64_Win7_64_8.15.10.2291\x64\Drv64.exe High
3.11.2011 19:08:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\setup.exe High
3.11.2011 19:08:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\Display.Driver\dbInstaller.exe High
3.11.2011 19:08:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\Display.Update\ComUpdatus.exe High
3.11.2011 19:08:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\Display.Update\daemonu.exe High
3.11.2011 19:08:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\Display.Update\nvlhr.exe High
3.11.2011 19:08:56 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\Display.Update\WLMerger.exe High
3.11.2011 19:09:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Display\nVidia\N11X_N12X_R260\Win7_64_8.17.12.6686\NView\nviewsetup.exe High
3.11.2011 19:09:37 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Intel\TurboBoostMonitor\Vista32_Vista64_Win7_32_Win7_64_2.1.23.0\ITBMSetting.exe High
3.11.2011 19:09:39 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\LAN\Atheros\AR8151\Win7_64_1.0.0.35\PNPINST64.exe High
3.11.2011 19:09:41 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\MEI\Intel\Intel(R)_Management_Engine_Components_1.5M\XP32_Vista32_Vista64_Win7_32_Win7_64_7.0.0.1118\setup.exe High
3.11.2011 19:09:42 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Others\ASUS\KBFilter\Win7_64_1.0.0.3\Win7_64\PNPINST64.exe High
3.11.2011 19:09:42 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Patch\AsCopy.exe High
3.11.2011 19:09:42 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Others\Intel\IRST\Vista64_Win7_64_10.1.0.1008\PNPINST64.exe High
3.11.2011 19:09:43 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\dpinst.exe High
3.11.2011 19:09:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDCtrl.exe High
3.11.2011 19:09:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDCtrlHelper.exe High
3.11.2011 19:09:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDDeviceInformation.exe High
3.11.2011 19:09:45 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDFingerPositioner.exe High
3.11.2011 19:09:46 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDMag.exe High
3.11.2011 19:09:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDHValueMonitor.exe High
3.11.2011 19:09:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\PNPINST64.exe High
3.11.2011 19:09:47 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\Setup.exe High
3.11.2011 19:09:48 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\ETDUn_inst.exe High
3.11.2011 19:09:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Elantech\PointingDevice_PNP_Port_Smart_Pad\Win7_64_8.0.5.0\Setup.exe High
3.11.2011 19:09:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\dpinst.exe High
3.11.2011 19:09:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\InstNT.exe High
3.11.2011 19:09:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\setup.exe High
3.11.2011 19:09:49 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\SynAsusAcpi.exe High
3.11.2011 19:09:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\SynMood.exe High
3.11.2011 19:09:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\SynTPHelper.exe High
3.11.2011 19:09:50 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\SynZMetr.exe High
3.11.2011 19:09:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\Tutorial.exe High
3.11.2011 19:09:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\dpinst.exe High
3.11.2011 19:09:51 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x64\SynTPEnh.exe High
3.11.2011 19:09:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\InstNT.exe High
3.11.2011 19:09:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\setup.exe High
3.11.2011 19:09:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\SynAsusAcpi.exe High
3.11.2011 19:09:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\SynMood.exe High
3.11.2011 19:09:52 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\SynTPHelper.exe High
3.11.2011 19:09:53 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\SynZMetr.exe High
3.11.2011 19:09:53 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\Tutorial.exe High
3.11.2011 19:09:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Touchpad\Synaptics\PointingDevice\XP32_Vista32_Vista64_Win7_32_Win7_64_15.2.16.1\WinWDF\x86\SynTPEnh.exe High
3.11.2011 19:09:54 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\setup.exe High
3.11.2011 19:09:59 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\helperException_MT.exe High
3.11.2011 19:09:59 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\Patch.exe High
3.11.2011 19:10:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\PatchUI.exe High
3.11.2011 19:10:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\coreFrameworkHost.exe High
3.11.2011 19:10:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\AMSP_LogServer.exe High
3.11.2011 19:10:00 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\coreServiceShell.exe High
3.11.2011 19:10:01 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\utilRollback.exe High
3.11.2011 19:10:02 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t1073741888l1p1r1o1\1.3.1036\bspatch.exe High
3.11.2011 19:10:02 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t1073741888l1p1r1o1\1.3.1036\bzip2.exe High
3.11.2011 19:10:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t679477760l1p1r1o1\6.5.1234\ncfg.exe High
3.11.2011 19:10:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t679479296l1p1r1o1\6.5.1234\tmlwfins.exe High
3.11.2011 19:10:03 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t679479296l1p1r1o1\6.5.1234\tmwfpins.exe High
3.11.2011 19:10:04 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.5.1234\tdiins.exe High
3.11.2011 19:10:04 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.5.1234\TmExtIns.exe High
3.11.2011 19:10:06 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\helperException_MT.exe High
3.11.2011 19:10:06 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\PatchUI.exe High
3.11.2011 19:10:06 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\Patch.exe High
3.11.2011 19:10:07 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\coreFrameworkHost.exe High
3.11.2011 19:10:07 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\coreServiceShell.exe High
3.11.2011 19:10:07 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\AMSP_LogServer.exe High
3.11.2011 19:10:07 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\utilRollback.exe High
3.11.2011 19:10:10 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t1073742080l1p5889r1o1\1.3.1036\bspatch.exe High
3.11.2011 19:10:10 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t1073742080l1p5889r1o1\1.3.1036\bzip2.exe High
3.11.2011 19:10:10 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679478272l1p5889r1o1\6.5.1234\ncfg.exe High
3.11.2011 19:10:10 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679481344l1p5889r1o1\6.5.1234\tmlwfins.exe High
3.11.2011 19:10:11 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679481344l1p5889r1o1\6.5.1234\tmwfpins.exe High
3.11.2011 19:10:11 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679493632l1p5889r1o1\6.5.1234\tdiins.exe High
3.11.2011 19:10:11 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.5.1234\TmExtIns.exe High
3.11.2011 19:10:11 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.5.1234\TmExtIns32.exe High
3.11.2011 19:10:13 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\32bit\WSCTool.exe High

Pokračování logu z AVPTool

3.11.2011 19:10:14 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\32bit\SupportTool.exe High
3.11.2011 19:10:14 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\64bit\WSCTool.exe High
3.11.2011 19:10:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\64bit\SupportTool.exe High
3.11.2011 19:10:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe High
3.11.2011 19:10:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe High
3.11.2011 19:10:16 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1104v0.0.0l1p5889r1o1\uiSeAgnt.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1104v0.0.0l1p5889r1o1\uiWatchDog.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c11t1104v0.0.0l1p5889r1o1\WSCStatusController.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1703v0.0.0l1p1r1o1\TiPreAU.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1703v0.0.0l1p1r1o1\UfIfAvIm.exe High
3.11.2011 19:10:17 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1704v0.0.0l1p5889r1o1\TiPreAU.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1704v0.0.0l1p5889r1o1\UfIfAvIm.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe High
3.11.2011 19:10:18 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe High
3.11.2011 19:10:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\SupportTool.exe High
3.11.2011 19:10:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe High
3.11.2011 19:10:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\VizorShortCut.exe High
3.11.2011 19:10:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe High
3.11.2011 19:10:19 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe High
3.11.2011 19:10:20 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\OEMConsole.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\ShorcutLauncher.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\Remove.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\TiMiniService.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\SupportTool.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\VizorShortCut.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\TiResumeSrv.exe High
3.11.2011 19:10:21 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCTool.exe High
3.11.2011 19:10:22 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCHandler.exe High
3.11.2011 19:10:23 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe High
3.11.2011 19:10:23 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe High
3.11.2011 19:10:23 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe High
3.11.2011 19:10:24 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe High
3.11.2011 19:10:24 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe High
3.11.2011 19:10:25 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OEMon.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OEImp.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OE.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OLSentry.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OLImp.exe High
3.11.2011 19:10:27 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OL.exe High
3.11.2011 19:10:33 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\InstallUCWrapper.exe High
3.11.2011 19:10:34 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1725v0.0.0l1p1r1o1\VizorHtmlDialog.exe High
3.11.2011 19:10:33 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe High
3.11.2011 19:10:34 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\TiPatch.exe High
3.11.2011 19:10:35 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\TiPreAU.exe High
3.11.2011 19:10:35 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\VizorHtmlDialog.exe High
3.11.2011 19:10:35 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\VizorShortCut.exe High
3.11.2011 19:10:36 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor64\InstallUCWrapper.exe High
3.11.2011 19:10:36 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor64\TiPatch.exe High
3.11.2011 19:10:36 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor64\TiPreAU.exe High
3.11.2011 19:10:37 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor64\VizorShortCut.exe High
3.11.2011 19:10:38 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WiFi\Intel\IntelWlan\Win7_64_14.1.1.3\Drivers\dpinst64.exe High
3.11.2011 19:10:40 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WiFi\Intel\IntelWlan\Win7_64_14.1.1.3\Drivers\iprodifx.exe High
3.11.2011 19:10:41 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WiFi\Intel\IntelWlan\Win7_64_14.1.1.3\Install\Setup.exe High
3.11.2011 19:10:41 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WLAN\Azurewave\AW-NB037_WLAN\Win7_32_Win7_64_9.0.0.222\Install_CD\setup.exe High
3.11.2011 19:10:42 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WLAN\Azurewave\AW-NE155\Win7_32_Win7_64_3.01.12.0001\Install_CD\setup.exe High
3.11.2011 19:10:43 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Software\WLAN\Azurewave\AW-NE785_PNP\Win7_64_8.0.0.316\PNPINST64.exe High
3.11.2011 19:10:43 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Windows\Temp\FixPatch.exe High
3.11.2011 19:10:43 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Windows\Temp\ProgressBar\AsCall.exe High
3.11.2011 19:10:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Windows\Temp\ProgressBar\F9ProgressBar.exe High
3.11.2011 19:10:44 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\eDriver\Windows\Temp\ProgressBar\ProgressBar.exe High
3.11.2011 19:10:46 Disinfected virus Virus.Win32.Neshta.a C:\eSupport\Manual\eManual.exe High
3.11.2011 19:10:46 Disinfected virus Virus.Win32.Neshta.a C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe High
3.11.2011 19:10:47 Disinfected virus Virus.Win32.Neshta.a C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe High
3.11.2011 19:10:47 Disinfected virus Virus.Win32.Neshta.a C:\MSOCache\All Users\{90120000-006E-0405-0000-0000000FF1CE}-C\DW20.EXE High
3.11.2011 19:10:48 Disinfected virus Virus.Win32.Neshta.a C:\MSOCache\All Users\{90120000-006E-0405-0000-0000000FF1CE}-C\dwtrig20.exe High
3.11.2011 19:11:30 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\7-Zip\Uninstall.exe High
3.11.2011 19:11:30 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\7-Zip\7z.exe High
3.11.2011 19:11:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryBurner.exe High
3.11.2011 19:11:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe High
3.11.2011 19:11:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\BurnHelper.exe High
3.11.2011 19:11:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\ChangeHD.exe High
3.11.2011 19:11:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\oscdimg.exe High
3.11.2011 19:11:32 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\Recovery_HD.exe High
3.11.2011 19:11:32 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AI Recovery\WinpeRestore.exe High
3.11.2011 19:11:33 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS LifeFrame3\AutoPlayer.exe High
3.11.2011 19:11:33 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS LifeFrame3\GameTmpl.exe High
3.11.2011 19:11:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS LifeFrame3\PhotoClub.exe High
3.11.2011 19:11:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe High
3.11.2011 19:11:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Asus Vibe\Asus Vibe.exe High
3.11.2011 19:11:41 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSBackup.exe High
3.11.2011 19:11:42 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSBookmarkSyncer.exe High
3.11.2011 19:11:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSCalendar.exe High
3.11.2011 19:11:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSCalendar_O.exe High
3.11.2011 19:11:44 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSdrive.exe High
3.11.2011 19:11:44 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSGoToWeb.exe High
3.11.2011 19:11:45 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSMobileApp.exe High
3.11.2011 19:11:46 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSMySyncFolder.exe High
3.11.2011 19:11:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSService.exe High
3.11.2011 19:11:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSUpdater.exe High
3.11.2011 19:11:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\gacutil.exe High
3.11.2011 19:11:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\InstallAction.exe High
3.11.2011 19:11:49 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AsusVibe\unins000.exe High
3.11.2011 19:11:50 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AsusVibe\dotNetFX35setup.exe High
3.11.2011 19:11:51 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AsusVibe\uninst.exe High
3.11.2011 19:11:51 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\AsusVibe\UninstallV1.exe High
3.11.2011 19:11:52 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\askill.exe High
3.11.2011 19:11:52 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AspScal.exe High
3.11.2011 19:11:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe High
3.11.2011 19:11:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\CypressTPCfg64.exe High
3.11.2011 19:11:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HCLaunMail64.exe High
3.11.2011 19:11:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HCSup.exe High
3.11.2011 19:11:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\InstASLDRSrv.exe High
3.11.2011 19:11:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SentelicTPCfg.exe High
3.11.2011 19:11:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptDis.exe High
3.11.2011 19:11:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\InstAWMIACPISrv.exe High
3.11.2011 19:11:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATK0100\Win7_64\PNPINST64.exe High
3.11.2011 19:11:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\InstGFNEXSrv.exe High
3.11.2011 19:11:57 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Bookworm Deluxe\BookWorm.exe High
3.11.2011 19:11:58 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Bookworm Deluxe\Launch.exe High
3.11.2011 19:11:58 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Bookworm Deluxe\Uninstall.exe High
3.11.2011 19:12:01 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Cooking Dash\Launch.exe High
3.11.2011 19:12:03 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Cooking Dash\cookingdash.exe High
3.11.2011 19:12:03 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Cooking Dash\Uninstall.exe High
3.11.2011 19:12:03 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\GameConsole\FullRemove.exe High
3.11.2011 19:12:04 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\GameConsole\GameParkConsole.exe High
3.11.2011 19:12:06 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\GameConsole\unins000.exe High
3.11.2011 19:12:07 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Governor of Poker\Launch.exe High
3.11.2011 19:12:08 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Governor of Poker\Uninstall.exe High
3.11.2011 19:12:09 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Hotel Dash Suite Success\Launch.exe High
3.11.2011 19:12:10 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Hotel Dash Suite Success\HotelDash.exe High
3.11.2011 19:12:11 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Hotel Dash Suite Success\Uninstall.exe High
3.11.2011 19:12:12 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Jewel Quest 3\Launch.exe High
3.11.2011 19:12:14 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Jewel Quest 3\JewelQuest3.exe High
3.11.2011 19:12:14 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Jewel Quest 3\Uninstall.exe High
3.11.2011 19:12:21 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Luxor 3\Launch.exe High
3.11.2011 19:12:21 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Luxor 3\Luxor3.exe High
3.11.2011 19:12:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Luxor 3\Uninstall.exe High
3.11.2011 19:12:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Mahjongg dimensions\Launch.exe High
3.11.2011 19:12:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Mahjongg dimensions\Uninstall.exe High
3.11.2011 19:12:25 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Plants vs Zombies\Launch.exe High
3.11.2011 19:12:26 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Plants vs Zombies\Uninstall.exe High
3.11.2011 19:12:26 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\Plants vs Zombies\PlantsVsZombies.exe High
3.11.2011 19:12:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\World of Goo\Launch.exe High
3.11.2011 19:12:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\World of Goo\Uninstall.exe High
3.11.2011 19:12:28 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Game Park\World of Goo\WorldOfGoo.exe High
3.11.2011 19:12:33 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe High
3.11.2011 19:12:34 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\SmartLogon\facemgr.exe High
3.11.2011 19:12:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Splendid\ACEngSvr.exe High
3.11.2011 19:12:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe High
3.11.2011 19:12:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\VirtualCamera\VirCamWS.exe High
3.11.2011 19:12:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Splendid\ACVT.exe High
3.11.2011 19:12:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\VirtualCamera\VirCam.exe High
3.11.2011 19:12:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe High
3.11.2011 19:12:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe High
3.11.2011 19:12:42 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe High
3.11.2011 19:12:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe High
3.11.2011 19:12:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\serviceManagerIWD.exe High
3.11.2011 19:12:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiDiConnectTest64.exe High
3.11.2011 19:12:44 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Intel Corporation\WiDiAgent\WiFiDnSServer.exe High
3.11.2011 19:12:45 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE High
3.11.2011 19:12:45 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE High
3.11.2011 19:12:46 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE High
3.11.2011 19:12:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\OINFOP12.EXE High
3.11.2011 19:12:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ACECNFLT.EXE High
3.11.2011 19:12:47 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSE7.EXE High
3.11.2011 19:12:48 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOICONS.EXE High
3.11.2011 19:12:48 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\ODEPLOY.EXE High
3.11.2011 19:12:49 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE High
3.11.2011 19:12:52 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE High
3.11.2011 19:12:53 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe High
3.11.2011 19:12:53 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpya64.exe High
3.11.2011 19:12:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\PX Storage Engine\pxcpyi64.exe High
3.11.2011 19:12:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\PX Storage Engine\pxhpinst.exe High
3.11.2011 19:12:54 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsa64.exe High
3.11.2011 19:12:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\PX Storage Engine\pxinsi64.exe High
3.11.2011 19:12:59 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Windows Live\.cache\1bd4749b1cbf04b02\DXSETUP.exe High
3.11.2011 19:13:00 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Windows Live\.cache\1c9544111cbf04b03\DXSETUP.exe High
3.11.2011 19:13:04 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Common Files\Windows Live\.cache\1b5b0e6d1cbf04b01\Silverlight.4.0.exe High
3.11.2011 19:13:19 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRStateCheck.exe High
3.11.2011 19:13:19 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\LabelPrint\OLRSubmission\OLRSubmission.exe High
3.11.2011 19:13:19 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\CLDrvChk.exe High
3.11.2011 19:13:19 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\CLMLInst.exe High
3.11.2011 19:13:20 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\CLMLUninst.exe High
3.11.2011 19:13:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\TaskScheduler.exe High
3.11.2011 19:13:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\BigBang\CLUpdater.exe High
3.11.2011 19:13:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpressServer.exe High
3.11.2011 19:13:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Cht\SecurityBrowser.exe High
3.11.2011 19:13:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Deu\SecurityBrowser.exe High
3.11.2011 19:13:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Chs\SecurityBrowser.exe High
3.11.2011 19:13:29 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Esp\SecurityBrowser.exe High
3.11.2011 19:13:29 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Fra\SecurityBrowser.exe High
3.11.2011 19:13:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Enu\SecurityBrowser.exe High
3.11.2011 19:13:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Ita\SecurityBrowser.exe High
3.11.2011 19:13:32 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Jpn\SecurityBrowser.exe High
3.11.2011 19:13:34 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Kor\SecurityBrowser.exe High
3.11.2011 19:13:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\Language\Ptg\SecurityBrowser.exe High
3.11.2011 19:13:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\OLRSubmission\OLRStateCheck.exe High
3.11.2011 19:13:36 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\CyberLink\Power2Go\OLRSubmission\OLRSubmission.exe High
3.11.2011 19:13:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\DTHelper.exe High
3.11.2011 19:13:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\dtsoftbusinst64.exe High
3.11.2011 19:13:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe High
3.11.2011 19:13:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\InstallGadget.exe High
3.11.2011 19:13:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x86.exe High
3.11.2011 19:13:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\SPTDinst-x64.exe High
3.11.2011 19:13:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe High
3.11.2011 19:13:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DVD Shrink\unins000.exe High
3.11.2011 19:13:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe High
3.11.2011 19:13:41 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\ea_uninst.exe High
3.11.2011 19:13:46 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\Support\The Battle for Middle-earth_uninst.exe High
3.11.2011 19:13:46 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\EA GAMES\The Battle for Middle-earth (tm)\Support\The Battle for Middle-earth_code.exe High
3.11.2011 19:13:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\extra_uninst.exe High
3.11.2011 19:13:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\eauninstall.exe High
3.11.2011 19:13:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\LotRIcon.exe High
3.11.2011 19:13:59 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\Support\The Battle for Middle-earth II_code.exe High
3.11.2011 19:13:59 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\Support\EasyInfo.exe High
3.11.2011 19:14:00 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\Support\EReg.exe High
3.11.2011 19:14:00 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\Support\The Battle for Middle-earth II_uninst.exe High
3.11.2011 19:14:08 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\wow_helper.exe High
3.11.2011 19:14:09 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe High
3.11.2011 19:14:09 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\chrome_launcher.exe High
3.11.2011 19:14:09 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\chrome_frame_helper.exe High
3.11.2011 19:14:10 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\nacl64.exe High
3.11.2011 19:14:11 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\Installer\setup.exe High
3.11.2011 19:14:17 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Chrome\Application\3.0.195.27\Installer\setup.exe High
3.11.2011 19:14:18 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe High
3.11.2011 19:14:18 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe High
3.11.2011 19:14:20 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_1D643E0FC0BE74CC.exe High
3.11.2011 19:14:20 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_BADB6DECFC517831.exe High
3.11.2011 19:14:20 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_5898FABCFA121C11.exe High
3.11.2011 19:14:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C5C67DF5D46FB314.exe High
3.11.2011 19:14:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Google Toolbar\Component\QuickSearchBoxInstaller_F914CE817EB4648E.exe High
3.11.2011 19:14:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleCrashHandler.exe High
3.11.2011 19:14:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleUpdate.exe High
3.11.2011 19:14:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleUpdateBroker.exe High
3.11.2011 19:14:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe High
3.11.2011 19:14:25 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79\GoogleUpdateSetup.exe High
3.11.2011 19:14:25 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\Download\{86A6BBF8-23BC-42B6-A2CC-9C86A97929EA}\GoogleUpdateSetup.exe High
3.11.2011 19:14:26 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.106\chrome_updater.exe High
3.11.2011 19:14:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe High
3.11.2011 19:14:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{40FEF622-6E0F-46B6-824B-A40C178FD4CD}\setup.exe High
3.11.2011 19:14:27 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\setup.exe High
3.11.2011 19:14:28 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{671EC9B2-A0F0-4035-AA48-729EDC3C59EF}\setup.exe High
3.11.2011 19:14:29 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{878CADF7-5BD6-4A29-A6F4-AC51C0CE8068}\Setup.exe High
3.11.2011 19:14:30 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe High
3.11.2011 19:14:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe High
3.11.2011 19:14:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\uninstall.exe High
3.11.2011 19:14:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe High
3.11.2011 19:14:31 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe High
3.11.2011 19:14:32 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe High
3.11.2011 19:14:32 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe High
3.11.2011 19:14:33 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Bluetooth\btmsrvview.exe High
3.11.2011 19:14:33 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Bluetooth\libRun.exe High
3.11.2011 19:14:35 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Bluetooth\CoexDrivers\Dpinst64.exe High
3.11.2011 19:14:37 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Intel Control Center\Uninstaller\SetupICC.exe High
3.11.2011 19:14:37 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe High
3.11.2011 19:14:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\uninstall\x64\Drv64.exe High
3.11.2011 19:14:39 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel Corporation\Intel WiDi\iwdaud_helper.exe High
3.11.2011 19:14:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\uninstall\x64\Drv64.exe High
3.11.2011 19:14:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel Corporation\Intel WiDi\AudioDriver\iwdaud_helper.exe High
3.11.2011 19:14:40 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Intel Corporation\Intel WiDi\Certificates\CertMgr.exe High
3.11.2011 19:14:42 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe High
3.11.2011 19:14:43 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe High
3.11.2011 19:15:00 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\DSSM.EXE High
3.11.2011 19:15:00 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE High
3.11.2011 19:15:01 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\MSOHTMED.EXE High
3.11.2011 19:15:02 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\GRAPH.EXE High
3.11.2011 19:15:02 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\MSQRY32.EXE High
3.11.2011 19:15:02 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\MSTORDB.EXE High
3.11.2011 19:15:04 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\SELFCERT.EXE High
3.11.2011 19:15:04 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Office\Office12\PPTVIEW.EXE High
3.11.2011 19:15:10 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\coregen.exe High
3.11.2011 19:15:10 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe High
3.11.2011 19:15:11 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\Silverlight.Configuration.exe High
3.11.2011 19:15:13 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe High
3.11.2011 19:15:14 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Mozilla Firefox\updater.exe High
3.11.2011 19:15:15 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe High
3.11.2011 19:15:15 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Nuance\PDF Reader\bin\iManInt.exe High
3.11.2011 19:15:17 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\WLMerger.exe High
3.11.2011 19:15:17 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\Nvlhr.exe High
3.11.2011 19:15:18 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\OpenAL\OalinstGridRelease.exe High
3.11.2011 19:15:18 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\ComUpdatus.exe High
3.11.2011 19:15:18 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe High
3.11.2011 19:15:21 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe High
3.11.2011 19:15:21 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\syncables.exe High
3.11.2011 19:15:21 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe High
3.11.2011 19:15:22 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\syncablesHost.exe High
3.11.2011 19:15:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javacpl.exe High
3.11.2011 19:15:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\java.exe High
3.11.2011 19:15:23 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaws.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jbroker.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jqsnotify.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jqs.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jucheck.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jureg.exe High
3.11.2011 19:15:24 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\jusched.exe High
3.11.2011 19:15:26 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\jre\bin\unpack200.exe High
3.11.2011 19:15:28 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\syncables\syncables desktop\syncablesdesktop_Copy\Windows\syncablesUpdater.exe High
3.11.2011 19:15:30 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Webteh\BSplayer\codecmanager.exe High
3.11.2011 19:15:34 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Webteh\BSplayer\uninstall.EXE High
3.11.2011 19:15:38 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Winamp\UninstWA.exe High
3.11.2011 19:15:48 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Winamp Detect\UninstWaDetect.exe High
3.11.2011 19:15:51 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Installer\defmgr.exe High
3.11.2011 19:15:53 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Mesh\MOE.exe High
3.11.2011 19:15:55 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe High
3.11.2011 19:15:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe High
3.11.2011 19:15:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe High
3.11.2011 19:15:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe High
3.11.2011 19:15:56 Disinfected virus Virus.Win32.Neshta.a C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe High
3.11.2011 19:37:22 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Assassin's Creed 2 CZ\Assassin's Creed 2 CZ\Crack\INSTAL~1.EXE High
3.11.2011 19:37:25 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Blitzkrieg\b)Crack\Blitzkrieg\game.exe High
3.11.2011 19:37:29 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Blitzkrieg\a)Daemon Tools 4.30.3 Lite\DAEMON~1.EXE High
3.11.2011 19:37:33 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Blitzkrieg\b)Crack\Blitzkrieg-Burning Horizont\game.exe High
3.11.2011 19:37:35 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Blitzkrieg\c)PATCH+ČEŠTINA\Blitzkrieg PATCH+ČEŠTINA\BLITZK~2.EXE High
3.11.2011 19:38:14 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\COD black ops\Crack\BlackOps.exe High
3.11.2011 19:38:27 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\COD black ops\Crack\BlackOpsMP.exe High
3.11.2011 19:38:36 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\CODBO\Crack\BlackOps.exe High
3.11.2011 19:38:43 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\CODBO\Crack\BlackOpsMP.exe High
3.11.2011 19:38:47 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Pán Prstenů Bitva o Středozem I\a)Daemon Tools 4.30.3 Lite\DAEMON~1.EXE High
3.11.2011 19:38:48 Disinfected virus Virus.Win32.Neshta.a D:\DOWNLOAD\Pán Prstenů Bitva o Středozem I\Čeština\LOTRBF~1.EXE High
3.11.2011 19:38:55 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\COD4\Crack funkcny !\iw3sp.exe High
3.11.2011 19:38:58 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\CDBXP_~1.EXE High
3.11.2011 19:39:01 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\COD5\CoDWaW.exe High
3.11.2011 19:39:02 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\COD5\rzr-c5kg.exe High
3.11.2011 19:39:03 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\Crysis.CZ.RAZOR.1911.1000Mb.WarBaddie.of.Storm\Crysis\Crack 32bit\CRYSIS~1.EXE High
3.11.2011 19:39:04 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\Crysis.CZ.RAZOR.1911.1000Mb.WarBaddie.of.Storm\Crysis\Crack Vista 64\Bin32\Crysis.exe High
3.11.2011 19:39:12 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\Crysis.CZ.RAZOR.1911.1000Mb.WarBaddie.of.Storm\Crysis\Crack Vista 64\Bin64\Crysis.exe High
3.11.2011 19:41:39 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\dvdshrink32setup\DVDSHR~1.EXE High
3.11.2011 19:41:42 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\AutoRun.exe High
3.11.2011 19:41:45 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\EAUNIN~1.EXE High
3.11.2011 19:41:46 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\LotRIcon.exe High
3.11.2011 19:41:48 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\DirectX\dxsetup.exe High
3.11.2011 19:41:49 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\CAIR_A~1.EXE High
3.11.2011 19:41:51 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\BFME2_~1.EXE High
3.11.2011 19:41:51 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\EDORAS~1.EXE High
3.11.2011 19:41:52 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\FLAT_T~1.EXE High
3.11.2011 19:41:52 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\GONDOR~1.EXE High
3.11.2011 19:41:53 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\PINNAT~1.EXE High
3.11.2011 19:41:53 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\THE_BA~1.EXE High
3.11.2011 19:41:54 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\THE_GR~1.EXE High
3.11.2011 19:41:55 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\MP MAP Helms Deep\MPMAPH~2.EXE High
3.11.2011 19:41:57 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Support\EasyInfo.exe High
3.11.2011 19:41:58 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Support\EReg.exe High
3.11.2011 19:41:58 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Support\THEBAT~1.EXE High
3.11.2011 19:42:02 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Mapy\Instalační\MP MAP Helms Deep\MPMAPH~1.EXE High
3.11.2011 19:42:03 Disinfected virus Virus.Win32.Neshta.a D:\INSTAL\LOTR 2\Support\THEBAT~2.EXE High
Status: Deleted (events: 2)
3.11.2011 19:12:24 Deleted virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe High
3.11.2011 19:12:24 Deleted virus Virus.Win32.Neshta.a C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe//# High

Tak jsem provedl vše podle návodu již z dřívějška a vypadá to moc dobře, provedl jsem zatím jen rychlý test avastem a prý tu mám už zase čisto. Přes noc udělám ještě kompletní test at mám skoro jistotu.

Jinak díky aspoň za rady, které jste dávali dříve těm, co měli stejný problém jako já teď.

Tak tedy vše bez problému a hlásí to, že je vše čistý. Vše funguje jak má.
Mám tedy pocit, že si tu dopisuji sám se sebou ale aspoň potvrzuji, že to funguje na jedničku.

Mějte se a pokud nikdo nic nemá k těm logům, tak to můžete locknout.
PIC

Hezke sobotni dopoledne preji

Mám tedy pocit, že si tu dopisuji sám se sebou

Prave tim, ze si odepisujete sam, se radcum ztracite. Protoze oni hledaji prednostne temata bez odpovedi. Ale driv nebo pozdeji si vas jiste najdou

Zdravim a pekny den preji

Je to jak psal kolega, jak jste si odpovidal, tak jste nam zapadl...

Jeste udelejte prosim CureIt http://www.viry.cz/forum/viewtopic.php?f=29&t=47721

Tak expresní scan nenašel nic.
Kopletní scan našel jeden:
Win32.HLLW.Okamai.26, který byl umístěn v:
C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.106
Byl smazán.

Jinak je to čistý.
Je to vše? Jinak moc děkuji chlapi.

Aplikujte exeHelper by Raktor

• Linky ke stazeni
  • COM soubor http://vyosek.ic.cz/BE/exeHelper.com
  • SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
• Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt

Tak jsem aplikoval a v logu je následující:

exeHelper by Raktor
Build 20100414
Run at 17:44:59 on 11/08/11
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Nic víc se nestalo. Je to vše?

Stary CF(Beruska.com) smazte a stahnete si novy odsud http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Collect::
  c:\windows\svchost.com
  
  File::
  c:\windows\SysWow64\tmp8490.tmp
  c:\windows\SysWow64\tmp848F.tmp
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  
  Driver::
  gupdate
  gupdatem
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tady je ten log:

ComboFix 11-11-08.02 - Míra 08.11.2011 21:21:29.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4008.2575 [GMT 1:00]
Spuštěný z: c:\users\MÝra\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MÝra\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\directx.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-08 do 2011-11-08 )))))))))))))))))))))))))))))))
.
.
2011-11-08 20:25 . 2011-11-08 20:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-08 20:25 . 2011-11-08 20:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-01 16:48 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-10-30 21:34 . 2011-10-30 21:34 -------- d-----w- c:\users\Public\CyberLink
2011-10-23 12:59 . 2011-10-26 19:00 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-23 12:59 . 2011-10-23 12:59 682280 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-10-23 12:59 . 2011-10-23 12:59 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-21 21:24 . 2011-10-21 21:24 -------- d-----w- c:\program files (x86)\EA GAMES
2011-10-19 21:45 . 2011-10-19 21:45 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-19 21:43 . 2011-10-19 21:46 -------- d-----w- c:\programdata\Microsoft Help
2011-10-19 21:43 . 2011-10-19 21:43 -------- d-----r- C:\MSOCache
2011-10-19 18:37 . 2011-10-19 18:37 -------- d-----w- c:\program files (x86)\KONAMI
2011-10-15 17:44 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-14 19:47 . 2011-10-18 19:14 -------- d-----w- c:\programdata\Codemasters
2011-10-14 19:46 . 2011-10-14 19:46 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 -------- d-----w- c:\program files (x86)\OpenAL
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\SysWow64\Wat
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\system32\Wat
2011-10-13 20:12 . 2011-11-04 17:08 -------- d-----w- c:\program files (x86)\Activision
2011-10-13 18:39 . 2011-11-04 21:22 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-10-13 15:12 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-10-12 18:36 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\7-Zip
2011-10-12 18:35 . 2011-11-03 21:48 -------- d-----w- c:\program files (x86)\Webteh
2011-10-12 18:33 . 2011-10-12 18:33 -------- d-----w- c:\program files\CDBurnerXP
2011-10-12 18:31 . 2011-10-12 18:31 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-12 18:31 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-10-12 18:31 . 2011-10-12 18:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\programdata\DVD Shrink
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\program files (x86)\DVD Shrink
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-10-12 18:28 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\Winamp
2011-10-12 18:20 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-12 18:20 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-12 18:20 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-12 18:20 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-12 18:20 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-12 18:20 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-12 18:20 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-12 18:20 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-12 18:20 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\programdata\AVAST Software
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\program files\AVAST Software
2011-10-12 16:46 . 2011-10-12 16:46 -------- d-----w- c:\programdata\FolderView
2011-10-12 16:46 . 2011-11-08 16:32 -------- d-----w- C:\ASUS.DAT
2011-10-12 16:45 . 2011-11-05 20:29 -------- d-----w- c:\users\Míra
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-03 19:39 . 2011-07-29 13:52 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-12 16:46 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-03 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2011-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-11-03 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-11-03 731472]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-11-03 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-11-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2011-11-03 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-11-03 1601536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Míra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
_uninst_28285317.lnk - c:\users\Míra\AppData\Local\Temp\_uninst_28285317.bat [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-10-12 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-03 135664]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-11-03 183560]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-03 135664]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-11-03 332272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-11-03 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-03 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-03 2655768]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-11-03 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:59]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 17:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-11-03 324096]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Míra\AppData\Roaming\Mozilla\Firefox\Profiles\hwkt67cf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-11-08 21:27:36
ComboFix-quarantined-files.txt 2011-11-08 20:27
.
Před spuštěním: Volných bajtů: 222 009 692 160
Po spuštění: Volných bajtů: 221 506 924 544
.
- - End Of File - - 19BE7A77C1B1FA744D62E5F5FF3C5A80

Diakritika v nazvu uctu dela sve

Presunte CF primo na disk c:\

Taktez na disku c:\ udeljte znovu skript a aplikujte jej

Tak jsem provedl, Combofix jsem dal přímo na C s tím, že jsem na něj přetáhnul znova ten log od Vás (CFScript.txt) a vyhodilo mi to:

ComboFix 11-11-08.02 - Míra 09.11.2011 17:42:17.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4008.2249 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: c:\users\MÝra\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-09 do 2011-11-09 )))))))))))))))))))))))))))))))
.
.
2011-11-09 16:45 . 2011-11-09 16:45 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-11-09 16:45 . 2011-11-09 16:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-09 16:33 . 2011-11-09 16:33 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BE262FC-1C01-4825-988B-10F8948C3BA4}\offreg.dll
2011-11-08 16:36 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7BE262FC-1C01-4825-988B-10F8948C3BA4}\mpengine.dll
2011-11-06 17:07 . 2011-11-06 17:07 -------- d-----w- c:\programdata\KONAMI
2011-11-06 16:52 . 2011-11-06 16:56 -------- d-----w- c:\program files (x86)\FIFA 12
2011-11-03 17:42 . 2011-11-03 17:42 -------- d-----w- c:\programdata\Kaspersky Lab
2011-11-03 17:36 . 2011-11-03 17:36 -------- d-----w- c:\program files\CCleaner
2011-10-30 21:34 . 2011-10-30 21:34 -------- d-----w- c:\users\Public\CyberLink
2011-10-23 12:59 . 2011-10-26 19:00 111928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-23 12:59 . 2011-10-23 12:59 682280 ----a-w- c:\windows\SysWow64\pbsvc.exe
2011-10-23 12:59 . 2011-10-23 12:59 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-10-21 21:24 . 2011-10-21 21:24 -------- d-----w- c:\program files (x86)\EA GAMES
2011-10-19 21:45 . 2011-10-19 21:45 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-10-19 21:43 . 2011-10-19 21:46 -------- d-----w- c:\programdata\Microsoft Help
2011-10-19 21:43 . 2011-10-19 21:43 -------- d-----r- C:\MSOCache
2011-10-19 18:37 . 2011-10-19 18:37 -------- d-----w- c:\program files (x86)\KONAMI
2011-10-15 17:44 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-10-14 19:47 . 2011-10-18 19:14 -------- d-----w- c:\programdata\Codemasters
2011-10-14 19:46 . 2011-10-14 19:46 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-10-14 19:46 . 2011-10-14 19:46 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-10-14 19:46 . 2011-10-14 19:46 -------- d-----w- c:\program files (x86)\OpenAL
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\SysWow64\Wat
2011-10-14 14:45 . 2011-10-14 14:45 -------- d-----w- c:\windows\system32\Wat
2011-10-13 20:12 . 2011-11-04 17:08 -------- d-----w- c:\program files (x86)\Activision
2011-10-13 18:39 . 2011-11-04 21:22 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-10-13 15:12 . 2011-05-04 05:25 2315776 ----a-w- c:\windows\system32\tquery.dll
2011-10-12 18:36 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\7-Zip
2011-10-12 18:35 . 2011-11-03 21:48 -------- d-----w- c:\program files (x86)\Webteh
2011-10-12 18:33 . 2011-10-12 18:33 -------- d-----w- c:\program files\CDBurnerXP
2011-10-12 18:31 . 2011-10-12 18:31 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-12 18:31 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-10-12 18:31 . 2011-10-12 18:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\programdata\DVD Shrink
2011-10-12 18:30 . 2011-10-12 18:30 -------- d-----w- c:\program files (x86)\DVD Shrink
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Winamp Detect
2011-10-12 18:29 . 2011-10-12 18:29 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2011-10-12 18:28 . 2011-11-03 17:51 -------- d-----w- c:\program files (x86)\Winamp
2011-10-12 18:20 . 2011-09-06 20:38 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-12 18:20 . 2011-09-06 20:36 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-12 18:20 . 2011-09-06 20:36 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-12 18:20 . 2011-09-06 20:45 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-12 18:20 . 2011-09-06 20:38 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-12 18:20 . 2011-09-06 20:36 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-12 18:20 . 2011-09-06 20:36 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-12 18:20 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-12 18:20 . 2011-09-06 20:45 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\programdata\AVAST Software
2011-10-12 18:20 . 2011-10-12 18:20 -------- d-----w- c:\program files\AVAST Software
2011-10-12 16:46 . 2011-10-12 16:46 -------- d-----w- c:\programdata\FolderView
2011-10-12 16:46 . 2011-11-09 16:31 -------- d-----w- C:\ASUS.DAT
2011-10-12 16:45 . 2011-11-05 20:29 -------- d-----w- c:\users\Míra
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-08 21:17 . 2011-07-29 13:52 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-10-12 16:46 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-08_20.25.40 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-11-08 16:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-09 16:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-08 16:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-09 16:32 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-11-08 16:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-09 16:32 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-02-18 20:13 . 2011-11-09 16:32 36084 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-09 16:32 37184 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-11-08 16:34 37184 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-12 16:47 . 2011-11-09 16:32 5980 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1585846709-3109716196-2164651341-1001_UserData.bin
+ 2011-11-09 16:30 . 2011-11-09 16:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-08 16:32 . 2011-11-08 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-09 16:30 . 2011-11-09 16:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-08 16:32 . 2011-11-08 16:32 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-29 13:51 . 2011-11-07 23:20 600280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-07-29 13:51 . 2011-11-08 21:16 600280 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2011-11-07 23:20 320940 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-08 21:21 320940 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-10-12 19:27 . 2011-11-08 21:16 10870668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1585846709-3109716196-2164651341-1001-8192.dat
+ 2011-11-09 16:41 . 2011-11-09 16:41 10231808 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 433648 ----a-w- c:\programdata\Partner\Partner.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2011-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-11-03 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-11-03 731472]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-11-03 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-11-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2011-11-03 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-11-03 1601536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Míra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
_uninst_28285317.lnk - c:\users\Míra\AppData\Local\Temp\_uninst_28285317.bat [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-10-12 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-11-03 183560]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 Partner Service;Partner Service;c:\programdata\Partner\Partner.exe [2011-11-03 332272]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-11-03 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-11-03 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-03 2655768]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-11-03 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2011-04-01 08:58 750064 ----a-w- c:\programdata\Partner\Partner64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-11-03 324096]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Míra\AppData\Roaming\Mozilla\Firefox\Profiles\hwkt67cf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
Celkový čas: 2011-11-09 17:47:22
ComboFix-quarantined-files.txt 2011-11-09 16:47
.
Před spuštěním: Volných bajtů: 221 027 979 264
Po spuštění: Volných bajtů: 220 978 651 136
.
- - End Of File - - 83081542D7F37686B0A4593EC25C2A91

Log nam vypada OK, jak se chova PC