Stránka 1 z 1

vir Ministerstva vnutra

Napsal: 20 čer 2013 08:13
od M142
Zdravim, dostal som vir "Ministerstva vnutra". tu je log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-06-2013
Ran by Jose (administrator) on 20-06-2013 09:08:56
Running from F:\
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) ===================

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corporation) C:\Windows\system32\cmd.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start [417792 2009-04-10] (Chicony)
HKLM\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-07] (AVAST Software)
HKLM\...\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START [83336 2009-07-21] (TOSHIBA CORPORATION)
HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml [20992 2012-03-19] ()
HKLM\...\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [484920 2009-07-20] (Conexant Systems, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [4910912 2011-08-02] (DT Soft Ltd)
HKCU\...\Run: [] [x]
HKCU\...\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray [1090040 2012-12-21] (Nokia)
HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Jose\AppData\Roaming\skype.dat <==== ATTENTION
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU SearchScopes: DefaultScope {1B72BE01-D481-4F7D-B442-9A8995DB4E84} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
SearchScopes: HKCU - {1B72BE01-D481-4F7D-B442-9A8995DB4E84} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: msdaipp - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\oj5smgx2.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-09] (SUPERAntiSpyware.com)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-02-20] ()
S2 postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] ()
S3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI32.sys [487936 2009-06-23] (Conexant Systems Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [232512 2011-09-12] (DT Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2011-12-20] (LogMeIn, Inc.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [35592 2012-11-15] (Anchorfree Inc.)
S3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [48128 2009-12-08] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Jose\AppData\Local\Temp\catchme.sys [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys F53B89A4B976B534DAA8AEDAFEAF8EA3
C:\Windows\System32\DRIVERS\atikmpag.sys 3DEA9B1D1B274C739C9367FB1E56185F
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys CCDA8D84FD02AEC52E62F296433AE9DC
C:\Windows\system32\drivers\aswMonFlt.sys A6E20E62871A28A0F1C05B1681848FA7
C:\Windows\System32\Drivers\aswrdr2.sys 6844738D52970A0F482768EEA941C78E
C:\Windows\System32\Drivers\aswRvrt.sys 657A61979F40D67CA29716149766FFA7
C:\Windows\System32\Drivers\aswSnx.sys 0E604867FC28F00D91CB0B00D2EC830D
C:\Windows\System32\Drivers\aswSP.sys 6FC4AA106AA505394C908D37CCCB9148
C:\Windows\System32\Drivers\aswTdi.sys 33E21FFB063CA6C7E00D568467DC72E4
C:\Windows\System32\Drivers\aswVmm.sys EDB0C9BA44B748E420CCA989FD8B826E
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW73.sys 6ADC42CF4A6AB84975CA63DCCFAAF5D8
C:\Windows\System32\DRIVERS\atikmdag.sys F53B89A4B976B534DAA8AEDAFEAF8EA3
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 77361D72A04F18809D0EFB6CCEB74D4B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys C2FBF6D271D9A94D839C416BF186EAD9
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\drivers\CHDRT32.sys 2FBEA8AAAD105B93F1EF93F206664245
C:\Windows\System32\drivers\CHDMI32.sys 2FBEA8AAAD105B93F1EF93F206664245
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys C0C7CECCB6C85994C2BC92D58E52D3F2
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 7929A161F9951D173CA9900FE7067391
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s32.sys 5B2DFA9C5C02DDF2A113CC0F551B59DF
C:\Windows\System32\DRIVERS\netw5v32.sys 58218EC6B61B1169CF54AAB0D00F5FE2
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pccsmcfd.sys F451DCACBAA67F3307305EBD4A39EA07
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\Drivers\RootMdm.sys 564297827D213F52C7A3A2FF749568CA
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345
C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 0328BE1C7F1CBA23848179F8762E391C
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss6.sys A69C1848E37482C855D94AA05145086C
C:\Windows\System32\drivers\tcpip.sys D32FDAC73FCD76B85389C39BC1087F2A
C:\Windows\System32\DRIVERS\tcpip.sys D32FDAC73FCD76B85389C39BC1087F2A
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tosporte.sys 90AFA1A4451BBBEE87C9F18A665D8121
C:\Windows\System32\DRIVERS\tosrfbd.sys B168B345FB7073930C31E0D8B85E8353
C:\Windows\System32\Drivers\tosrfbnp.sys 74392BAB3F0D4810DA8436EC79D6955D
C:\Windows\System32\Drivers\tosrfcom.sys 1AD9EB1B5ABD0AEEE4084C8153476F1E
C:\Windows\System32\DRIVERS\tosrfec.sys 9EE240F7029771B21CC6200BE6516D60
C:\Windows\System32\DRIVERS\Tosrfhid.sys A72A3473180F378CC07D342803FFD580
C:\Windows\System32\DRIVERS\tosrfnds.sys B2A1A6538245FD69578224BBF2FD4677
C:\Windows\System32\drivers\tosrfsnd.sys F1CA74CCA8241D8B8A024AECC643C547
C:\Windows\System32\DRIVERS\tosrfusb.sys F400FB9616261A1B66E6D2E04B6C3538
C:\Windows\System32\drivers\truecrypt.sys 746B8CF9CEDEDDD865472544EDF626DA
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys 83CAFCB53201BBAC04D822F32438E244
C:\Windows\system32\drivers\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\Drivers\UVCFTR_S.SYS 237C444FBD1C697A2E3FA60F02C61F22
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys 5A2DDC5411A092BEDB1A07755E087784
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\yk62x86.sys B07C5B7EFDF936FF93D4F540938725BE

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-20 09:08 - 2013-06-20 09:08 - 00000000 ____D C:\FRST
2013-06-14 10:19 - 2013-06-18 18:21 - 00000004 ____A C:\Users\Jose\AppData\Roaming\skype.ini
2013-06-13 09:36 - 2013-05-16 20:18 - 06034432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-13 09:36 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-13 09:36 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-13 09:36 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-13 09:36 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-13 09:36 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-13 09:36 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-13 09:35 - 2013-05-16 20:21 - 01231872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-13 09:35 - 2013-05-16 20:21 - 00981504 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 09:35 - 2013-05-16 20:21 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-13 09:35 - 2013-05-16 20:18 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 09:35 - 2013-05-16 20:18 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-13 09:35 - 2013-05-16 20:17 - 11020800 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-13 09:35 - 2013-05-16 20:17 - 02078208 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-13 09:35 - 2013-05-16 20:17 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-13 09:35 - 2013-05-16 20:17 - 00048128 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 09:35 - 2013-05-16 18:44 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-13 09:35 - 2013-05-08 07:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-13 09:35 - 2013-05-06 07:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-06-13 09:35 - 2013-05-06 07:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-06-10 15:36 - 2013-06-10 16:38 - 577221336 ____A C:\Users\Jose\Downloads\Marcela(2006)komplet-1+2díl,(nufik).avi
2013-06-10 14:32 - 2013-06-10 15:37 - 00000000 ____D C:\Users\Jose\Downloads\Game of Thrones S03E10 HDTV x264-EVOLVE[ettv]
2013-06-10 12:34 - 2013-06-10 12:34 - 00022589 ____A C:\Windows\DirectX.log
2013-06-10 12:34 - 2013-06-10 12:34 - 00002177 ____A C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2013-06-10 12:26 - 2013-06-10 12:26 - 00000000 ____D C:\Program Files\Microsoft Games
2013-06-10 12:13 - 2013-06-10 12:13 - 00000000 ____D C:\Users\Jose\Downloads\Fable - The Lost Chapters
2013-06-10 11:19 - 2013-06-10 12:13 - 2281225788 ____A C:\Users\Jose\Downloads\Fable - The Lost Chapters.rar
2013-06-06 21:04 - 2013-06-13 15:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-06 20:09 - 2013-06-06 20:09 - 00000000 ____D C:\Users\Jose\Downloads\Cafe de Flore (2011) 720p BRrip_sujaidr
2013-06-05 13:54 - 2013-06-05 13:54 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Toshiba
2013-06-04 12:33 - 2013-06-04 12:33 - 08009134 ____A C:\Users\Jose\Downloads\DO.zip
2013-06-03 20:48 - 2013-06-03 18:40 - 00041682 ____A C:\Users\Jose\Downloads\Game.of.Thrones.S03E09.720p.HDTV.x264-EVOLVE.srt
2013-06-03 20:45 - 2013-06-03 20:45 - 00071270 ____A C:\Users\Jose\Downloads\309-cz.zip
2013-06-03 20:33 - 2013-06-03 20:40 - 345861670 ____A C:\Users\Jose\Downloads\Game.of.Thrones.S03E09.HDTV.x264-EVOLVE.mp4
2013-06-03 17:29 - 2013-06-03 18:00 - 00000000 ____D C:\Users\Jose\Downloads\Fists in the Pocket (I Pugni in Tasca)
2013-06-03 17:08 - 2013-06-03 23:46 - 00000000 ____D C:\Users\Jose\Downloads\Scouting Book For Boys, The
2013-06-03 11:37 - 2013-06-03 11:55 - 735467520 ____A C:\Users\Jose\Downloads\Defendor[2009]DvDrip-aXXo.avi
2013-06-03 11:25 - 2013-06-03 15:10 - 187240448 ____A C:\Users\Jose\Downloads\The_Scouting_Book_for_Boys_2009_DVDRip_XviD_5rFF.part1.rar
2013-05-27 14:02 - 2013-05-27 14:02 - 00000000 ____D C:\Users\Jose\Desktop\cv8_Hash-ovanie
2013-05-23 23:29 - 2013-05-24 11:39 - 00000000 ____D C:\Users\Jose\Downloads\Shameless.US.Season.1.BoRiS
2013-05-23 20:31 - 2013-05-23 22:57 - 00000000 ____D C:\Users\Jose\Downloads\Lucky Number Slevin (2006) [1080p]
2013-05-23 19:27 - 2013-05-23 20:24 - 00000000 ____D C:\Users\Jose\Downloads\Hostel[Unrated][2005]DvDrip.AC3[Eng]-aXXo
2013-05-22 10:42 - 2013-05-22 11:23 - 737720320 ____A C:\Users\Jose\Downloads\Bytosť-z-hlbín-2001-(wrw)-tit.CZ.avi
2013-05-21 21:14 - 2013-05-21 21:14 - 00000000 ____D C:\Users\Jose\Desktop\sm
2013-05-21 09:51 - 2013-05-21 09:52 - 05135666 ____A C:\Users\Jose\Desktop\DO - Pisomky 2012.rar
2013-05-21 09:45 - 2013-05-21 09:45 - 00340815 ____A C:\Users\Jose\Desktop\do2012_simplex.zip
2013-05-21 09:29 - 2013-05-21 09:29 - 01590701 ____A C:\Users\Jose\Desktop\Skusky.zip

==================== One Month Modified Files and Folders ========

2013-06-20 09:08 - 2013-06-20 09:08 - 00000000 ____D C:\FRST
2013-06-18 18:21 - 2013-06-14 10:19 - 00000004 ____A C:\Users\Jose\AppData\Roaming\skype.ini
2013-06-18 18:16 - 2009-07-14 06:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-18 18:15 - 2012-10-01 17:43 - 00061196 ____A C:\Windows\setupact.log
2013-06-14 21:49 - 2012-04-03 08:47 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-14 21:49 - 2011-09-12 19:08 - 01247913 ____A C:\Windows\WindowsUpdate.log
2013-06-14 17:44 - 2009-07-14 06:34 - 00016272 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-14 17:44 - 2009-07-14 06:34 - 00016272 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-14 09:45 - 2011-09-12 21:21 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Skype
2013-06-14 08:33 - 2012-04-03 08:47 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-06-14 08:33 - 2011-09-12 20:52 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-06-14 08:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-06-14 00:14 - 2011-09-13 11:33 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 15:35 - 2013-06-06 21:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-12 07:56 - 2013-04-08 22:51 - 00000000 ____D C:\Users\Jose\Desktop\DO
2013-06-12 07:06 - 2012-05-01 12:04 - 00000000 ____D C:\users\postgres
2013-06-11 06:45 - 2013-03-20 09:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-06-10 20:15 - 2011-09-12 19:09 - 00006420 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-10 19:45 - 2011-09-18 18:27 - 00000000 ____D C:\Users\Jose\AppData\Roaming\uTorrent
2013-06-10 16:38 - 2013-06-10 15:36 - 577221336 ____A C:\Users\Jose\Downloads\Marcela(2006)komplet-1+2díl,(nufik).avi
2013-06-10 15:37 - 2013-06-10 14:32 - 00000000 ____D C:\Users\Jose\Downloads\Game of Thrones S03E10 HDTV x264-EVOLVE[ettv]
2013-06-10 12:41 - 2011-11-03 20:57 - 00000000 ____D C:\Users\Jose\Documents\My Games
2013-06-10 12:34 - 2013-06-10 12:34 - 00022589 ____A C:\Windows\DirectX.log
2013-06-10 12:34 - 2013-06-10 12:34 - 00002177 ____A C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2013-06-10 12:34 - 2011-10-14 13:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-06-10 12:26 - 2013-06-10 12:26 - 00000000 ____D C:\Program Files\Microsoft Games
2013-06-10 12:13 - 2013-06-10 12:13 - 00000000 ____D C:\Users\Jose\Downloads\Fable - The Lost Chapters
2013-06-10 12:13 - 2013-06-10 11:19 - 2281225788 ____A C:\Users\Jose\Downloads\Fable - The Lost Chapters.rar
2013-06-06 20:23 - 2011-09-13 14:51 - 00000000 ____D C:\Program Files\Steam
2013-06-06 20:23 - 2011-09-13 14:51 - 00000000 ____D C:\Program Files\Common Files\Steam
2013-06-06 20:09 - 2013-06-06 20:09 - 00000000 ____D C:\Users\Jose\Downloads\Cafe de Flore (2011) 720p BRrip_sujaidr
2013-06-05 13:54 - 2013-06-05 13:54 - 00000000 ____D C:\Users\Jose\AppData\Roaming\Toshiba
2013-06-05 13:54 - 2011-09-26 22:08 - 00000000 ____D C:\Users\Jose\Documents\Bluetooth
2013-06-04 12:33 - 2013-06-04 12:33 - 08009134 ____A C:\Users\Jose\Downloads\DO.zip
2013-06-03 23:46 - 2013-06-03 17:08 - 00000000 ____D C:\Users\Jose\Downloads\Scouting Book For Boys, The
2013-06-03 20:45 - 2013-06-03 20:45 - 00071270 ____A C:\Users\Jose\Downloads\309-cz.zip
2013-06-03 20:40 - 2013-06-03 20:33 - 345861670 ____A C:\Users\Jose\Downloads\Game.of.Thrones.S03E09.HDTV.x264-EVOLVE.mp4
2013-06-03 18:40 - 2013-06-03 20:48 - 00041682 ____A C:\Users\Jose\Downloads\Game.of.Thrones.S03E09.720p.HDTV.x264-EVOLVE.srt
2013-06-03 18:00 - 2013-06-03 17:29 - 00000000 ____D C:\Users\Jose\Downloads\Fists in the Pocket (I Pugni in Tasca)
2013-06-03 15:10 - 2013-06-03 11:25 - 187240448 ____A C:\Users\Jose\Downloads\The_Scouting_Book_for_Boys_2009_DVDRip_XviD_5rFF.part1.rar
2013-06-03 11:55 - 2013-06-03 11:37 - 735467520 ____A C:\Users\Jose\Downloads\Defendor[2009]DvDrip-aXXo.avi
2013-05-30 06:51 - 2013-05-12 21:53 - 00000000 ____D C:\Users\Jose\Desktop\sm_semestralna_praca_marcin
2013-05-27 14:02 - 2013-05-27 14:02 - 00000000 ____D C:\Users\Jose\Desktop\cv8_Hash-ovanie
2013-05-24 11:39 - 2013-05-23 23:29 - 00000000 ____D C:\Users\Jose\Downloads\Shameless.US.Season.1.BoRiS
2013-05-23 22:57 - 2013-05-23 20:31 - 00000000 ____D C:\Users\Jose\Downloads\Lucky Number Slevin (2006) [1080p]
2013-05-23 20:24 - 2013-05-23 19:27 - 00000000 ____D C:\Users\Jose\Downloads\Hostel[Unrated][2005]DvDrip.AC3[Eng]-aXXo
2013-05-23 20:19 - 2013-01-23 21:23 - 00000000 ___RD C:\Program Files\Skype
2013-05-23 20:19 - 2011-09-12 21:21 - 00000000 ____D C:\ProgramData\Skype
2013-05-23 19:20 - 2012-02-20 15:04 - 00282296 ____A C:\Windows\System32\PnkBstrB.xtr
2013-05-23 19:20 - 2012-02-20 15:00 - 00139048 ____A C:\Windows\System32\Drivers\PnkBstrK.sys
2013-05-23 19:20 - 2012-02-20 14:59 - 00282296 ____A C:\Windows\System32\PnkBstrB.exe
2013-05-23 19:17 - 2012-02-20 14:59 - 00215128 ____A C:\Windows\System32\PnkBstrB.ex0
2013-05-23 19:12 - 2013-04-23 17:52 - 00000000 ____D C:\Users\Jose\Documents\BFBC2
2013-05-22 11:23 - 2013-05-22 10:42 - 737720320 ____A C:\Users\Jose\Downloads\Bytosť-z-hlbín-2001-(wrw)-tit.CZ.avi
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-TW
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\zh-CN
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\sv-SE
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ru-RU
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pt-PT
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pt-BR
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\pl-PL
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\nl-NL
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\nb-NO
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ko-KR
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\ja-JP
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\it-IT
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\hu-HU
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\fr-FR
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\fi-FI
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\el-GR
2013-05-21 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\System32\de-DE
2013-05-21 21:14 - 2013-05-21 21:14 - 00000000 ____D C:\Users\Jose\Desktop\sm
2013-05-21 09:52 - 2013-05-21 09:51 - 05135666 ____A C:\Users\Jose\Desktop\DO - Pisomky 2012.rar
2013-05-21 09:45 - 2013-05-21 09:45 - 00340815 ____A C:\Users\Jose\Desktop\do2012_simplex.zip
2013-05-21 09:29 - 2013-05-21 09:29 - 01590701 ____A C:\Users\Jose\Desktop\Skusky.zip

Files to move or delete:
====================
C:\Users\Jose\AppData\Roaming\skype.dat
C:\Users\Jose\AppData\Roaming\skype.ini
C:\Users\Jose\Application Data\skype.dat
C:\Users\Jose\Application Data\skype.ini
C:\ProgramData\hash.dat

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {1be6700a-ddb4-11e0-8343-ba75a0c296cf}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {1be6700c-ddb4-11e0-8343-ba75a0c296cf}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {1be6700a-ddb4-11e0-8343-ba75a0c296cf}
nx OptIn

Windows Boot Loader
-------------------
identifier {1be6700c-ddb4-11e0-8343-ba75a0c296cf}
device ramdisk=[C:]\Recovery\1be6700c-ddb4-11e0-8343-ba75a0c296cf\Winre.wim,{1be6700d-ddb4-11e0-8343-ba75a0c296cf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\1be6700c-ddb4-11e0-8343-ba75a0c296cf\Winre.wim,{1be6700d-ddb4-11e0-8343-ba75a0c296cf}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {1be6700a-ddb4-11e0-8343-ba75a0c296cf}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {1be6700d-ddb4-11e0-8343-ba75a0c296cf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\1be6700c-ddb4-11e0-8343-ba75a0c296cf\boot.sdi



LastRegBack: 2013-06-14 07:53

==================== End Of Log ============================

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 09:31
od vyosek
Zdravim a pekny den preji :)

Vas log se studuje Obrázek a pracuje se na nem Obrázek.
Prosim o strpeni!Obrázek

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 09:33
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize
  • Kód: Vybrat vše

    C:\Users\Jose\AppData\Roaming\skype.dat
    C:\Users\Jose\AppData\Roaming\skype.ini
    C:\Users\Jose\Application Data\skype.dat
    C:\Users\Jose\Application Data\skype.ini
    C:\ProgramData\hash.dat
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
    HKCU SearchScopes: DefaultScope {1B72BE01-D481-4F7D-B442-9A8995DB4E84} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
    SearchScopes: HKCU - {1B72BE01-D481-4F7D-B442-9A8995DB4E84} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=
    HKCU\...\Winlogon: [Shell] explorer.exe,C:\Users\Jose\AppData\Roaming\skype.dat <==== ATTENTION
    HKCU\...\Run: [] [x]
    S3 catchme; \??\C:\Users\Jose\AppData\Local\Temp\catchme.sys [x]
    
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny log na flashku k FRST
:arrow: Spustte znovu FRST.exe na tom poskozenem PC
  • Kliknete na Fix
  • Probehne oprava a na flash disku se vytvori log Fixlog.txt
:arrow: Pokuste se nastartovat do bezneho rezimu

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 09:54
od M142
velka vdaka, uz to ide ako ma. este treba nieco spravit?

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 10:05
od vyosek
:arrow: Ano, dejte mi sem log fixlog.txt ktery se vytvoril na flash disku

:arrow: V normalnim rezimu udelejte log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 11:52
od M142
este jedna otazka pred tym ako budeme pokracovat. dneska som planoval preinstalovat si nanovo windows, ale potreboval som sa do pc dostat aby som si mohol zalohovat veci. takze, otazka, su tieto ukony aj tak potrebne? je nejaka moznost, ze si nainfikovane subory prenesiem na externy disk? viete, ak to potrebne nie je, tak to dalej robit nemusime, zbytocne by som vam zabijal cas.

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 12:05
od vyosek
A proc chcete PC preinstalovavat, kdyz jej tu vylecime, vycistime...

Aktivni nakaza by jit v PC byt nemela, nyni to jen chce docistit a pripadne provest nejake drobne opravy...

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 12:10
od M142
pretoze som koli jednemu predmetu potreboval 32 bitovy system, predmet je uspesne za mnou, tak idem na 64 :)

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 12:13
od vyosek
Tak si to preinstalujte tedy...

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 12:16
od M142
dobre teda. vdaka za pomoc!

Re: vir Ministerstva vnutra

Napsal: 20 čer 2013 13:43
od vyosek
Nemate zac, rado se stalo :worship:

A na zaklade Pravidla o zamykani temat :lock: