FB virus

[toka11]

aha tak to je tady

2011/07/18 17:09:38.0132 3416 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/18 17:09:38.0411 3416 ================================================================================
2011/07/18 17:09:38.0411 3416 SystemInfo:
2011/07/18 17:09:38.0411 3416
2011/07/18 17:09:38.0411 3416 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/18 17:09:38.0411 3416 Product type: Workstation
2011/07/18 17:09:38.0411 3416 ComputerName: NEW-COMPUTER
2011/07/18 17:09:38.0411 3416 UserName: Jakub
2011/07/18 17:09:38.0411 3416 Windows directory: C:\Windows
2011/07/18 17:09:38.0411 3416 System windows directory: C:\Windows
2011/07/18 17:09:38.0411 3416 Running under WOW64
2011/07/18 17:09:38.0411 3416 Processor architecture: Intel x64
2011/07/18 17:09:38.0411 3416 Number of processors: 2
2011/07/18 17:09:38.0411 3416 Page size: 0x1000
2011/07/18 17:09:38.0411 3416 Boot type: Normal boot
2011/07/18 17:09:38.0411 3416 ================================================================================
2011/07/18 17:09:39.0506 3416 Initialize success

[stell]

spust este raz , ale pravy klik ako administrator.
navod
2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

[toka11]

aha ze by tohle

2011/07/18 17:11:51.0874 4348 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/18 17:11:52.0429 4348 ================================================================================
2011/07/18 17:11:52.0429 4348 SystemInfo:
2011/07/18 17:11:52.0429 4348
2011/07/18 17:11:52.0429 4348 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/18 17:11:52.0429 4348 Product type: Workstation
2011/07/18 17:11:52.0429 4348 ComputerName: NEW-COMPUTER
2011/07/18 17:11:52.0429 4348 UserName: Jakub
2011/07/18 17:11:52.0429 4348 Windows directory: C:\Windows
2011/07/18 17:11:52.0429 4348 System windows directory: C:\Windows
2011/07/18 17:11:52.0429 4348 Running under WOW64
2011/07/18 17:11:52.0429 4348 Processor architecture: Intel x64
2011/07/18 17:11:52.0429 4348 Number of processors: 2
2011/07/18 17:11:52.0430 4348 Page size: 0x1000
2011/07/18 17:11:52.0430 4348 Boot type: Normal boot
2011/07/18 17:11:52.0430 4348 ================================================================================
2011/07/18 17:11:53.0284 4348 Initialize success
2011/07/18 17:12:04.0279 1152 ================================================================================
2011/07/18 17:12:04.0279 1152 Scan started
2011/07/18 17:12:04.0279 1152 Mode: Manual;
2011/07/18 17:12:04.0279 1152 ================================================================================
2011/07/18 17:12:05.0320 1152 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/18 17:12:05.0384 1152 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/18 17:12:05.0408 1152 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/18 17:12:05.0486 1152 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/18 17:12:05.0533 1152 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/18 17:12:05.0583 1152 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/18 17:12:05.0671 1152 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/07/18 17:12:05.0698 1152 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/07/18 17:12:05.0722 1152 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/18 17:12:05.0757 1152 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/18 17:12:05.0782 1152 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/18 17:12:05.0813 1152 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/18 17:12:05.0876 1152 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2011/07/18 17:12:05.0913 1152 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/18 17:12:05.0942 1152 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2011/07/18 17:12:05.0957 1152 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/07/18 17:12:06.0002 1152 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/18 17:12:06.0031 1152 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/18 17:12:06.0115 1152 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/18 17:12:06.0141 1152 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/18 17:12:06.0215 1152 Avgfwfd (705417fd6c165ccf926aca943b478d68) C:\Windows\system32\DRIVERS\avgfwd6a.sys
2011/07/18 17:12:06.0277 1152 AVGIDSDriver (eee718457f24f2154f23a7fad1a0cea3) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/07/18 17:12:06.0334 1152 AVGIDSEH (1553b388e0f0462c25ad8f30c3c29e83) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/07/18 17:12:06.0355 1152 AVGIDSFilter (dca426a66739e75f51a72160dfb945ad) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/07/18 17:12:06.0410 1152 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
2011/07/18 17:12:06.0447 1152 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
2011/07/18 17:12:06.0467 1152 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
2011/07/18 17:12:06.0502 1152 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
2011/07/18 17:12:06.0566 1152 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/18 17:12:06.0624 1152 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/18 17:12:06.0682 1152 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/18 17:12:06.0726 1152 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/18 17:12:06.0748 1152 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/18 17:12:06.0768 1152 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/18 17:12:06.0786 1152 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/18 17:12:06.0824 1152 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/18 17:12:06.0845 1152 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/18 17:12:06.0869 1152 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/18 17:12:06.0887 1152 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/18 17:12:06.0910 1152 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/18 17:12:06.0948 1152 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/18 17:12:06.0973 1152 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/18 17:12:07.0004 1152 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/18 17:12:07.0108 1152 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/18 17:12:07.0143 1152 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/18 17:12:07.0168 1152 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/18 17:12:07.0235 1152 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/07/18 17:12:07.0257 1152 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/18 17:12:07.0292 1152 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/18 17:12:07.0322 1152 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/18 17:12:07.0375 1152 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/07/18 17:12:07.0423 1152 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/07/18 17:12:07.0452 1152 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/18 17:12:07.0487 1152 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/18 17:12:07.0578 1152 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/18 17:12:07.0625 1152 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/18 17:12:07.0728 1152 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/18 17:12:07.0806 1152 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/18 17:12:07.0836 1152 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/18 17:12:07.0881 1152 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/18 17:12:07.0910 1152 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/18 17:12:07.0935 1152 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/18 17:12:07.0971 1152 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/18 17:12:07.0995 1152 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/18 17:12:08.0188 1152 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/18 17:12:08.0214 1152 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/07/18 17:12:08.0244 1152 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/18 17:12:08.0265 1152 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/18 17:12:08.0303 1152 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/18 17:12:08.0321 1152 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/18 17:12:08.0392 1152 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
2011/07/18 17:12:08.0443 1152 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/18 17:12:08.0499 1152 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/18 17:12:08.0570 1152 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/07/18 17:12:08.0604 1152 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/18 17:12:08.0618 1152 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/18 17:12:08.0650 1152 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/18 17:12:08.0681 1152 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/18 17:12:08.0770 1152 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/18 17:12:08.0808 1152 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/18 17:12:08.0853 1152 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/07/18 17:12:08.0883 1152 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/18 17:12:08.0917 1152 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/18 17:12:08.0953 1152 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/07/18 17:12:09.0008 1152 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/18 17:12:09.0127 1152 IntcAzAudAddService (49a81307e807c0eaad6510589dd92a3d) C:\Windows\system32\drivers\RTKVHD64.sys
2011/07/18 17:12:09.0156 1152 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/18 17:12:09.0181 1152 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/18 17:12:09.0205 1152 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/18 17:12:09.0237 1152 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/18 17:12:09.0256 1152 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/18 17:12:09.0286 1152 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/18 17:12:09.0313 1152 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/18 17:12:09.0372 1152 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/18 17:12:09.0447 1152 JRAID (db85fe8d6cbaa2047cb4da1b2c193d76) C:\Windows\system32\DRIVERS\jraid.sys
2011/07/18 17:12:09.0473 1152 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/18 17:12:09.0494 1152 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/18 17:12:09.0523 1152 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/18 17:12:09.0549 1152 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/18 17:12:09.0569 1152 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/18 17:12:09.0641 1152 L8042Kbd (f33c5d79d3273530e1892a0922283a7b) C:\Windows\system32\DRIVERS\L8042Kbd.sys
2011/07/18 17:12:09.0679 1152 L8042mou (a6fe2e63441094074f57243fb0fdb45a) C:\Windows\system32\DRIVERS\L8042mou.Sys
2011/07/18 17:12:09.0745 1152 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/07/18 17:12:09.0770 1152 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/18 17:12:09.0826 1152 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/07/18 17:12:09.0865 1152 LMouKE (f518c34c137348b7dbe5343acc646a1c) C:\Windows\system32\DRIVERS\LMouKE.Sys
2011/07/18 17:12:09.0916 1152 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/18 17:12:09.0938 1152 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/18 17:12:09.0954 1152 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/18 17:12:09.0976 1152 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/18 17:12:09.0999 1152 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/18 17:12:10.0044 1152 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\Windows\system32\Drivers\LUsbFilt.Sys
2011/07/18 17:12:10.0113 1152 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/07/18 17:12:10.0189 1152 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/18 17:12:10.0219 1152 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/18 17:12:10.0262 1152 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/18 17:12:10.0296 1152 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/18 17:12:10.0321 1152 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/18 17:12:10.0343 1152 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/18 17:12:10.0366 1152 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/07/18 17:12:10.0393 1152 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/18 17:12:10.0418 1152 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/18 17:12:10.0453 1152 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/18 17:12:10.0484 1152 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/18 17:12:10.0510 1152 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/18 17:12:10.0535 1152 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/18 17:12:10.0550 1152 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/18 17:12:10.0583 1152 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/18 17:12:10.0620 1152 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/18 17:12:10.0640 1152 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/18 17:12:10.0695 1152 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/18 17:12:10.0743 1152 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/18 17:12:10.0760 1152 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/18 17:12:10.0784 1152 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/18 17:12:10.0867 1152 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/07/18 17:12:10.0901 1152 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/18 17:12:10.0946 1152 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/18 17:12:10.0993 1152 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/18 17:12:11.0059 1152 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/18 17:12:11.0102 1152 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/18 17:12:11.0209 1152 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/07/18 17:12:11.0241 1152 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/18 17:12:11.0271 1152 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/18 17:12:11.0306 1152 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/18 17:12:11.0337 1152 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/18 17:12:11.0357 1152 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/07/18 17:12:11.0380 1152 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/18 17:12:11.0409 1152 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/18 17:12:11.0453 1152 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/18 17:12:11.0483 1152 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/18 17:12:11.0512 1152 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/18 17:12:11.0568 1152 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2011/07/18 17:12:11.0741 1152 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/18 17:12:11.0792 1152 NVHDA (960e39a54e525df58cb29193147dffa1) C:\Windows\system32\drivers\nvhda64v.sys
2011/07/18 17:12:12.0162 1152 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/07/18 17:12:12.0278 1152 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/07/18 17:12:12.0319 1152 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2011/07/18 17:12:12.0369 1152 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/07/18 17:12:12.0394 1152 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/18 17:12:12.0484 1152 PAC207 (e55fdedb0ac89b41970aae0f44fc2dca) C:\Windows\system32\DRIVERS\PFC027.SYS
2011/07/18 17:12:12.0537 1152 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/18 17:12:12.0557 1152 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/07/18 17:12:12.0589 1152 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/07/18 17:12:12.0609 1152 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/07/18 17:12:12.0638 1152 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/18 17:12:12.0692 1152 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
2011/07/18 17:12:12.0719 1152 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/18 17:12:12.0752 1152 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/18 17:12:12.0849 1152 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/18 17:12:12.0875 1152 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/18 17:12:12.0923 1152 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/18 17:12:12.0980 1152 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/18 17:12:13.0014 1152 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/18 17:12:13.0046 1152 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/18 17:12:13.0068 1152 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/18 17:12:13.0126 1152 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/18 17:12:13.0157 1152 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/18 17:12:13.0180 1152 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/18 17:12:13.0205 1152 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/18 17:12:13.0229 1152 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/18 17:12:13.0253 1152 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/18 17:12:13.0268 1152 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/18 17:12:13.0309 1152 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/07/18 17:12:13.0337 1152 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/18 17:12:13.0369 1152 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/18 17:12:13.0404 1152 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/07/18 17:12:13.0432 1152 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/07/18 17:12:13.0502 1152 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/18 17:12:13.0556 1152 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/07/18 17:12:13.0583 1152 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/18 17:12:13.0667 1152 SCDEmu (07237c66e05da6778e9f3cb67fa00736) C:\Windows\system32\drivers\SCDEmu.sys
2011/07/18 17:12:13.0691 1152 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/18 17:12:13.0732 1152 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/18 17:12:13.0770 1152 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/18 17:12:13.0791 1152 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/18 17:12:13.0814 1152 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/18 17:12:13.0873 1152 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/07/18 17:12:13.0908 1152 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/07/18 17:12:13.0927 1152 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/07/18 17:12:13.0948 1152 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/18 17:12:13.0979 1152 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/18 17:12:13.0995 1152 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/18 17:12:14.0030 1152 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/18 17:12:14.0093 1152 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/18 17:12:14.0169 1152 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/07/18 17:12:14.0169 1152 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/07/18 17:12:14.0175 1152 sptd - detected LockedFile.Multi.Generic (1)
2011/07/18 17:12:14.0241 1152 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys
2011/07/18 17:12:14.0269 1152 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/18 17:12:14.0297 1152 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/18 17:12:14.0348 1152 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/18 17:12:14.0413 1152 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/07/18 17:12:14.0447 1152 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/07/18 17:12:14.0473 1152 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/18 17:12:14.0575 1152 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys
2011/07/18 17:12:14.0634 1152 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/18 17:12:14.0700 1152 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/18 17:12:14.0731 1152 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/18 17:12:14.0747 1152 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/18 17:12:14.0776 1152 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/18 17:12:14.0803 1152 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/18 17:12:14.0855 1152 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/18 17:12:14.0896 1152 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/18 17:12:14.0919 1152 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/18 17:12:14.0952 1152 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/18 17:12:15.0003 1152 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/18 17:12:15.0032 1152 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/18 17:12:15.0058 1152 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/18 17:12:15.0090 1152 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/18 17:12:15.0123 1152 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/18 17:12:15.0149 1152 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/18 17:12:15.0177 1152 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/18 17:12:15.0200 1152 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/07/18 17:12:15.0238 1152 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/18 17:12:15.0280 1152 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/18 17:12:15.0303 1152 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/18 17:12:15.0320 1152 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/18 17:12:15.0445 1152 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/18 17:12:15.0491 1152 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/18 17:12:15.0513 1152 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/18 17:12:15.0539 1152 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/18 17:12:15.0566 1152 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/18 17:12:15.0588 1152 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/07/18 17:12:15.0612 1152 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/07/18 17:12:15.0666 1152 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/18 17:12:15.0698 1152 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/07/18 17:12:15.0727 1152 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/18 17:12:15.0759 1152 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/18 17:12:15.0818 1152 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/07/18 17:12:15.0853 1152 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/18 17:12:15.0903 1152 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/18 17:12:15.0925 1152 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/18 17:12:15.0973 1152 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/18 17:12:16.0014 1152 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/18 17:12:16.0077 1152 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/18 17:12:16.0092 1152 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/18 17:12:16.0205 1152 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/18 17:12:16.0239 1152 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/18 17:12:16.0302 1152 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/18 17:12:16.0346 1152 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/07/18 17:12:16.0389 1152 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/18 17:12:16.0470 1152 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/07/18 17:12:16.0492 1152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/18 17:12:16.0511 1152 Boot (0x1200) (b8a805e8bd5a02e26ec0945efa4c744a) \Device\Harddisk0\DR0\Partition0
2011/07/18 17:12:16.0521 1152 ================================================================================
2011/07/18 17:12:16.0521 1152 Scan finished
2011/07/18 17:12:16.0521 1152 ================================================================================
2011/07/18 17:12:16.0533 3852 Detected object count: 1
2011/07/18 17:12:16.0533 3852 Actual detected object count: 1
2011/07/18 17:12:46.0711 3852 LockedFile.Multi.Generic(sptd) - User select action: Skip

[stell]

ok, vycisti Temp TFC a CCleaner ako je v navode. a potom vloz sem log z combofixu
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

[toka11]

ComboFix 11-07-18.01 - Jakub 18.07.2011 17:25:29.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6142.4331 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
C:\test.txt
c:\users\Jakub\AppData\Roaming\inst.exe
c:\users\Michael\AppData\Roaming\chrtmp
c:\users\Michael\AppData\Roaming\Norton Removal Tool 2010.0.0.98.exe
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\rpcminer.rar
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\SysWow64\Nagasoft
c:\windows\SysWow64\Nagasoft\Codecs\asyncflt.ax
c:\windows\SysWow64\Nagasoft\Codecs\atrc.dll
c:\windows\SysWow64\Nagasoft\Codecs\cook.dll
c:\windows\SysWow64\Nagasoft\Codecs\drvc.dll
c:\windows\SysWow64\Nagasoft\Codecs\raac.dll
c:\windows\SysWow64\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\SysWow64\Nagasoft\Codecs\WMFDemux.dll
c:\windows\SysWow64\Nagasoft\GifShower.dll
c:\windows\SysWow64\Nagasoft\vjocx.dll
c:\windows\UA000106.DLL
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-18 do 2011-07-18 )))))))))))))))))))))))))))))))
.
.
2011-07-18 15:30 . 2011-07-18 15:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-18 15:30 . 2011-07-18 15:30 -------- d-----w- c:\users\Pocitac\AppData\Local\temp
2011-07-18 15:00 . 2011-07-18 15:00 -------- d-----w- c:\program files\CCleaner
2011-07-18 14:52 . 2011-07-18 15:31 -------- d-----w- c:\users\Jakub\AppData\Local\VirtualStore
2011-07-18 13:41 . 2011-07-18 13:41 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2011-07-18 13:40 . 2011-07-18 13:40 -------- d-----w- c:\programdata\Malwarebytes
2011-07-18 13:40 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-18 13:40 . 2011-07-18 14:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-18 13:40 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-18 11:42 . 2011-07-18 11:45 -------- d-----w- c:\program files\trend micro
2011-07-18 11:42 . 2011-07-18 11:43 -------- d-----w- C:\rsit
2011-07-18 11:01 . 2011-07-18 11:01 301568 ----a-w- c:\windows\SysWow64\cmd.execf
2011-07-18 10:48 . 2011-07-18 10:48 -------- d-----w- c:\users\Jakub\AppData\Roaming\AVG10
2011-07-18 10:47 . 2011-07-18 10:47 -------- d--h--w- c:\programdata\Common Files
2011-07-18 10:43 . 2011-07-18 10:46 -------- d-----w- c:\windows\system32\drivers\AVG
2011-07-18 10:30 . 2011-07-18 14:48 -------- d--h--w- c:\windows\update.tray-12-0
2011-07-18 10:30 . 2011-07-18 14:48 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-07-18 10:24 . 2011-07-18 10:46 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2011-07-18 10:15 . 2011-07-18 10:48 -------- d-----w- c:\programdata\MFAData
2011-07-18 10:15 . 2011-07-18 10:15 -------- d-----w- c:\windows\rpcminer
2011-07-18 10:15 . 2011-07-18 10:15 -------- d-----w- c:\windows\ufa
2011-07-18 10:15 . 2011-07-18 10:15 -------- d-----w- c:\windows\phoenix
2011-07-18 10:15 . 2011-07-18 10:58 246272 ----a-w- c:\windows\unrar.exe
2011-07-18 10:07 . 2011-07-18 10:07 -------- d-----w- c:\windows\av_ico
2011-07-18 10:05 . 2011-07-18 14:48 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-18 10:05 . 2011-07-18 14:48 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-07-13 10:51 . 2011-07-13 10:51 -------- d-----w- c:\programdata\BDE
2011-07-13 10:51 . 2011-07-13 10:51 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2011-07-13 10:51 . 1999-11-12 02:11 183808 ----a-w- c:\windows\SysWow64\BDEADMIN.CPL
2011-07-13 10:50 . 2008-10-29 14:34 343216 ----a-w- c:\windows\SysWow64\KeyHelp.ocx
2011-07-13 10:50 . 2011-07-13 10:51 -------- d-----w- c:\program files (x86)\MRP
2011-07-13 10:49 . 2011-07-13 10:49 -------- d-----w- C:\MrpWin
2011-06-30 09:11 . 2011-06-30 09:11 -------- d-----w- c:\programdata\HPSS
2011-06-30 09:11 . 2011-06-30 09:11 -------- d-----w- c:\users\Jakub\AppData\Roaming\HP SimpleSave Application
2011-06-30 09:11 . 2011-06-30 09:11 -------- d-----w- c:\users\Jakub\AppData\Roaming\HPSS
2011-06-26 11:05 . 2011-06-26 11:05 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-06-26 11:05 . 2011-06-26 11:05 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-06-25 08:17 . 2011-06-25 08:17 -------- d-----w- c:\users\Jakub\AppData\Local\LucasArts
2011-06-20 15:41 . 2011-06-20 15:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-04 11:43 . 2010-09-18 09:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-09-18 09:53 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-22 19:33 253888 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-06-06 13:29 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-09-18 09:54 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-09-18 09:54 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-09-18 09:54 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-09-18 09:54 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-09-18 09:54 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-04 16:27 . 2011-06-04 16:26 25640 ----a-w- c:\windows\gdrv.sys
2011-05-25 07:25 . 2011-06-02 15:21 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-05-25 07:25 . 2011-06-02 15:21 174184 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-05-25 07:25 . 2011-06-01 12:10 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-25 07:25 . 2011-03-20 15:34 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:25 . 2011-03-20 15:34 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:25 . 2011-03-20 15:33 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-25 07:25 . 2009-06-10 08:38 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:25 . 2011-03-20 15:34 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:25 . 2011-03-20 15:33 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:25 . 2011-03-20 15:33 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-25 07:25 . 2011-06-02 15:21 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-02 15:21 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-25 07:25 . 2011-06-01 12:03 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-25 07:25 . 2011-06-02 15:21 22286952 ----a-w- c:\windows\system32\nvoglv64.dll
2011-05-25 07:25 . 2011-06-01 12:03 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-25 07:25 . 2011-06-02 15:21 16456296 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-05-25 07:25 . 2011-06-02 15:21 13206120 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-25 07:25 . 2011-06-02 15:21 15223912 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-05-25 07:25 . 2011-06-02 15:21 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll
2011-05-25 07:25 . 2011-06-02 15:21 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll
2011-05-25 07:25 . 2011-06-01 12:03 11992680 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-25 07:25 . 2011-06-02 15:21 7123560 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-06-02 15:21 5301352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-05-25 07:25 . 2011-06-02 15:21 2943592 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-06-02 15:21 2804328 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-05-25 07:25 . 2011-06-02 15:21 2212968 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-02 15:21 2082408 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-02 15:21 18583144 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-06-02 15:21 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-05-25 07:25 . 2011-06-01 12:03 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-25 07:25 . 2009-06-10 17:33 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2010-01-27 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ICQ"="c:\program files (x86)\ICQ7.4\ICQ.exe" [2011-04-09 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"eurobattlegui"="c:\program files\Warcraft III\eb.exe" [2009-10-22 757760]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
c:\users\Pocitac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-10 1207312]
NCProTray.lnk - c:\program files (x86)\SEC\Natural Color Pro\NCProTray.exe [2009-11-25 49220]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG10\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [x]
R2 gupdate1cac2fffda354ac;Služba Google Update (gupdate1cac2fffda354ac);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 133104]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 133104]
R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys [x]
R3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 BackupService;BackupService;c:\users\Jakub\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 22:53]
.
2011-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 22:53]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF10933.cfxxe" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 8317472]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert link target to existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Prevést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést cíl vazby do existujícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stávajícího PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files (x86)\ICQ7.4\ICQ.exe
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files (x86)\PokerStars.NET\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\bijvfwze.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
.
------- Asociace souborů -------
.
txtfile="c:\program files (x86)\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files (x86)\Ask.com\GenericAskToolbar.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
Wow6432Node-HKLM-Run-tray_ico - (no file)
Wow6432Node-HKLM-Run-tray_ico2 - (no file)
Wow6432Node-HKLM-Run-tray_ico3 - (no file)
Wow6432Node-HKLM-Run-tray_ico4 - (no file)
Wow6432Node-HKLM-Run-AVG_TRAY - c:\program files (x86)\AVG\AVG10\avgtray.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\Alwil Software\Avast5\ashShA64.dll
AddRemove-avast - c:\program files\Alwil Software\Avast5\aswRunDll.exe
AddRemove-Google Chrome - c:\users\Michael\AppData\Local\Google\Chrome\Application\3.0.195.33\Installer\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Lavasoft\Ad-Aware\aawservice.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Celkový čas: 2011-07-18 17:38:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-18 15:38
.
Před spuštěním: Volných bajtů: 106 111 139 840
Po spuštění: Volných bajtů: 116 968 914 944
.
- - End Of File - - F810BF053B76600EE6AAF1B82F854BEB

[stell]

Takto aky antivirak pouzivas, nakolko tam vidim ovladace AVG aj AVAST,

Otestuj na www.virustotl.com.
c:\program files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys
c:\windows\system32\user32.dll

ak vypise ze subor uz bol testovany, daj reanalyse, linky z testov vloz sem.

[toka11]

avasta, AVG sem jen zkousel protoze mi tenhle "hajzlik" vymazal avasta a on mi pak vymazal i to AVG

c:\windows\system32\user32.dll
http://www.virustotal.com/file-scan/rea ... 1311004979
http://www.virustotal.com/file-scan/rep ... 1311004736

c:\program files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys a tenhle mi to v kompu ani nenaslo

[stell]

c:\windows\system32\user32.dll
daj na virustotalu REANALYSE, vsak som ti pisal.

[toka11]

to je ten druhej odkaz a nebo sem to teda udelal jeste jednou tady: http://www.virustotal.com/file-scan/rep ... 1311004671

[stell]

dobre
1:Pouzi AVG uninstaller
http://www.avg.com/download-tools

2:Odinstaluj combofix
Stlac winlogo+R a skopiruj tento prikaz do okna
combofix /uninstall

3:Odinstaluj program
program files (x86)\Lavasoft\Ad-Aware

4: miesto AVG nainstaluj FREE AVIRU alebo AVASTA.

a napis ako sa chova pc

[toka11]

vypada to dobre, dik moc za pomoc

[stell]

Nemas zaco

[Eastonko]

ahoj stell prosimta vedel by si mi poradit mne sa pc nerestartuje ale mam vypaty antivirak a su problemy. Lenze mam problemy s krokom 5 malwarebytesy stiahnem nainstalujem aktualizujem ale ako zacne kontrola po par sekundach sa hodi cele okno len na ikonku v pravo dole k hodinam a uz stym nic nejde. Potom dalsie pokusy hadze tabulku ze nemam opravnenie. Som na win XP skusal som to aj v normalnom aj nudzovom rezime.

[stell]

ahoj
Stiahni tento subor
http://malwarebytes.org/mbam-download-exe-random.php

skopiruj to do zlozky
C:\Program Files\Malwarebytes Anti-Malware
2x klikni na stiahnuty .exe a cakaj, ci sa spusti, ak nie este raz spust ROGUE KILLER, stlac2 enter, a potom znova spust stiahnute .exe/
ak nieco tak napis.

[stell]

Ak nedokazes ani tak, v nudzovom rezime spust combofix
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix

ja tu budem tak o 1-2 h, nakolko pocitac ide okupovat vnuk,