pomalý internet

Zpráva

2marcin · #1 Příspěvek od **2marcin** » 03 pro 2011 19:03

dobý deň prosím o radu mám optiku internet od Antiku a rýchlosť je iba nejakých 25 Mbit namiesto 70Mbit na PC pripojenie káblom cez router skúsil som pripojiť notebook na kábel a rýchlosť bola ok 66Mbit
a dosť často mi vyhadzuje bublinu nedostatok miesta na disku C
posielam log

Logfile of random's system information tool 1.09 (written by random/random)
Run by marika at 2011-12-02 16:14:18
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 419 MB (4%) free of 10 GB
Total RAM: 511 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:14:34, on 2.12.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\marika\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\marika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1392740
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FamilyKeyLogger] C:\Program Files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Program files\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Kalendár.lnk = C:\WINDOWS\MENINY.EXE
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 6441 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Defender BHO - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-11-14 1144784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Defender - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-11-14 1144784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"=sstray.exe /r []
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"Nero DriveSpeed"=C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE [2004-12-18 593920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"FamilyKeyLogger"=C:\Program Files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe [2003-01-31 70144]
"reset"=regedit /s reset.reg []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-09-27 894304]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-22 2779824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\marika\Nabídka Start\Programy\Po spuštění
Kalendár.lnk - C:\WINDOWS\MENINY.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\ROUTE66\ROUTE66Sync.exe"="D:\Program Files\ROUTE66\ROUTE66Sync.exe:*:Disabled:ROUTE 66 Sync"
"C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Disabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Ferguson\18 Wheels of Steel Haulin\Aphex.exe"="D:\Ferguson\18 Wheels of Steel Haulin\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Program files\Hamachi\hamachi.exe"="D:\Program files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Documents and Settings\marika\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\marika\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-02 16:14:20 ----D---- C:\Program Files\trend micro
2011-12-02 16:14:18 ----D---- C:\rsit
2011-12-02 15:25:55 ----D---- C:\WINDOWS\temp
2011-12-02 15:25:52 ----A---- C:\ComboFix.txt
2011-11-30 21:23:57 ----A---- C:\Boot.bak
2011-11-30 21:23:50 ----RASHD---- C:\cmdcons
2011-11-30 21:20:30 ----A---- C:\WINDOWS\zip.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWSC.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWREG.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\sed.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\PEV.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\NIRCMD.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\MBR.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\grep.exe
2011-11-30 21:18:34 ----D---- C:\WINDOWS\ERDNT
2011-11-30 21:18:25 ----D---- C:\Qoobox
2011-11-29 15:53:23 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-11-29 15:53:22 ----D---- C:\Documents and Settings\marika\Data aplikací\Spyware Terminator
2011-11-29 15:53:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-11-29 15:53:15 ----D---- C:\Program Files\Spyware Terminator
2011-11-29 15:24:50 ----A---- C:\WINDOWS\system32\drivers\PCTBD.sys
2011-11-29 15:24:47 ----A---- C:\WINDOWS\BDTSupport.dll
2011-11-29 15:24:45 ----A---- C:\WINDOWS\SGDetectionTool.dll
2011-11-29 15:24:44 ----A---- C:\WINDOWS\PCTBDRes.dll
2011-11-29 15:24:44 ----A---- C:\WINDOWS\PCTBDCore.dll
2011-11-29 15:23:22 ----D---- C:\Program Files\PC Tools
2011-11-29 15:20:08 ----A---- C:\WINDOWS\system32\drivers\Cat.DB
2011-11-29 15:18:53 ----D---- C:\Program Files\Common Files\PC Tools
2011-11-29 15:18:53 ----A---- C:\WINDOWS\system32\drivers\PCTSD.sys
2011-11-29 15:17:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2011-11-29 15:17:55 ----D---- C:\Documents and Settings\marika\Data aplikací\TestApp
2011-11-06 11:19:53 ----D---- C:\Documents and Settings\marika\Data aplikací\Search Settings
2011-11-06 11:19:47 ----D---- C:\Program Files\Application Updater
2011-11-06 11:19:46 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 month======

2011-12-02 16:14:20 ----RD---- C:\Program Files
2011-12-02 15:48:52 ----A---- C:\WINDOWS\WINCMD.INI
2011-12-02 15:44:34 ----D---- C:\WINDOWS
2011-12-02 15:24:47 ----SD---- C:\WINDOWS\Tasks
2011-12-02 15:21:58 ----A---- C:\WINDOWS\system.ini
2011-12-02 15:17:19 ----D---- C:\WINDOWS\system32\drivers
2011-12-02 15:17:19 ----D---- C:\WINDOWS\system32
2011-12-02 15:17:19 ----D---- C:\WINDOWS\AppPatch
2011-12-02 15:17:14 ----D---- C:\Program Files\Common Files
2011-12-02 15:10:09 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-02 15:09:48 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-02 14:57:43 ----D---- C:\WINDOWS\system32\ias
2011-12-02 14:57:39 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt
2011-12-02 14:57:38 ----A---- C:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt
2011-12-02 14:57:37 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt
2011-12-02 14:54:56 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-12-02 14:54:53 ----A---- C:\WINDOWS\win.ini
2011-12-01 15:57:58 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-30 21:36:17 ----D---- C:\WINDOWS\system32\wbem
2011-11-30 21:35:44 ----D---- C:\WINDOWS\CSC
2011-11-30 21:23:57 ----RASH---- C:\boot.ini
2011-11-30 20:40:27 ----D---- C:\WINDOWS\Prefetch
2011-11-29 17:04:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-29 16:26:38 ----D---- C:\WINDOWS\afbgc
2011-11-29 15:37:29 ----SHD---- C:\WINDOWS\Installer
2011-11-29 15:24:00 ----D---- C:\WINDOWS\WinSxS
2011-11-29 15:20:11 ----SHD---- C:\System Volume Information
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-25 19:25:09 ----A---- C:\WINDOWS\NeroDigital.ini
2011-11-14 20:15:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2011-11-05 12:17:27 ----D---- C:\Program Files\Opera
2011-11-05 12:07:02 ----D---- C:\WINDOWS\Microsoft.NET
2011-11-05 12:06:58 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-03-19 18688]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-03-07 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 afbgc;afbgc; C:\WINDOWS\system32\drivers\afbgc.sys [2007-09-12 194336]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-26 51072]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 catchme;catchme; \??\C:\DOCUME~1\marika\LOCALS~1\Temp\catchme.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-09-22 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 ICDUSB2;Sony IC Recorder (ST); C:\WINDOWS\System32\Drivers\ICDUSB2.sys [2002-11-28 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\WINDOWS\System32\Drivers\PCTBD.sys [2011-09-28 56840]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2011-11-14 546768]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-11-22 482992]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-25 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-25 136176]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 03 pro 2011 19:27

Zdravím!
Málo místa na diku opravdu máte:

Logfile of random's system information tool 1.09 (written by random/random)
Run by marika at 2011-12-02 16:14:18
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 419 MB (4%) free of 10 GB
Total RAM: 511 MB (27% free)

PC vyčistěte od balastu CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a odinstalujte vše, co je zbytečné a nepotřebné. Pak dejte nový log RSIT.

2marcin · #3 Příspěvek od **2marcin** » 04 pro 2011 12:30

Pekný deň
Pc čistím CCleanerom skoro každý deň a stále odstráni len malú časť niečo sa uvolní ale furt málo..
Ide mi o to že pripojenie na internet je značne spomaľované a aj samotný počítač
a či nemám to nejako zavirené a niečo zaplňa disk datami posielam nový log po vyčistení.
a teraz miesta skoro vôbec

Ďakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by marika at 2011-12-04 12:29:36
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 44 MB (0%) free of 10 GB
Total RAM: 511 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:29:40, on 4.12.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
C:\Program Files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\WINDOWS\system32\ntvdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\marika\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\marika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1392740
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Nero DriveSpeed] C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FamilyKeyLogger] C:\Program Files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Program files\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Kalendár.lnk = C:\WINDOWS\MENINY.EXE
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5842 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"=sstray.exe /r []
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"Nero DriveSpeed"=C:\PROGRA~1\Ahead\NEROTO~1\DRIVES~1.EXE [2004-12-18 593920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"FamilyKeyLogger"=C:\Program Files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe [2003-01-31 70144]
"reset"=regedit /s reset.reg []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-09-27 894304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\marika\Nabídka Start\Programy\Po spuštění
Kalendár.lnk - C:\WINDOWS\MENINY.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\ROUTE66\ROUTE66Sync.exe"="D:\Program Files\ROUTE66\ROUTE66Sync.exe:*:Disabled:ROUTE 66 Sync"
"C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe"="C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Disabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Ferguson\18 Wheels of Steel Haulin\Aphex.exe"="D:\Ferguson\18 Wheels of Steel Haulin\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Program files\Hamachi\hamachi.exe"="D:\Program files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Documents and Settings\marika\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\marika\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-12-04 11:06:55 ----SHD---- C:\RECYCLER
2011-12-03 20:00:08 ----D---- C:\Program Files\MSXML 4.0
2011-12-03 19:53:51 ----ASH---- C:\pagefile.sys
2011-12-02 16:14:20 ----D---- C:\Program Files\trend micro
2011-12-02 16:14:18 ----D---- C:\rsit
2011-12-02 15:25:55 ----D---- C:\WINDOWS\temp
2011-12-02 15:25:52 ----A---- C:\ComboFix.txt
2011-11-30 21:23:57 ----A---- C:\Boot.bak
2011-11-30 21:23:50 ----RASHD---- C:\cmdcons
2011-11-30 21:20:30 ----A---- C:\WINDOWS\zip.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWSC.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\SWREG.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\sed.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\PEV.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\NIRCMD.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\MBR.exe
2011-11-30 21:20:30 ----A---- C:\WINDOWS\grep.exe
2011-11-30 21:18:34 ----D---- C:\WINDOWS\ERDNT
2011-11-30 21:18:25 ----D---- C:\Qoobox
2011-11-29 15:53:23 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-11-29 15:20:08 ----A---- C:\WINDOWS\system32\drivers\Cat.DB
2011-11-29 15:18:53 ----D---- C:\Program Files\Common Files\PC Tools
2011-11-29 15:18:53 ----A---- C:\WINDOWS\system32\drivers\PCTSD.sys
2011-11-29 15:17:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2011-11-29 15:17:55 ----D---- C:\Documents and Settings\marika\Data aplikací\TestApp
2011-11-06 11:19:53 ----D---- C:\Documents and Settings\marika\Data aplikací\Search Settings
2011-11-06 11:19:47 ----D---- C:\Program Files\Application Updater
2011-11-06 11:19:46 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 month======

2011-12-04 12:29:39 ----D---- C:\WINDOWS\Prefetch
2011-12-04 12:02:46 ----D---- C:\WINDOWS
2011-12-04 12:01:50 ----RD---- C:\Program Files
2011-12-04 11:49:57 ----A---- C:\WINDOWS\WINCMD.INI
2011-12-04 11:47:40 ----D---- C:\WINDOWS\system32\ias
2011-12-04 11:47:37 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem.txt
2011-12-04 11:47:37 ----A---- C:\WINDOWS\ModemLog_Bluetooth LAP Modem #2.txt
2011-12-04 11:47:36 ----A---- C:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt
2011-12-04 11:47:08 ----A---- C:\WINDOWS\win.ini
2011-12-04 11:46:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-04 11:45:50 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-12-04 11:45:47 ----D---- C:\WINDOWS\system32\drivers
2011-12-04 11:39:46 ----D---- C:\WINDOWS\system32
2011-12-03 21:15:42 ----SHD---- C:\WINDOWS\Installer
2011-12-03 20:03:00 ----HD---- C:\WINDOWS\inf
2011-12-03 20:03:00 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-03 20:01:39 ----D---- C:\WINDOWS\system32\CatRoot_bak
2011-12-03 20:01:09 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-03 20:00:08 ----D---- C:\WINDOWS\WinSxS
2011-12-03 19:25:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-03 19:08:25 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-02 15:24:47 ----SD---- C:\WINDOWS\Tasks
2011-12-02 15:21:58 ----A---- C:\WINDOWS\system.ini
2011-12-02 15:17:19 ----D---- C:\WINDOWS\AppPatch
2011-12-02 15:17:14 ----D---- C:\Program Files\Common Files
2011-12-01 15:57:58 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-30 21:36:17 ----D---- C:\WINDOWS\system32\wbem
2011-11-30 21:35:44 ----D---- C:\WINDOWS\CSC
2011-11-30 21:23:57 ----RASH---- C:\boot.ini
2011-11-29 16:26:38 ----D---- C:\WINDOWS\afbgc
2011-11-29 15:20:11 ----SHD---- C:\System Volume Information
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-25 19:25:09 ----A---- C:\WINDOWS\NeroDigital.ini
2011-11-14 20:15:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2011-11-05 12:17:27 ----D---- C:\Program Files\Opera
2011-11-05 12:07:02 ----D---- C:\WINDOWS\Microsoft.NET
2011-11-05 12:06:58 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-03-19 18688]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-03-07 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 afbgc;afbgc; C:\WINDOWS\system32\drivers\afbgc.sys [2007-09-12 194336]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2010-03-26 51072]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 AVCSTRM;AVC Streaming Filter Driver; C:\WINDOWS\system32\DRIVERS\avcstrm.sys [2004-08-03 13696]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\marika\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-09-22 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 ICDUSB2;Sony IC Recorder (ST); C:\WINDOWS\System32\Drivers\ICDUSB2.sys [2002-11-28 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSTAPE;Microsoft AV/C Tape Subunit Device; C:\WINDOWS\system32\DRIVERS\mstape.sys [2004-08-03 49024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WinUSB;Sony Ericsson USB Device sa0101 Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-09-27 745880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-25 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-25 136176]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 04 pro 2011 17:52

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

2marcin · #5 Příspěvek od **2marcin** » 04 pro 2011 18:37

posielam log Combofixu

ComboFix 11-12-02.01 - marika 02.12.2011 15:11:29.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.327 [GMT 1:00]
Spuštěný z: c:\documents and settings\marika\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files\Dealio Toolbar\IE\4.7\config.ini
c:\program files\Dealio Toolbar\IE\4.7\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\btnClose.gif
c:\program files\Dealio Toolbar\Res\btnMinimize.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\facebook.gif
c:\program files\Dealio Toolbar\Res\googleplus.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\Lang\res1031.ini
c:\program files\Dealio Toolbar\Res\Lang\res1033.ini
c:\program files\Dealio Toolbar\Res\Lang\res1034.ini
c:\program files\Dealio Toolbar\Res\Lang\res1036.ini
c:\program files\Dealio Toolbar\Res\Lang\res1040.ini
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\radiobeta.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_baidu.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\search_yandex.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\twitter.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\windows\system32\28463\akv.cfg
c:\windows\system32\28463\key.bin
c:\windows\system32\28463\OLHL.001
c:\windows\system32\28463\OLHL.002
c:\windows\system32\CddbCdda.dll
.
-- Předchozí spuštění --
.
Nakažená kopie c:\windows\system32\notepad.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NOTEPAD.EXE
.
Nakažená kopie c:\windows\system32\notepad.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NOTEPAD.EXE
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
Nakažená kopie c:\windows\system32\notepad.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NOTEPAD.EXE
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
Nakažená kopie c:\windows\system32\wbem\WMIPRVSE.EXE byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\wmiprvse.exe
.
--------
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-02 do 2011-12-02 )))))))))))))))))))))))))))))))
.
.
2011-11-29 14:53 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-11-29 14:53 . 2011-11-29 16:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-11-29 14:53 . 2011-11-29 14:53 -------- d-----w- c:\documents and settings\marika\Data aplikací\Spyware Terminator
2011-11-29 14:53 . 2011-11-29 14:53 -------- d-----w- c:\program files\Spyware Terminator
2011-11-29 14:24 . 2011-09-28 12:14 56840 ----a-w- c:\windows\system32\drivers\PCTBD.sys
2011-11-29 14:24 . 2011-11-14 15:06 767952 ----a-w- c:\windows\BDTSupport.dll
2011-11-29 14:24 . 2011-11-14 15:07 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-11-29 14:24 . 2011-11-14 15:07 2246608 ----a-w- c:\windows\PCTBDCore.dll
2011-11-29 14:24 . 2011-11-14 15:07 1681360 ----a-w- c:\windows\PCTBDRes.dll
2011-11-29 14:23 . 2011-11-29 14:23 -------- d-----w- c:\program files\PC Tools
2011-11-29 14:18 . 2011-11-29 14:44 -------- d-----w- c:\program files\Common Files\PC Tools
2011-11-29 14:18 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-29 14:17 . 2011-11-29 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2011-11-29 14:17 . 2011-11-29 14:17 -------- d-----w- c:\documents and settings\marika\Data aplikací\TestApp
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\documents and settings\marika\Data aplikací\Search Settings
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Application Updater
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-25 13:21 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-25 13:21 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-25 13:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-25 13:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-25 13:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-25 13:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-25 13:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-25 13:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-25 13:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-25 13:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-22 10:52 . 2011-09-22 08:52 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 21:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-05 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\BS_Player\prxtbBS_0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\prxtbBS_0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"nForce Tray Options"="sstray.exe" [2003-12-17 73728]
"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"FamilyKeyLogger"="c:\program files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe" [2003-01-31 70144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-09-27 894304]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-11-22 2779824]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\program files\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
.
c:\documents and settings\marika\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2009-8-7 49312]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2009-6-12 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 14:58 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\ROUTE66\\ROUTE66Sync.exe"=
"c:\program files\MSN Gaming Zone\Windows\bckgzm.exe"= c:\program files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Ferguson\\18 Wheels of Steel Haulin\\Aphex.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\marika\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25:TCP"= 25:TCP:smtp.azet.sk
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12.2.2009 12:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12.2.2009 12:07 5248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 22:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.3.2009 15:33 717296]
R1 afbgc;afbgc;c:\windows\system32\drivers\afbgc.sys [12.9.2007 11:24 194336]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.7.2011 14:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.7.2011 14:22 314456]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver;c:\windows\system32\drivers\sp_rsdrv2.sys [29.11.2011 15:53 32768]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [12.2.2009 12:18 51072]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [27.9.2011 20:08 745880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.7.2011 14:22 20568]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [29.11.2011 15:24 546768]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [29.11.2011 15:53 482992]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.2.2010 20:49 27632]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.7.2011 14:23 136176]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [1.3.2010 17:32 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.7.2011 14:23 136176]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [10.3.2009 8:52 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\drivers\PCTBD.sys [29.11.2011 15:24 56840]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-25 13:22]
.
2011-12-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-25 13:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-02 15:21
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1016)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-12-02 15:25:50
ComboFix-quarantined-files.txt 2011-12-02 14:25
.
Před spuštěním: 363 773 952
Po spuštění: 330 997 760
.
- - End Of File - - A24AB991D38C5A293E52B7C87B93E821

#6 Příspěvek od **Rudy** » 04 pro 2011 18:52

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\documents and settings\marika\Data aplikací\Search Settings
c:\program files\ConduitEngine
c:\program files\Google\Update

Collect::
c:\windows\system32\drivers\afbgc.sys

Driver::
afbgc
gupdate

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

FCopy::
c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys | c:\windows\system32\drivers\atapi.sys

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

2marcin · #7 Příspěvek od **2marcin** » 04 pro 2011 19:59

neviem či to pomohlo

miesto sa neuvolnilo rychlosť internetu stále pomalá 13Mbit
posielam log combofixu po skopírovaní scriptu

ComboFix 11-12-04.03 - marika 04.12.2011 19:22:48.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.226 [GMT 1:00]
Spuštěný z: c:\documents and settings\marika\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\marika\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
file zipped: c:\windows\system32\drivers\afbgc.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ConduitEngine
c:\program files\ConduitEngine\appContextMenu.xml
c:\program files\ConduitEngine\ConduitEngin0.dll
c:\program files\ConduitEngine\ConduitEngine.dll
c:\program files\ConduitEngine\ConduitEngineHelper.exe
c:\program files\ConduitEngine\ConduitEngineUninstall.exe
c:\program files\ConduitEngine\engineContextMenu.xml
c:\program files\ConduitEngine\EngineSettings.json
c:\program files\ConduitEngine\INSTALL.LOG
c:\program files\ConduitEngine\prxConduitEngine.dll
c:\program files\ConduitEngine\toolbar.cfg
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.79\goopdate.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.79\psmachine.dll
c:\program files\Google\Update\1.3.21.79\psuser.dll
c:\program files\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-6.1.0.4857.exe
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{5CBA6C3C-F6EB-462D-B248-775343E697E1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.121\chrome_installer.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.121\chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\drivers\afbgc.sys
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
.
--------------- FCopy ---------------
.
c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys --> c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_afbgc
-------\Service_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdatem
-------\Service_gupdatem
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-04 do 2011-12-04 )))))))))))))))))))))))))))))))
.
.
2011-12-03 19:00 . 2011-12-03 19:00 -------- d-----w- c:\program files\MSXML 4.0
2011-12-03 18:14 . 2011-12-03 18:14 -------- d-----w- c:\documents and settings\marika\Local Settings\Data aplikací\Threat Expert
2011-12-02 15:14 . 2011-12-04 11:29 -------- d-----w- c:\program files\trend micro
2011-12-02 15:14 . 2011-12-02 15:14 -------- d-----w- C:\rsit
2011-11-29 14:53 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-11-29 14:18 . 2011-11-29 14:44 -------- d-----w- c:\program files\Common Files\PC Tools
2011-11-29 14:18 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-29 14:17 . 2011-11-29 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2011-11-29 14:17 . 2011-11-29 14:17 -------- d-----w- c:\documents and settings\marika\Data aplikací\TestApp
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\documents and settings\marika\Data aplikací\Search Settings
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Application Updater
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-25 13:21 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-25 13:21 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-25 13:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-25 13:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-25 13:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-25 13:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-25 13:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-25 13:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-25 13:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-25 13:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-22 10:52 . 2011-09-22 08:52 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 22:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
.
[-] 2008-04-05 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-12-02_14.21.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-16 12:09 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 53472 c:\windows\system32\wuauclt.exe
+ 2011-12-03 17:42 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2011-12-03 17:42 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2004-08-17 13:49 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2004-08-17 13:49 . 2009-08-06 18:24 96480 c:\windows\system32\cdm.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\update\spcustom.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 18296 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\spmsg.dll
- 2009-09-04 21:01 . 2009-09-04 21:01 58880 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\sp3qfe\msasn1.dll
- 2009-09-04 21:05 . 2009-09-04 21:05 58880 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\sp3gdr\msasn1.dll
- 2009-09-04 20:37 . 2009-09-04 20:37 58880 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\sp2qfe\msasn1.dll
- 2009-09-04 20:47 . 2009-09-04 20:47 58880 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\sp2gdr\msasn1.dll
- 2009-11-03 21:22 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\c212ded109e0696cf7a0dfef6a3789a6\update\spcustom.dll
- 2009-11-03 21:22 . 2009-05-26 11:40 18296 c:\windows\SoftwareDistribution\Download\c212ded109e0696cf7a0dfef6a3789a6\spmsg.dll
- 2009-11-03 21:23 . 2008-07-08 12:59 26488 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\update\spcustom.dll
- 2009-11-03 21:23 . 2008-07-08 12:59 18296 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\spmsg.dll
- 2009-11-03 21:11 . 2007-03-06 01:07 22752 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\update\spcustom.dll
- 2009-11-03 21:11 . 2009-06-05 07:46 17408 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\update\msrdpcustom.dll
- 2009-11-03 21:11 . 2007-03-06 01:07 15072 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\spmsg.dll
- 2009-11-03 21:21 . 2008-07-08 12:59 26488 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\update\spcustom.dll
- 2009-11-03 21:21 . 2008-07-08 12:59 18296 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\spmsg.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\update\spcustom.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 18296 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\spmsg.dll
- 2007-07-27 09:41 . 2007-07-27 09:41 26488 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\spupdsvc.exe
- 2007-07-27 09:41 . 2007-07-27 09:41 16760 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\spmsg.dll
- 2009-11-03 21:21 . 2007-03-06 01:07 22752 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\update\spcustom.dll
- 2009-11-03 21:21 . 2007-03-06 01:07 15072 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\spmsg.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 48640 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqupgrd.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 95744 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqsec.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 16896 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqise.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 47104 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqdscli.dll
- 2009-06-22 11:30 . 2009-06-22 11:30 19968 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqbkup.exe
- 2009-06-22 11:30 . 2009-06-22 11:30 91776 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqac.sys
- 2009-06-25 18:37 . 2009-06-25 18:37 48640 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqupgrd.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 95744 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqsec.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 16896 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqise.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 47104 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqdscli.dll
- 2009-06-22 11:49 . 2009-06-22 11:49 19968 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqbkup.exe
- 2009-06-22 11:48 . 2009-06-22 11:48 91776 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqac.sys
- 2009-11-03 21:20 . 2008-07-08 12:59 26488 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\update\spcustom.dll
- 2009-11-03 21:20 . 2008-07-08 12:59 18296 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\spmsg.dll
- 2009-06-25 08:42 . 2009-06-25 08:42 54272 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\wdigest.dll
- 2009-06-25 08:42 . 2009-06-25 08:42 56832 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\secur32.dll
- 2009-06-24 10:28 . 2009-06-24 10:28 92928 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\ksecdd.sys
- 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\wdigest.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 56832 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\secur32.dll
- 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\ksecdd.sys
- 2009-06-25 08:23 . 2009-06-25 08:23 59392 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\wdigest.dll
- 2009-06-25 08:23 . 2009-06-25 08:23 56320 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\secur32.dll
- 2009-06-22 11:35 . 2009-06-22 11:35 92544 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\ksecdd.sys
- 2009-06-25 08:48 . 2009-06-25 08:48 59392 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\wdigest.dll
- 2009-06-25 08:48 . 2009-06-25 08:48 56320 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\secur32.dll
- 2009-06-22 11:34 . 2009-06-22 11:34 92544 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\ksecdd.sys
- 2009-11-03 21:23 . 2008-07-08 12:59 26488 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\update\spcustom.dll
- 2009-11-03 21:23 . 2008-07-08 12:59 18296 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\spmsg.dll
- 2009-06-15 11:14 . 2009-06-15 11:14 81408 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp3qfe\tlntsess.exe
- 2009-06-15 11:14 . 2009-06-15 11:14 78336 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp3qfe\telnet.exe
- 2009-06-15 10:45 . 2009-06-15 10:45 81408 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp3gdr\tlntsess.exe
- 2009-06-15 10:45 . 2009-06-15 10:45 78336 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp3gdr\telnet.exe
- 2009-06-15 12:09 . 2009-06-15 12:09 81408 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp2qfe\tlntsess.exe
- 2009-06-15 12:09 . 2009-06-15 12:09 78336 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp2qfe\telnet.exe
- 2009-06-15 11:33 . 2009-06-15 11:33 81408 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp2gdr\tlntsess.exe
- 2009-06-15 11:33 . 2009-06-15 11:33 78336 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\sp2gdr\telnet.exe
+ 2011-12-03 19:00 . 2011-12-03 19:00 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
- 2009-06-22 11:30 . 2009-06-22 11:30 4608 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqsvc.exe
- 2009-06-22 11:49 . 2009-06-22 11:49 4608 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqsvc.exe
+ 2011-12-04 18:37 . 2011-12-04 18:37 476427 c:\windows\temp\_asw_aisI.tm~a02964\sig.bin
+ 2009-02-12 09:43 . 2009-08-06 18:24 209632 c:\windows\system32\wuweb.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 327896 c:\windows\system32\wucltui.dll
+ 2009-02-12 09:43 . 2009-08-06 18:23 575704 c:\windows\system32\wuapi.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2009-02-12 09:43 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2009-02-12 09:43 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\update\updspapi.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\update\update.exe
- 2009-11-03 21:21 . 2009-05-26 11:40 233848 c:\windows\SoftwareDistribution\Download\ecbde09de1358488e35dda6cbdc8c39b\spuninst.exe
- 2009-11-03 21:22 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\c212ded109e0696cf7a0dfef6a3789a6\update\updspapi.dll
- 2009-11-03 21:22 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\c212ded109e0696cf7a0dfef6a3789a6\update\update.exe
- 2009-11-03 21:22 . 2009-05-26 11:40 233848 c:\windows\SoftwareDistribution\Download\c212ded109e0696cf7a0dfef6a3789a6\spuninst.exe
- 2009-11-03 21:23 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\update\updspapi.dll
- 2009-11-03 21:23 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\update\update.exe
- 2009-11-03 21:23 . 2008-07-08 12:59 233848 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\spuninst.exe
- 2009-11-03 21:11 . 2007-03-06 01:08 379616 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\update\updspapi.dll
- 2009-11-03 21:11 . 2007-03-06 01:07 720096 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\update\update.exe
- 2009-11-03 21:11 . 2007-03-06 01:07 215776 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\spuninst.exe
- 2009-11-03 21:11 . 2009-06-05 10:31 655872 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\SP2QFE\mstscax.dll
- 2009-11-03 21:11 . 2009-06-05 07:46 655872 c:\windows\SoftwareDistribution\Download\9f3cbecc4f615856b2d3f6e583cde8dc\SP2GDR\mstscax.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\update\updspapi.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\update\update.exe
- 2009-11-03 21:21 . 2008-07-08 12:59 233848 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\spuninst.exe
- 2009-09-11 14:15 . 2009-09-11 14:15 136704 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp3qfe\msv1_0.dll
- 2009-09-11 14:19 . 2009-09-11 14:19 136192 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp3gdr\msv1_0.dll
- 2009-02-06 18:47 . 2009-02-06 18:47 408064 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2qfe\netlogon.dll
- 2009-09-11 14:13 . 2009-09-11 14:13 136192 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2qfe\msv1_0.dll
- 2009-09-11 14:35 . 2009-09-11 14:35 133632 c:\windows\SoftwareDistribution\Download\9778f8cdabb029412b74f168c04bff53\sp2gdr\msv1_0.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\update\updspapi.dll
- 2009-11-03 21:21 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\update\update.exe
- 2009-11-03 21:21 . 2009-05-26 11:40 233848 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\spuninst.exe
- 2009-08-05 08:53 . 2009-08-05 08:53 205312 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\sp3qfe\mswebdvd.dll
- 2009-08-05 09:01 . 2009-08-05 09:01 205312 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\sp3gdr\mswebdvd.dll
- 2009-08-05 08:51 . 2009-08-05 08:51 205312 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\sp2qfe\mswebdvd.dll
- 2009-08-05 09:07 . 2009-08-05 09:07 205312 c:\windows\SoftwareDistribution\Download\9776b98c31dd0bb216343826bcd6338a\sp2gdr\mswebdvd.dll
- 2009-07-13 01:18 . 2009-07-13 01:18 233472 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm9l\wmpdxm.dll
- 2009-07-13 22:43 . 2009-07-13 22:43 286208 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm11\wmpdxm.dll
- 2009-07-13 09:08 . 2009-07-13 09:08 286720 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm10l\wmpdxm.dll
- 2007-07-27 09:41 . 2007-07-27 09:41 382840 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\update\updspapi.dll
- 2007-07-27 07:17 . 2007-07-27 07:17 759160 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\update\update.exe
- 2007-07-27 07:17 . 2007-07-27 07:17 233848 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\spuninst.exe
- 2009-11-03 21:21 . 2007-03-06 01:08 379616 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\update\updspapi.dll
- 2009-11-03 21:21 . 2007-03-06 01:07 720096 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\update\update.exe
- 2009-11-03 21:21 . 2007-03-06 01:07 215776 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\spuninst.exe
- 2009-06-25 18:33 . 2009-06-25 18:33 169472 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\msmqocm.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 489472 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqutil.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 186880 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqtrig.dll
- 2009-06-22 11:30 . 2009-06-22 11:30 117248 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqtgsvc.exe
- 2009-06-25 18:33 . 2009-06-25 18:33 517120 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqsnap.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 123392 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqrtdep.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 177152 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqrt.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 661504 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqqm.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 225280 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqoa.dll
- 2009-06-25 18:33 . 2009-06-25 18:33 138240 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqad.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 169472 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\msmqocm.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 489472 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqutil.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 186880 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqtrig.dll
- 2009-06-22 11:49 . 2009-06-22 11:49 117248 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqtgsvc.exe
- 2009-06-25 18:37 . 2009-06-25 18:37 517120 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqsnap.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 123392 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqrtdep.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 177152 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqrt.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 661504 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqqm.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 225280 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqoa.dll
- 2009-06-25 18:37 . 2009-06-25 18:37 138240 c:\windows\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqad.dll
- 2009-11-03 21:20 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\update\updspapi.dll
- 2009-11-03 21:20 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\update\update.exe
- 2009-11-03 21:20 . 2008-07-08 12:59 233848 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\spuninst.exe
- 2009-06-25 08:42 . 2009-06-25 08:42 147456 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\schannel.dll
- 2009-06-25 08:42 . 2009-06-25 08:42 136704 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\msv1_0.dll
- 2009-06-26 09:42 . 2009-06-26 09:42 729088 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\lsasrv.dll
- 2009-06-25 08:42 . 2009-06-25 08:42 301568 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3qfe\kerberos.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 147456 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\schannel.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 136192 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\msv1_0.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 729088 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\lsasrv.dll
- 2009-06-25 08:27 . 2009-06-25 08:27 301568 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp3gdr\kerberos.dll
- 2009-06-25 08:23 . 2009-06-25 08:23 168448 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\schannel.dll
- 2009-02-06 18:47 . 2009-02-06 18:47 408064 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\netlogon.dll
- 2009-06-25 08:23 . 2009-06-25 08:23 136192 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\msv1_0.dll
- 2009-06-25 08:23 . 2009-06-25 08:23 728576 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\lsasrv.dll
- 2009-06-25 08:23 . 2009-06-25 08:23 301568 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2qfe\kerberos.dll
- 2009-06-25 08:48 . 2009-06-25 08:48 168448 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\schannel.dll
- 2009-06-25 08:48 . 2009-06-25 08:48 133632 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\msv1_0.dll
- 2009-06-25 08:48 . 2009-06-25 08:48 723456 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\lsasrv.dll
- 2009-06-25 08:48 . 2009-06-25 08:48 298496 c:\windows\SoftwareDistribution\Download\2c72bf78e3c24debcddfa92e9f03ffa3\sp2gdr\kerberos.dll
- 2009-11-03 21:23 . 2009-05-26 11:40 391032 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\update\updspapi.dll
- 2009-11-03 21:23 . 2009-05-26 11:40 759160 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\update\update.exe
- 2009-11-03 21:23 . 2008-07-08 12:59 233848 c:\windows\SoftwareDistribution\Download\00920750ce84504bd37737eab60241ff\spuninst.exe
+ 2011-12-03 19:00 . 2011-12-03 19:00 429568 c:\windows\Installer\5f608.msi
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2009-02-12 09:43 . 2009-08-06 18:23 1929952 c:\windows\system32\wuaueng.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2009-02-12 09:43 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
- 2009-07-17 16:02 . 2009-07-17 16:02 1437696 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\sp3qfe\query.dll
- 2009-07-17 16:17 . 2009-07-17 16:17 1437696 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\sp3gdr\query.dll
- 2009-07-17 16:14 . 2009-07-17 16:14 1437696 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\sp2qfe\query.dll
- 2009-07-17 16:27 . 2009-07-17 16:27 1437696 c:\windows\SoftwareDistribution\Download\a065f4f05baf95c5cc399b989949db5b\sp2gdr\query.dll
- 2009-07-13 01:18 . 2009-07-13 01:18 4960256 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm9l\wmp.dll
- 2009-07-13 09:08 . 2009-07-13 09:08 5537792 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm10l\wmp.dll
+ 2009-08-09 22:32 . 2009-08-09 22:32 5288960 c:\windows\Installer\5f609.msp
- 2009-07-13 22:43 . 2009-07-13 22:43 10841088 c:\windows\SoftwareDistribution\Download\70a652e3746534ca73af7bc8ed239b7f\wm11\wmp.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"nForce Tray Options"="sstray.exe" [2003-12-17 73728]
"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"FamilyKeyLogger"="c:\program files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe" [2003-01-31 70144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\program files\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
.
c:\documents and settings\marika\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2009-8-7 49312]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2009-6-12 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 14:58 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\ROUTE66\\ROUTE66Sync.exe"=
"c:\program files\MSN Gaming Zone\Windows\bckgzm.exe"= c:\program files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Ferguson\\18 Wheels of Steel Haulin\\Aphex.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\marika\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25:TCP"= 25:TCP:smtp.azet.sk
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12.2.2009 12:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12.2.2009 12:07 5248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 22:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.3.2009 15:33 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.7.2011 14:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.7.2011 14:22 314456]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [12.2.2009 12:18 51072]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [27.9.2011 20:08 745880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.7.2011 14:22 20568]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [1.3.2010 17:32 36608]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [10.3.2009 8:52 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.2.2010 20:49 27632]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-04 19:35
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\## aswSnx private storage
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2192)
c:\windows\system32\WPDShServiceObj.dll
d:\program files\Nokia PC Suite 6\phonebrowser.dll
d:\program files\Nokia PC Suite 6\PCSCM.dll
d:\program files\Nokia PC Suite 6\Lang\PhoneBrowser_slk.nlr
d:\program files\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\progra~1\Ahead\NEROTO~1\DRIVES~1.EXE
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
c:\windows\system32\msiexec.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-04 19:42:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-04 18:42
ComboFix2.txt 2011-12-02 14:25
.
Před spuštěním: 93 274 112
Po spuštění: 33 005 568
.
- - End Of File - - 139C081F590867D0F059F2A956D7B9BA

#8 Příspěvek od **Rudy** » 04 pro 2011 21:01

Ještě jednou spusťte CF tímto skriptem:

Folder::
c:\program files\Common Files\Spigot

Po akci spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip a nechte pracovat. Po skončení dejte log.

Keylogger máte nainstalován vědomě?

2marcin · #9 Příspěvek od **2marcin** » 05 pro 2011 17:34

Ano Keylogger o tom viem

17:29:08.0109 3204 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
17:29:08.0484 3204 ============================================================
17:29:08.0484 3204 Current date / time: 2011/12/05 17:29:08.0484
17:29:08.0484 3204 SystemInfo:
17:29:08.0484 3204
17:29:08.0484 3204 OS Version: 5.1.2600 ServicePack: 2.0
17:29:08.0484 3204 Product type: Workstation
17:29:08.0484 3204 ComputerName: MARIKA
17:29:08.0484 3204 UserName: marika
17:29:08.0484 3204 Windows directory: C:\WINDOWS
17:29:08.0484 3204 System windows directory: C:\WINDOWS
17:29:08.0484 3204 Processor architecture: Intel x86
17:29:08.0484 3204 Number of processors: 1
17:29:08.0484 3204 Page size: 0x1000
17:29:08.0484 3204 Boot type: Normal boot
17:29:08.0484 3204 ============================================================
17:29:10.0640 3204 Initialize success
17:29:21.0812 2728 ============================================================
17:29:21.0812 2728 Scan started
17:29:21.0812 2728 Mode: Manual;
17:29:21.0812 2728 ============================================================
17:29:22.0406 2728 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
17:29:22.0421 2728 61883 - ok
17:29:22.0484 2728 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
17:29:22.0484 2728 a347bus - ok
17:29:22.0515 2728 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
17:29:22.0531 2728 a347scsi - ok
17:29:22.0578 2728 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
17:29:22.0578 2728 Aavmker4 - ok
17:29:22.0625 2728 Abiosdsk - ok
17:29:22.0656 2728 abp480n5 - ok
17:29:22.0718 2728 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:29:22.0718 2728 ACPI - ok
17:29:22.0781 2728 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:29:22.0781 2728 ACPIEC - ok
17:29:22.0812 2728 adpu160m - ok
17:29:22.0875 2728 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
17:29:22.0890 2728 aec - ok
17:29:22.0953 2728 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
17:29:22.0968 2728 AFD - ok
17:29:22.0984 2728 Aha154x - ok
17:29:23.0031 2728 aic78u2 - ok
17:29:23.0062 2728 aic78xx - ok
17:29:23.0109 2728 AliIde - ok
17:29:23.0140 2728 AmdK7 (2cc3bf45ac3180fe29c199bd95f09601) C:\WINDOWS\system32\DRIVERS\amdk7.sys
17:29:23.0156 2728 AmdK7 - ok
17:29:23.0187 2728 amsint - ok
17:29:23.0234 2728 Angelnt (4a8cb8fea9dcb6f93017f413e2646001) C:\WINDOWS\System32\Drivers\ANGELNT.SYS
17:29:23.0250 2728 Angelnt - ok
17:29:23.0328 2728 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:29:23.0328 2728 Arp1394 - ok
17:29:23.0359 2728 asc - ok
17:29:23.0390 2728 asc3350p - ok
17:29:23.0421 2728 asc3550 - ok
17:29:23.0500 2728 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:29:23.0531 2728 aswFsBlk - ok
17:29:23.0562 2728 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
17:29:23.0578 2728 aswMon2 - ok
17:29:23.0640 2728 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
17:29:23.0640 2728 aswRdr - ok
17:29:23.0703 2728 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
17:29:23.0734 2728 aswSnx - ok
17:29:23.0781 2728 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
17:29:23.0796 2728 aswSP - ok
17:29:23.0843 2728 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
17:29:23.0859 2728 aswTdi - ok
17:29:23.0906 2728 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:29:23.0906 2728 AsyncMac - ok
17:29:23.0953 2728 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:29:23.0953 2728 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: cdfe4411a69c224bd1d11b2da92dac51
17:29:23.0968 2728 atapi ( LockedFile.Multi.Generic ) - warning
17:29:23.0968 2728 atapi - detected LockedFile.Multi.Generic (1)
17:29:24.0000 2728 Atdisk - ok
17:29:24.0078 2728 ati2mtag (86be5339a67c0a309f3e3ef8b0901ee5) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:29:24.0109 2728 ati2mtag - ok
17:29:24.0140 2728 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:29:24.0140 2728 Atmarpc - ok
17:29:24.0203 2728 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:29:24.0203 2728 audstub - ok
17:29:24.0265 2728 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
17:29:24.0281 2728 Avc - ok
17:29:24.0343 2728 AVCSTRM (867d73a2e43b2ddaf0b0263f88e217ac) C:\WINDOWS\system32\DRIVERS\avcstrm.sys
17:29:24.0343 2728 AVCSTRM - ok
17:29:24.0406 2728 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:29:24.0406 2728 Beep - ok
17:29:24.0453 2728 BlueletAudio (04e84c8049ee93614a2ff6d676d1e247) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
17:29:24.0468 2728 BlueletAudio - ok
17:29:24.0515 2728 BT (d1813668a0117ae05bc0b81c874f91d4) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
17:29:24.0515 2728 BT - ok
17:29:24.0546 2728 btaudio - ok
17:29:24.0625 2728 Btcsrusb (7304acc25455746912de37d7ded387ed) C:\WINDOWS\system32\Drivers\btcusb.sys
17:29:24.0625 2728 Btcsrusb - ok
17:29:24.0656 2728 BTDriver - ok
17:29:24.0703 2728 BtHidBus (ce441ccd98c5ecb10cb12fcaf97322ec) C:\WINDOWS\system32\Drivers\BtHidBus.sys
17:29:24.0718 2728 BtHidBus - ok
17:29:24.0781 2728 BTHidEnum (161969d2dd1d39cd2f1edbc60c61fa99) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
17:29:24.0796 2728 BTHidEnum - ok
17:29:24.0828 2728 BTHidMgr (a9164c2a39bd917b9f42ae087560ac3d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
17:29:24.0828 2728 BTHidMgr - ok
17:29:24.0859 2728 BTKRNL - ok
17:29:24.0921 2728 btnetBUs (d3c277a51ef9e2ec972d6221f99c0b6d) C:\WINDOWS\system32\Drivers\btnetBus.sys
17:29:24.0921 2728 btnetBUs - ok
17:29:24.0984 2728 BTNetFilter (6b05fdc0cfc3753b520d2d4176cc32d0) C:\WINDOWS\system32\drivers\BTNetFilter.sys
17:29:24.0984 2728 BTNetFilter - ok
17:29:25.0015 2728 BTWDNDIS - ok
17:29:25.0062 2728 catchme - ok
17:29:25.0125 2728 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:29:25.0125 2728 cbidf2k - ok
17:29:25.0187 2728 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:29:25.0187 2728 CCDECODE - ok
17:29:25.0218 2728 cd20xrnt - ok
17:29:25.0265 2728 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:29:25.0265 2728 Cdaudio - ok
17:29:25.0328 2728 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
17:29:25.0343 2728 Cdfs - ok
17:29:25.0390 2728 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:29:25.0390 2728 Cdrom - ok
17:29:25.0421 2728 Changer - ok
17:29:25.0468 2728 CmdIde - ok
17:29:25.0531 2728 Cpqarray - ok
17:29:25.0578 2728 dac2w2k - ok
17:29:25.0625 2728 dac960nt - ok
17:29:25.0687 2728 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
17:29:25.0703 2728 Disk - ok
17:29:25.0781 2728 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
17:29:25.0828 2728 dmboot - ok
17:29:25.0875 2728 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
17:29:25.0890 2728 dmio - ok
17:29:25.0937 2728 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:29:25.0937 2728 dmload - ok
17:29:25.0984 2728 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
17:29:26.0000 2728 DMusic - ok
17:29:26.0062 2728 Dot4 (ad7fc1963b152b3728e3c4f83554a576) C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:29:26.0078 2728 Dot4 - ok
17:29:26.0125 2728 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
17:29:26.0125 2728 Dot4Print - ok
17:29:26.0171 2728 dot4usb (ccc4092dfc85336f2e1c142483adeb42) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:29:26.0171 2728 dot4usb - ok
17:29:26.0203 2728 dpti2o - ok
17:29:26.0250 2728 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
17:29:26.0250 2728 drmkaud - ok
17:29:26.0312 2728 eamon (1ceb779239965000b8f6adee17d4515b) C:\WINDOWS\system32\DRIVERS\eamon.sys
17:29:26.0328 2728 eamon - ok
17:29:26.0375 2728 ehdrv (7d300a43a7bd8769e0f901bf9e1ae367) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
17:29:26.0375 2728 ehdrv - ok
17:29:26.0453 2728 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
17:29:26.0453 2728 ENTECH - ok
17:29:26.0500 2728 epfw (15bfe00f030ea20955117bb0677e9668) C:\WINDOWS\system32\DRIVERS\epfw.sys
17:29:26.0500 2728 epfw - ok
17:29:26.0546 2728 epfwtdi (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
17:29:26.0546 2728 epfwtdi - ok
17:29:26.0671 2728 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
17:29:26.0671 2728 Fastfat - ok
17:29:26.0718 2728 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:29:26.0718 2728 Fdc - ok
17:29:26.0765 2728 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
17:29:26.0765 2728 Fips - ok
17:29:26.0796 2728 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:29:26.0812 2728 Flpydisk - ok
17:29:26.0859 2728 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:29:26.0859 2728 FltMgr - ok
17:29:26.0921 2728 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
17:29:26.0921 2728 FsUsbExDisk - ok
17:29:26.0968 2728 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:29:26.0968 2728 Fs_Rec - ok
17:29:27.0015 2728 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:29:27.0031 2728 Ftdisk - ok
17:29:27.0046 2728 GMSIPCI - ok
17:29:27.0109 2728 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:29:27.0109 2728 Gpc - ok
17:29:27.0156 2728 hamachi (d30b31375c40309425c21efe75db90bb) C:\WINDOWS\system32\DRIVERS\hamachi.sys
17:29:27.0171 2728 hamachi - ok
17:29:27.0218 2728 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:29:27.0218 2728 HidUsb - ok
17:29:27.0265 2728 hpn - ok
17:29:27.0328 2728 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
17:29:27.0343 2728 HTTP - ok
17:29:27.0390 2728 i2omgmt - ok
17:29:27.0421 2728 i2omp - ok
17:29:27.0468 2728 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:29:27.0468 2728 i8042prt - ok
17:29:27.0531 2728 ICDUSB2 (60b044a221cf76cc6077b0c3e9136cff) C:\WINDOWS\system32\Drivers\ICDUSB2.sys
17:29:27.0531 2728 ICDUSB2 - ok
17:29:27.0609 2728 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:29:27.0609 2728 Imapi - ok
17:29:27.0656 2728 ini910u - ok
17:29:27.0687 2728 IntelIde - ok
17:29:27.0734 2728 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:29:27.0750 2728 Ip6Fw - ok
17:29:27.0796 2728 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:29:27.0796 2728 IpFilterDriver - ok
17:29:27.0890 2728 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:29:27.0890 2728 IpInIp - ok
17:29:27.0953 2728 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:29:27.0953 2728 IpNat - ok
17:29:28.0015 2728 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:29:28.0015 2728 IPSec - ok
17:29:28.0078 2728 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:29:28.0078 2728 IRENUM - ok
17:29:28.0140 2728 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:29:28.0140 2728 isapnp - ok
17:29:28.0203 2728 IvtBtBUs (71e1fc547cc488d5cd7bf0860c96f5af) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
17:29:28.0203 2728 IvtBtBUs - ok
17:29:28.0281 2728 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:29:28.0281 2728 Kbdclass - ok
17:29:28.0328 2728 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
17:29:28.0328 2728 kmixer - ok
17:29:28.0390 2728 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
17:29:28.0390 2728 KSecDD - ok
17:29:28.0453 2728 lbrtfdc - ok
17:29:28.0531 2728 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:29:28.0531 2728 mnmdd - ok
17:29:28.0593 2728 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
17:29:28.0593 2728 Modem - ok
17:29:28.0656 2728 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:29:28.0656 2728 Mouclass - ok
17:29:28.0687 2728 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
17:29:28.0703 2728 MountMgr - ok
17:29:28.0750 2728 mraid35x - ok
17:29:28.0796 2728 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:29:28.0812 2728 MRxDAV - ok
17:29:28.0875 2728 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:29:28.0906 2728 MRxSmb - ok
17:29:28.0968 2728 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
17:29:28.0968 2728 MSDV - ok
17:29:29.0015 2728 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
17:29:29.0015 2728 Msfs - ok
17:29:29.0046 2728 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:29:29.0062 2728 MSKSSRV - ok
17:29:29.0109 2728 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:29:29.0109 2728 MSPCLOCK - ok
17:29:29.0156 2728 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
17:29:29.0156 2728 MSPQM - ok
17:29:29.0203 2728 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:29:29.0203 2728 mssmbios - ok
17:29:29.0265 2728 MSTAPE (74a538deade5ea5f9762f488c7904127) C:\WINDOWS\system32\DRIVERS\mstape.sys
17:29:29.0265 2728 MSTAPE - ok
17:29:29.0343 2728 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
17:29:29.0343 2728 MSTEE - ok
17:29:29.0406 2728 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
17:29:29.0406 2728 Mup - ok
17:29:29.0453 2728 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:29:29.0453 2728 NABTSFEC - ok
17:29:29.0500 2728 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
17:29:29.0515 2728 NDIS - ok
17:29:29.0562 2728 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:29:29.0562 2728 NdisIP - ok
17:29:29.0625 2728 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:29:29.0671 2728 NdisTapi - ok
17:29:29.0734 2728 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:29:29.0734 2728 Ndisuio - ok
17:29:29.0781 2728 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:29:29.0781 2728 NdisWan - ok
17:29:29.0828 2728 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
17:29:29.0843 2728 NDProxy - ok
17:29:29.0890 2728 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:29:29.0890 2728 NetBIOS - ok
17:29:29.0937 2728 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:29:29.0937 2728 NetBT - ok
17:29:30.0015 2728 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:29:30.0031 2728 NIC1394 - ok
17:29:30.0093 2728 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
17:29:30.0109 2728 nmwcd - ok
17:29:30.0156 2728 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
17:29:30.0156 2728 nmwcdc - ok
17:29:30.0203 2728 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
17:29:30.0218 2728 nmwcdcj - ok
17:29:30.0265 2728 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
17:29:30.0265 2728 nmwcdcm - ok
17:29:30.0296 2728 nmwcdnsu - ok
17:29:30.0343 2728 nmwcdnsuc - ok
17:29:30.0390 2728 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
17:29:30.0390 2728 Npfs - ok
17:29:30.0453 2728 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
17:29:30.0484 2728 Ntfs - ok
17:29:30.0562 2728 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:29:30.0562 2728 Null - ok
17:29:30.0593 2728 nvax (b23d844ac4c87e2fe8df643337282996) C:\WINDOWS\system32\drivers\nvax.sys
17:29:30.0609 2728 nvax - ok
17:29:30.0656 2728 NVENET (c8400ca70bf8a30156487bf887886432) C:\WINDOWS\system32\DRIVERS\NVENET.sys
17:29:30.0671 2728 NVENET - ok
17:29:30.0718 2728 nvnforce (665650d64d523785966745b5305ef26b) C:\WINDOWS\system32\drivers\nvapu.sys
17:29:30.0734 2728 nvnforce - ok
17:29:30.0781 2728 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
17:29:30.0781 2728 nv_agp - ok
17:29:30.0828 2728 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:29:30.0828 2728 NwlnkFlt - ok
17:29:30.0906 2728 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:29:30.0906 2728 NwlnkFwd - ok
17:29:30.0968 2728 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:29:30.0968 2728 ohci1394 - ok
17:29:31.0046 2728 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
17:29:31.0046 2728 Parport - ok
17:29:31.0093 2728 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
17:29:31.0093 2728 PartMgr - ok
17:29:31.0125 2728 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
17:29:31.0140 2728 ParVdm - ok
17:29:31.0156 2728 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
17:29:31.0156 2728 PCI - ok
17:29:31.0187 2728 PCIDump - ok
17:29:31.0250 2728 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:29:31.0250 2728 PCIIde - ok
17:29:31.0296 2728 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:29:31.0312 2728 Pcmcia - ok
17:29:31.0343 2728 PDCOMP - ok
17:29:31.0390 2728 PDFRAME - ok
17:29:31.0421 2728 PDRELI - ok
17:29:31.0453 2728 PDRFRAME - ok
17:29:31.0500 2728 perc2 - ok
17:29:31.0531 2728 perc2hib - ok
17:29:31.0640 2728 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:29:31.0640 2728 PptpMiniport - ok
17:29:31.0703 2728 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
17:29:31.0703 2728 PSched - ok
17:29:31.0796 2728 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:29:31.0812 2728 Ptilink - ok
17:29:31.0843 2728 ql1080 - ok
17:29:31.0875 2728 Ql10wnt - ok
17:29:31.0906 2728 ql12160 - ok
17:29:31.0937 2728 ql1240 - ok
17:29:31.0984 2728 ql1280 - ok
17:29:32.0015 2728 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:29:32.0031 2728 RasAcd - ok
17:29:32.0078 2728 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:29:32.0078 2728 Rasl2tp - ok
17:29:32.0125 2728 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:29:32.0125 2728 RasPppoe - ok
17:29:32.0171 2728 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:29:32.0171 2728 Raspti - ok
17:29:32.0218 2728 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:29:32.0218 2728 Rdbss - ok
17:29:32.0265 2728 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:29:32.0265 2728 RDPCDD - ok
17:29:32.0343 2728 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:29:32.0359 2728 rdpdr - ok
17:29:32.0437 2728 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
17:29:32.0437 2728 RDPWD - ok
17:29:32.0500 2728 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:29:32.0515 2728 redbook - ok
17:29:32.0562 2728 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:29:32.0578 2728 ROOTMODEM - ok
17:29:32.0671 2728 s116bus (815445f4676cc96bc9aeec303c727e19) C:\WINDOWS\system32\DRIVERS\s116bus.sys
17:29:32.0687 2728 s116bus - ok
17:29:32.0718 2728 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
17:29:32.0734 2728 s116mdfl - ok
17:29:32.0781 2728 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
17:29:32.0781 2728 s116mdm - ok
17:29:32.0828 2728 s116mgmt (1589aa53e43f8d193a7d4d580d3ffa95) C:\WINDOWS\system32\DRIVERS\s116mgmt.sys
17:29:32.0843 2728 s116mgmt - ok
17:29:32.0890 2728 s116nd5 (306f85733671fe507470f0273025e768) C:\WINDOWS\system32\DRIVERS\s116nd5.sys
17:29:32.0890 2728 s116nd5 - ok
17:29:32.0953 2728 s116obex (ec32601f04a5a5de89315d0f55e73d66) C:\WINDOWS\system32\DRIVERS\s116obex.sys
17:29:32.0953 2728 s116obex - ok
17:29:33.0000 2728 s116unic (32e3ecb4b2b5887426eaf241a8149cde) C:\WINDOWS\system32\DRIVERS\s116unic.sys
17:29:33.0015 2728 s116unic - ok
17:29:33.0093 2728 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:29:33.0093 2728 Secdrv - ok
17:29:33.0156 2728 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
17:29:33.0171 2728 seehcri - ok
17:29:33.0218 2728 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:29:33.0218 2728 serenum - ok
17:29:33.0281 2728 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
17:29:33.0281 2728 Serial - ok
17:29:33.0343 2728 sermouse (61490899036b14dedc24babd847d7001) C:\WINDOWS\system32\DRIVERS\sermouse.sys
17:29:33.0343 2728 sermouse - ok
17:29:33.0406 2728 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:29:33.0421 2728 sfdrv01 - ok
17:29:33.0484 2728 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:29:33.0484 2728 sfhlp02 - ok
17:29:33.0515 2728 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:29:33.0531 2728 Sfloppy - ok
17:29:33.0578 2728 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
17:29:33.0593 2728 sfvfs02 - ok
17:29:33.0656 2728 Simbad - ok
17:29:33.0718 2728 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:29:33.0718 2728 SLIP - ok
17:29:33.0750 2728 Sparrow - ok
17:29:33.0812 2728 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
17:29:33.0812 2728 splitter - ok
17:29:33.0906 2728 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
17:29:33.0921 2728 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
17:29:33.0937 2728 sptd ( LockedFile.Multi.Generic ) - warning
17:29:33.0937 2728 sptd - detected LockedFile.Multi.Generic (1)
17:29:34.0000 2728 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
17:29:34.0000 2728 sr - ok
17:29:34.0078 2728 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys
17:29:34.0093 2728 Srv - ok
17:29:34.0156 2728 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:29:34.0171 2728 streamip - ok
17:29:34.0203 2728 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:29:34.0218 2728 swenum - ok
17:29:34.0265 2728 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
17:29:34.0265 2728 swmidi - ok
17:29:34.0312 2728 symc810 - ok
17:29:34.0343 2728 symc8xx - ok
17:29:34.0390 2728 sym_hi - ok
17:29:34.0421 2728 sym_u3 - ok
17:29:34.0453 2728 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
17:29:34.0468 2728 sysaudio - ok
17:29:34.0609 2728 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:29:34.0703 2728 Tcpip - ok
17:29:34.0765 2728 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:29:34.0765 2728 TDPIPE - ok
17:29:34.0812 2728 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
17:29:34.0828 2728 TDTCP - ok
17:29:34.0875 2728 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:29:34.0875 2728 TermDD - ok
17:29:34.0953 2728 TosIde - ok
17:29:35.0015 2728 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
17:29:35.0015 2728 Udfs - ok
17:29:35.0062 2728 ultra - ok
17:29:35.0109 2728 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
17:29:35.0109 2728 Update - ok
17:29:35.0156 2728 upperdev - ok
17:29:35.0234 2728 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
17:29:35.0234 2728 usbaudio - ok
17:29:35.0296 2728 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:29:35.0296 2728 usbccgp - ok
17:29:35.0343 2728 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:29:35.0343 2728 usbehci - ok
17:29:35.0421 2728 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:29:35.0421 2728 usbhub - ok
17:29:35.0484 2728 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:29:35.0500 2728 usbohci - ok
17:29:35.0562 2728 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:29:35.0562 2728 usbscan - ok
17:29:35.0640 2728 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:29:35.0656 2728 USBSTOR - ok
17:29:35.0718 2728 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:29:35.0718 2728 usbvideo - ok
17:29:35.0781 2728 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
17:29:35.0781 2728 VComm - ok
17:29:35.0843 2728 VcommMgr (630bbdbf5490f8f57abe650da63661a0) C:\WINDOWS\system32\Drivers\VcommMgr.sys
17:29:35.0843 2728 VcommMgr - ok
17:29:35.0906 2728 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
17:29:35.0906 2728 VgaSave - ok
17:29:35.0937 2728 ViaIde - ok
17:29:35.0984 2728 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
17:29:35.0984 2728 VolSnap - ok
17:29:36.0046 2728 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:29:36.0062 2728 Wanarp - ok
17:29:36.0125 2728 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:29:36.0156 2728 Wdf01000 - ok
17:29:36.0187 2728 WDICA - ok
17:29:36.0234 2728 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
17:29:36.0234 2728 wdmaud - ok
17:29:36.0343 2728 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:29:36.0343 2728 WinUSB - ok
17:29:36.0437 2728 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:29:36.0437 2728 WS2IFSL - ok
17:29:36.0515 2728 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:29:36.0515 2728 WSTCODEC - ok
17:29:36.0578 2728 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:29:36.0593 2728 WudfPf - ok
17:29:36.0640 2728 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:29:36.0640 2728 WudfRd - ok
17:29:36.0734 2728 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
17:29:36.0859 2728 \Device\Harddisk0\DR0 - ok
17:29:36.0875 2728 Boot (0x1200) (a77a3eb1fc482b23e4a955ce37251339) \Device\Harddisk0\DR0\Partition0
17:29:36.0875 2728 \Device\Harddisk0\DR0\Partition0 - ok
17:29:36.0890 2728 Boot (0x1200) (dfb23d3a3434a292f41f9080767823c3) \Device\Harddisk0\DR0\Partition1
17:29:36.0890 2728 \Device\Harddisk0\DR0\Partition1 - ok
17:29:36.0906 2728 ============================================================
17:29:36.0906 2728 Scan finished
17:29:36.0906 2728 ============================================================
17:29:36.0921 2764 Detected object count: 2
17:29:36.0921 2764 Actual detected object count: 2
17:29:44.0578 2764 atapi ( LockedFile.Multi.Generic ) - skipped by user
17:29:44.0578 2764 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
17:29:44.0578 2764 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:29:44.0578 2764 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:29:51.0687 3460 ============================================================
17:29:51.0687 3460 Scan started
17:29:51.0687 3460 Mode: Manual;
17:29:51.0687 3460 ============================================================
17:29:51.0953 3460 61883 (86d7b1e70661d754685b9ac6d749aae5) C:\WINDOWS\system32\DRIVERS\61883.sys
17:29:51.0968 3460 61883 - ok
17:29:52.0031 3460 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys
17:29:52.0031 3460 a347bus - ok
17:29:52.0062 3460 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys
17:29:52.0062 3460 a347scsi - ok
17:29:52.0125 3460 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
17:29:52.0125 3460 Aavmker4 - ok
17:29:52.0156 3460 Abiosdsk - ok
17:29:52.0187 3460 abp480n5 - ok
17:29:52.0234 3460 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:29:52.0250 3460 ACPI - ok
17:29:52.0296 3460 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:29:52.0296 3460 ACPIEC - ok
17:29:52.0343 3460 adpu160m - ok
17:29:52.0390 3460 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
17:29:52.0390 3460 aec - ok
17:29:52.0453 3460 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
17:29:52.0453 3460 AFD - ok
17:29:52.0500 3460 Aha154x - ok
17:29:52.0531 3460 aic78u2 - ok
17:29:52.0562 3460 aic78xx - ok
17:29:52.0609 3460 AliIde - ok
17:29:52.0656 3460 AmdK7 (2cc3bf45ac3180fe29c199bd95f09601) C:\WINDOWS\system32\DRIVERS\amdk7.sys
17:29:52.0656 3460 AmdK7 - ok
17:29:52.0703 3460 amsint - ok
17:29:52.0781 3460 Angelnt (4a8cb8fea9dcb6f93017f413e2646001) C:\WINDOWS\System32\Drivers\ANGELNT.SYS
17:29:52.0781 3460 Angelnt - ok
17:29:52.0843 3460 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:29:52.0843 3460 Arp1394 - ok
17:29:52.0875 3460 asc - ok
17:29:52.0906 3460 asc3350p - ok
17:29:52.0953 3460 asc3550 - ok
17:29:53.0031 3460 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:29:53.0031 3460 aswFsBlk - ok
17:29:53.0078 3460 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
17:29:53.0093 3460 aswMon2 - ok
17:29:53.0140 3460 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
17:29:53.0140 3460 aswRdr - ok
17:29:53.0203 3460 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
17:29:53.0203 3460 aswSnx - ok
17:29:53.0265 3460 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
17:29:53.0265 3460 aswSP - ok
17:29:53.0312 3460 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
17:29:53.0312 3460 aswTdi - ok
17:29:53.0359 3460 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:29:53.0375 3460 AsyncMac - ok
17:29:53.0421 3460 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:29:53.0421 3460 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: cdfe4411a69c224bd1d11b2da92dac51
17:29:53.0421 3460 atapi ( LockedFile.Multi.Generic ) - warning
17:29:53.0421 3460 atapi - detected LockedFile.Multi.Generic (1)
17:29:53.0468 3460 Atdisk - ok
17:29:53.0531 3460 ati2mtag (86be5339a67c0a309f3e3ef8b0901ee5) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:29:53.0546 3460 ati2mtag - ok
17:29:53.0593 3460 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:29:53.0593 3460 Atmarpc - ok
17:29:53.0671 3460 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:29:53.0671 3460 audstub - ok
17:29:53.0734 3460 Avc (87c223adb8f7596b31caae3c67b16ddd) C:\WINDOWS\system32\DRIVERS\avc.sys
17:29:53.0734 3460 Avc - ok
17:29:53.0812 3460 AVCSTRM (867d73a2e43b2ddaf0b0263f88e217ac) C:\WINDOWS\system32\DRIVERS\avcstrm.sys
17:29:53.0812 3460 AVCSTRM - ok
17:29:53.0859 3460 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:29:53.0875 3460 Beep - ok
17:29:53.0921 3460 BlueletAudio (04e84c8049ee93614a2ff6d676d1e247) C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
17:29:53.0921 3460 BlueletAudio - ok
17:29:53.0968 3460 BT (d1813668a0117ae05bc0b81c874f91d4) C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
17:29:53.0984 3460 BT - ok
17:29:54.0015 3460 btaudio - ok
17:29:54.0062 3460 Btcsrusb (7304acc25455746912de37d7ded387ed) C:\WINDOWS\system32\Drivers\btcusb.sys
17:29:54.0062 3460 Btcsrusb - ok
17:29:54.0093 3460 BTDriver - ok
17:29:54.0156 3460 BtHidBus (ce441ccd98c5ecb10cb12fcaf97322ec) C:\WINDOWS\system32\Drivers\BtHidBus.sys
17:29:54.0156 3460 BtHidBus - ok
17:29:54.0203 3460 BTHidEnum (161969d2dd1d39cd2f1edbc60c61fa99) C:\WINDOWS\system32\DRIVERS\vbtenum.sys
17:29:54.0203 3460 BTHidEnum - ok
17:29:54.0265 3460 BTHidMgr (a9164c2a39bd917b9f42ae087560ac3d) C:\WINDOWS\system32\Drivers\BTHidMgr.sys
17:29:54.0265 3460 BTHidMgr - ok
17:29:54.0296 3460 BTKRNL - ok
17:29:54.0343 3460 btnetBUs (d3c277a51ef9e2ec972d6221f99c0b6d) C:\WINDOWS\system32\Drivers\btnetBus.sys
17:29:54.0359 3460 btnetBUs - ok
17:29:54.0406 3460 BTNetFilter (6b05fdc0cfc3753b520d2d4176cc32d0) C:\WINDOWS\system32\drivers\BTNetFilter.sys
17:29:54.0406 3460 BTNetFilter - ok
17:29:54.0437 3460 BTWDNDIS - ok
17:29:54.0515 3460 catchme - ok
17:29:54.0578 3460 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:29:54.0593 3460 cbidf2k - ok
17:29:54.0640 3460 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:29:54.0640 3460 CCDECODE - ok
17:29:54.0671 3460 cd20xrnt - ok
17:29:54.0718 3460 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:29:54.0718 3460 Cdaudio - ok
17:29:54.0781 3460 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
17:29:54.0781 3460 Cdfs - ok
17:29:54.0828 3460 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:29:54.0828 3460 Cdrom - ok
17:29:54.0875 3460 Changer - ok
17:29:54.0921 3460 CmdIde - ok
17:29:54.0984 3460 Cpqarray - ok
17:29:55.0015 3460 dac2w2k - ok
17:29:55.0046 3460 dac960nt - ok
17:29:55.0093 3460 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
17:29:55.0093 3460 Disk - ok
17:29:55.0156 3460 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
17:29:55.0156 3460 dmboot - ok
17:29:55.0203 3460 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
17:29:55.0203 3460 dmio - ok
17:29:55.0250 3460 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:29:55.0250 3460 dmload - ok
17:29:55.0312 3460 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
17:29:55.0312 3460 DMusic - ok
17:29:55.0390 3460 Dot4 (ad7fc1963b152b3728e3c4f83554a576) C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:29:55.0390 3460 Dot4 - ok
17:29:55.0437 3460 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
17:29:55.0437 3460 Dot4Print - ok
17:29:55.0500 3460 dot4usb (ccc4092dfc85336f2e1c142483adeb42) C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:29:55.0500 3460 dot4usb - ok
17:29:55.0531 3460 dpti2o - ok
17:29:55.0578 3460 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
17:29:55.0578 3460 drmkaud - ok
17:29:55.0640 3460 eamon (1ceb779239965000b8f6adee17d4515b) C:\WINDOWS\system32\DRIVERS\eamon.sys
17:29:55.0640 3460 eamon - ok
17:29:55.0703 3460 ehdrv (7d300a43a7bd8769e0f901bf9e1ae367) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
17:29:55.0703 3460 ehdrv - ok
17:29:55.0796 3460 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
17:29:55.0796 3460 ENTECH - ok
17:29:55.0875 3460 epfw (15bfe00f030ea20955117bb0677e9668) C:\WINDOWS\system32\DRIVERS\epfw.sys
17:29:55.0875 3460 epfw - ok
17:29:55.0906 3460 epfwtdi (bdde7dd8fcdb1de7e879bb320b0605c0) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
17:29:55.0921 3460 epfwtdi - ok
17:29:56.0000 3460 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
17:29:56.0000 3460 Fastfat - ok
17:29:56.0046 3460 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:29:56.0046 3460 Fdc - ok
17:29:56.0093 3460 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
17:29:56.0093 3460 Fips - ok
17:29:56.0140 3460 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:29:56.0140 3460 Flpydisk - ok
17:29:56.0187 3460 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:29:56.0203 3460 FltMgr - ok
17:29:56.0265 3460 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
17:29:56.0265 3460 FsUsbExDisk - ok
17:29:56.0312 3460 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:29:56.0312 3460 Fs_Rec - ok
17:29:56.0375 3460 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:29:56.0375 3460 Ftdisk - ok
17:29:56.0390 3460 GMSIPCI - ok
17:29:56.0437 3460 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:29:56.0453 3460 Gpc - ok
17:29:56.0500 3460 hamachi (d30b31375c40309425c21efe75db90bb) C:\WINDOWS\system32\DRIVERS\hamachi.sys
17:29:56.0500 3460 hamachi - ok
17:29:56.0578 3460 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:29:56.0593 3460 HidUsb - ok
17:29:56.0625 3460 hpn - ok
17:29:56.0656 3460 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
17:29:56.0671 3460 HTTP - ok
17:29:56.0703 3460 i2omgmt - ok
17:29:56.0734 3460 i2omp - ok
17:29:56.0796 3460 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:29:56.0796 3460 i8042prt - ok
17:29:56.0859 3460 ICDUSB2 (60b044a221cf76cc6077b0c3e9136cff) C:\WINDOWS\system32\Drivers\ICDUSB2.sys
17:29:56.0859 3460 ICDUSB2 - ok
17:29:56.0906 3460 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:29:56.0906 3460 Imapi - ok
17:29:56.0953 3460 ini910u - ok
17:29:57.0031 3460 IntelIde - ok
17:29:57.0078 3460 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:29:57.0078 3460 Ip6Fw - ok
17:29:57.0140 3460 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:29:57.0140 3460 IpFilterDriver - ok
17:29:57.0187 3460 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:29:57.0187 3460 IpInIp - ok
17:29:57.0234 3460 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:29:57.0250 3460 IpNat - ok
17:29:57.0281 3460 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:29:57.0296 3460 IPSec - ok
17:29:57.0343 3460 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:29:57.0343 3460 IRENUM - ok
17:29:57.0406 3460 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:29:57.0421 3460 isapnp - ok
17:29:57.0484 3460 IvtBtBUs (71e1fc547cc488d5cd7bf0860c96f5af) C:\WINDOWS\system32\Drivers\IvtBtBus.sys
17:29:57.0484 3460 IvtBtBUs - ok
17:29:57.0531 3460 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:29:57.0531 3460 Kbdclass - ok
17:29:57.0593 3460 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
17:29:57.0593 3460 kmixer - ok
17:29:57.0656 3460 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
17:29:57.0656 3460 KSecDD - ok
17:29:57.0703 3460 lbrtfdc - ok
17:29:57.0796 3460 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:29:57.0812 3460 mnmdd - ok
17:29:57.0859 3460 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
17:29:57.0859 3460 Modem - ok
17:29:57.0921 3460 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:29:57.0921 3460 Mouclass - ok
17:29:57.0968 3460 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
17:29:57.0968 3460 MountMgr - ok
17:29:58.0000 3460 mraid35x - ok
17:29:58.0046 3460 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:29:58.0046 3460 MRxDAV - ok
17:29:58.0125 3460 MRxSmb (6f2d483b97b395544e59749c47963c6a) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:29:58.0125 3460 MRxSmb - ok
17:29:58.0171 3460 MSDV (6dd721dfd2648f3f6d5808b5ba6cb095) C:\WINDOWS\system32\DRIVERS\msdv.sys
17:29:58.0171 3460 MSDV - ok
17:29:58.0218 3460 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
17:29:58.0218 3460 Msfs - ok
17:29:58.0281 3460 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:29:58.0281 3460 MSKSSRV - ok
17:29:58.0328 3460 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:29:58.0328 3460 MSPCLOCK - ok
17:29:58.0375 3460 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
17:29:58.0390 3460 MSPQM - ok
17:29:58.0437 3460 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:29:58.0437 3460 mssmbios - ok
17:29:58.0500 3460 MSTAPE (74a538deade5ea5f9762f488c7904127) C:\WINDOWS\system32\DRIVERS\mstape.sys
17:29:58.0500 3460 MSTAPE - ok
17:29:58.0578 3460 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
17:29:58.0578 3460 MSTEE - ok
17:29:58.0640 3460 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
17:29:58.0640 3460 Mup - ok
17:29:58.0687 3460 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:29:58.0687 3460 NABTSFEC - ok
17:29:58.0750 3460 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
17:29:58.0750 3460 NDIS - ok
17:29:58.0843 3460 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:29:58.0843 3460 NdisIP - ok
17:29:58.0906 3460 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:29:58.0906 3460 NdisTapi - ok
17:29:58.0953 3460 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:29:58.0953 3460 Ndisuio - ok
17:29:59.0000 3460 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:29:59.0015 3460 NdisWan - ok
17:29:59.0046 3460 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
17:29:59.0046 3460 NDProxy - ok
17:29:59.0093 3460 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:29:59.0093 3460 NetBIOS - ok
17:29:59.0125 3460 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:29:59.0140 3460 NetBT - ok
17:29:59.0218 3460 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:29:59.0218 3460 NIC1394 - ok
17:29:59.0296 3460 nmwcd (696b37ea78f9d9767a2f18ba0304a51a) C:\WINDOWS\system32\drivers\nmwcd.sys
17:29:59.0296 3460 nmwcd - ok
17:29:59.0343 3460 nmwcdc (bbb6010fc01d9239d88fcdf133e03ff0) C:\WINDOWS\system32\drivers\nmwcdc.sys
17:29:59.0343 3460 nmwcdc - ok
17:29:59.0390 3460 nmwcdcj (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcj.sys
17:29:59.0390 3460 nmwcdcj - ok
17:29:59.0468 3460 nmwcdcm (4c3726467d67483f054c88f058e9c153) C:\WINDOWS\system32\drivers\nmwcdcm.sys
17:29:59.0468 3460 nmwcdcm - ok
17:29:59.0500 3460 nmwcdnsu - ok
17:29:59.0546 3460 nmwcdnsuc - ok
17:29:59.0578 3460 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
17:29:59.0593 3460 Npfs - ok
17:29:59.0656 3460 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
17:29:59.0656 3460 Ntfs - ok
17:29:59.0718 3460 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:29:59.0718 3460 Null - ok
17:29:59.0781 3460 nvax (b23d844ac4c87e2fe8df643337282996) C:\WINDOWS\system32\drivers\nvax.sys
17:29:59.0781 3460 nvax - ok
17:29:59.0843 3460 NVENET (c8400ca70bf8a30156487bf887886432) C:\WINDOWS\system32\DRIVERS\NVENET.sys
17:29:59.0843 3460 NVENET - ok
17:29:59.0890 3460 nvnforce (665650d64d523785966745b5305ef26b) C:\WINDOWS\system32\drivers\nvapu.sys
17:29:59.0906 3460 nvnforce - ok
17:29:59.0953 3460 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
17:29:59.0953 3460 nv_agp - ok
17:30:00.0000 3460 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:30:00.0000 3460 NwlnkFlt - ok
17:30:00.0062 3460 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:30:00.0062 3460 NwlnkFwd - ok
17:30:00.0125 3460 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:30:00.0125 3460 ohci1394 - ok
17:30:00.0218 3460 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
17:30:00.0234 3460 Parport - ok
17:30:00.0281 3460 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
17:30:00.0296 3460 PartMgr - ok
17:30:00.0328 3460 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
17:30:00.0328 3460 ParVdm - ok
17:30:00.0390 3460 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
17:30:00.0390 3460 PCI - ok
17:30:00.0421 3460 PCIDump - ok
17:30:00.0453 3460 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:30:00.0468 3460 PCIIde - ok
17:30:00.0500 3460 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:30:00.0515 3460 Pcmcia - ok
17:30:00.0546 3460 PDCOMP - ok
17:30:00.0593 3460 PDFRAME - ok
17:30:00.0625 3460 PDRELI - ok
17:30:00.0656 3460 PDRFRAME - ok
17:30:00.0687 3460 perc2 - ok
17:30:00.0718 3460 perc2hib - ok
17:30:00.0828 3460 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:30:00.0828 3460 PptpMiniport - ok
17:30:00.0890 3460 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
17:30:00.0890 3460 PSched - ok
17:30:00.0984 3460 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:30:00.0984 3460 Ptilink - ok
17:30:01.0031 3460 ql1080 - ok
17:30:01.0062 3460 Ql10wnt - ok
17:30:01.0093 3460 ql12160 - ok
17:30:01.0125 3460 ql1240 - ok
17:30:01.0156 3460 ql1280 - ok
17:30:01.0203 3460 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:30:01.0203 3460 RasAcd - ok
17:30:01.0265 3460 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:30:01.0265 3460 Rasl2tp - ok
17:30:01.0312 3460 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:30:01.0312 3460 RasPppoe - ok
17:30:01.0359 3460 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:30:01.0359 3460 Raspti - ok
17:30:01.0406 3460 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:30:01.0421 3460 Rdbss - ok
17:30:01.0468 3460 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:30:01.0468 3460 RDPCDD - ok
17:30:01.0515 3460 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:30:01.0515 3460 rdpdr - ok
17:30:01.0578 3460 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
17:30:01.0593 3460 RDPWD - ok
17:30:01.0656 3460 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:30:01.0671 3460 redbook - ok
17:30:01.0718 3460 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
17:30:01.0718 3460 ROOTMODEM - ok
17:30:01.0828 3460 s116bus (815445f4676cc96bc9aeec303c727e19) C:\WINDOWS\system32\DRIVERS\s116bus.sys
17:30:01.0828 3460 s116bus - ok
17:30:01.0890 3460 s116mdfl (333d1e0743e6de1779c3c418ac601c3a) C:\WINDOWS\system32\DRIVERS\s116mdfl.sys
17:30:01.0890 3460 s116mdfl - ok
17:30:01.0937 3460 s116mdm (50d6e5b021e9ec7553ab8a3553cc1b6b) C:\WINDOWS\system32\DRIVERS\s116mdm.sys
17:30:01.0953 3460 s116mdm - ok
17:30:02.0000 3460 s116mgmt (1589aa53e43f8d193a7d4d580d3ffa95) C:\WINDOWS\system32\DRIVERS\s116mgmt.sys
17:30:02.0000 3460 s116mgmt - ok
17:30:02.0062 3460 s116nd5 (306f85733671fe507470f0273025e768) C:\WINDOWS\system32\DRIVERS\s116nd5.sys
17:30:02.0062 3460 s116nd5 - ok
17:30:02.0109 3460 s116obex (ec32601f04a5a5de89315d0f55e73d66) C:\WINDOWS\system32\DRIVERS\s116obex.sys
17:30:02.0109 3460 s116obex - ok
17:30:02.0156 3460 s116unic (32e3ecb4b2b5887426eaf241a8149cde) C:\WINDOWS\system32\DRIVERS\s116unic.sys
17:30:02.0156 3460 s116unic - ok
17:30:02.0218 3460 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:30:02.0234 3460 Secdrv - ok
17:30:02.0296 3460 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
17:30:02.0296 3460 seehcri - ok
17:30:02.0343 3460 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:30:02.0343 3460 serenum - ok
17:30:02.0406 3460 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
17:30:02.0406 3460 Serial - ok
17:30:02.0484 3460 sermouse (61490899036b14dedc24babd847d7001) C:\WINDOWS\system32\DRIVERS\sermouse.sys
17:30:02.0500 3460 sermouse - ok
17:30:02.0562 3460 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:30:02.0578 3460 sfdrv01 - ok
17:30:02.0625 3460 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:30:02.0640 3460 sfhlp02 - ok
17:30:02.0671 3460 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:30:02.0671 3460 Sfloppy - ok
17:30:02.0734 3460 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
17:30:02.0734 3460 sfvfs02 - ok
17:30:02.0781 3460 Simbad - ok
17:30:02.0859 3460 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:30:02.0859 3460 SLIP - ok
17:30:02.0906 3460 Sparrow - ok
17:30:02.0921 3460 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
17:30:02.0937 3460 splitter - ok
17:30:03.0031 3460 sptd (71e276f6d189413266ea22171806597b) C:\WINDOWS\system32\Drivers\sptd.sys
17:30:03.0031 3460 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
17:30:03.0031 3460 sptd ( LockedFile.Multi.Generic ) - warning
17:30:03.0046 3460 sptd - detected LockedFile.Multi.Generic (1)
17:30:03.0125 3460 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
17:30:03.0125 3460 sr - ok
17:30:03.0187 3460 Srv (ab9c79ed12d65e800aaad3d72a04792f) C:\WINDOWS\system32\DRIVERS\srv.sys
17:30:03.0203 3460 Srv - ok
17:30:03.0281 3460 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:30:03.0281 3460 streamip - ok
17:30:03.0328 3460 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:30:03.0328 3460 swenum - ok
17:30:03.0359 3460 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
17:30:03.0375 3460 swmidi - ok
17:30:03.0421 3460 symc810 - ok
17:30:03.0453 3460 symc8xx - ok
17:30:03.0484 3460 sym_hi - ok
17:30:03.0515 3460 sym_u3 - ok
17:30:03.0578 3460 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
17:30:03.0578 3460 sysaudio - ok
17:30:03.0671 3460 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:30:03.0671 3460 Tcpip - ok
17:30:03.0734 3460 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:30:03.0734 3460 TDPIPE - ok
17:30:03.0796 3460 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
17:30:03.0796 3460 TDTCP - ok
17:30:03.0859 3460 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:30:03.0859 3460 TermDD - ok
17:30:03.0921 3460 TosIde - ok
17:30:04.0015 3460 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
17:30:04.0031 3460 Udfs - ok
17:30:04.0062 3460 ultra - ok
17:30:04.0109 3460 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
17:30:04.0109 3460 Update - ok
17:30:04.0156 3460 upperdev - ok
17:30:04.0218 3460 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
17:30:04.0234 3460 usbaudio - ok
17:30:04.0281 3460 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:30:04.0281 3460 usbccgp - ok
17:30:04.0343 3460 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:30:04.0343 3460 usbehci - ok
17:30:04.0406 3460 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:30:04.0406 3460 usbhub - ok
17:30:04.0453 3460 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:30:04.0453 3460 usbohci - ok
17:30:04.0500 3460 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:30:04.0515 3460 usbscan - ok
17:30:04.0562 3460 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:30:04.0578 3460 USBSTOR - ok
17:30:04.0625 3460 usbvideo (8968ff3973a883c49e8b564200f565b9) C:\WINDOWS\system32\Drivers\usbvideo.sys
17:30:04.0640 3460 usbvideo - ok
17:30:04.0703 3460 VComm (9ebee4a060c5364a31aeaa04eac2af1e) C:\WINDOWS\system32\DRIVERS\VComm.sys
17:30:04.0703 3460 VComm - ok
17:30:04.0750 3460 VcommMgr (630bbdbf5490f8f57abe650da63661a0) C:\WINDOWS\system32\Drivers\VcommMgr.sys
17:30:04.0765 3460 VcommMgr - ok
17:30:04.0843 3460 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
17:30:04.0843 3460 VgaSave - ok
17:30:04.0906 3460 ViaIde - ok
17:30:04.0953 3460 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
17:30:04.0953 3460 VolSnap - ok
17:30:05.0015 3460 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:30:05.0031 3460 Wanarp - ok
17:30:05.0093 3460 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
17:30:05.0109 3460 Wdf01000 - ok
17:30:05.0140 3460 WDICA - ok
17:30:05.0171 3460 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
17:30:05.0171 3460 wdmaud - ok
17:30:05.0281 3460 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:30:05.0281 3460 WinUSB - ok
17:30:05.0375 3460 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:30:05.0375 3460 WS2IFSL - ok
17:30:05.0437 3460 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:30:05.0437 3460 WSTCODEC - ok
17:30:05.0531 3460 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:30:05.0531 3460 WudfPf - ok
17:30:05.0593 3460 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:30:05.0593 3460 WudfRd - ok
17:30:05.0703 3460 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
17:30:05.0781 3460 \Device\Harddisk0\DR0 - ok
17:30:05.0796 3460 Boot (0x1200) (a77a3eb1fc482b23e4a955ce37251339) \Device\Harddisk0\DR0\Partition0
17:30:05.0796 3460 \Device\Harddisk0\DR0\Partition0 - ok
17:30:05.0828 3460 Boot (0x1200) (dfb23d3a3434a292f41f9080767823c3) \Device\Harddisk0\DR0\Partition1
17:30:05.0828 3460 \Device\Harddisk0\DR0\Partition1 - ok
17:30:05.0828 3460 ============================================================
17:30:05.0828 3460 Scan finished
17:30:05.0828 3460 ============================================================
17:30:05.0859 3380 Detected object count: 2
17:30:05.0859 3380 Actual detected object count: 2
17:30:18.0843 3380 atapi ( LockedFile.Multi.Generic ) - skipped by user
17:30:18.0843 3380 atapi ( LockedFile.Multi.Generic ) - User select action: Skip
17:30:18.0843 3380 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:30:18.0843 3380 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

2marcin · #10 Příspěvek od **2marcin** » 05 pro 2011 17:41

a tu je log Combofixu
všetko po starom žiadna zmena .....

ComboFix 11-12-05.02 - marika 05.12.2011 17:10:40.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.259 [GMT 1:00]
Spuštěný z: c:\documents and settings\marika\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\marika\Plocha\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings\baidu_ff.xml
c:\program files\Common Files\Spigot\Search Settings\baidu_ie.xml
c:\program files\Common Files\Spigot\Search Settings\config.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1031.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1033.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1034.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1036.ini
c:\program files\Common Files\Spigot\Search Settings\Lang\res1040.ini
c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
c:\program files\Common Files\Spigot\Search Settings\yandex_ff.xml
c:\program files\Common Files\Spigot\Search Settings\yandex_ie.xml
.
---- Předchozí spuštění -------
.
c:\program files\ConduitEngine\appContextMenu.xml
c:\program files\ConduitEngine\ConduitEngin0.dll
c:\program files\ConduitEngine\ConduitEngine.dll
c:\program files\ConduitEngine\ConduitEngineHelper.exe
c:\program files\ConduitEngine\ConduitEngineUninstall.exe
c:\program files\ConduitEngine\engineContextMenu.xml
c:\program files\ConduitEngine\EngineSettings.json
c:\program files\ConduitEngine\INSTALL.LOG
c:\program files\ConduitEngine\prxConduitEngine.dll
c:\program files\ConduitEngine\toolbar.cfg
c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.79\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.79\goopdate.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.79\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.79\psmachine.dll
c:\program files\Google\Update\1.3.21.79\psuser.dll
c:\program files\Google\Update\Download\{2BF2CA35-CCAF-4E58-BAB7-4163BFA03B88}\0.0.0.0\GoogleEarth-Win-Plugin-6.1.0.4857.exe
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{5CBA6C3C-F6EB-462D-B248-775343E697E1}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.121\chrome_installer.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\15.0.874.121\chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\drivers\afbgc.sys
.
-- Předchozí spuštění --
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
--------
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_afbgc
-------\Service_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdatem
-------\Service_gupdatem
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-05 do 2011-12-05 )))))))))))))))))))))))))))))))
.
.
2011-12-03 19:00 . 2011-12-03 19:00 -------- d-----w- c:\program files\MSXML 4.0
2011-12-03 18:14 . 2011-12-03 18:14 -------- d-----w- c:\documents and settings\marika\Local Settings\Data aplikací\Threat Expert
2011-12-02 15:14 . 2011-12-04 11:29 -------- d-----w- c:\program files\trend micro
2011-12-02 15:14 . 2011-12-02 15:14 -------- d-----w- C:\rsit
2011-11-29 14:53 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-11-29 14:18 . 2011-11-29 14:44 -------- d-----w- c:\program files\Common Files\PC Tools
2011-11-29 14:18 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-29 14:17 . 2011-11-29 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2011-11-29 14:17 . 2011-11-29 14:17 -------- d-----w- c:\documents and settings\marika\Data aplikací\TestApp
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\documents and settings\marika\Data aplikací\Search Settings
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Application Updater
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-25 13:21 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-25 13:21 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-25 13:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-25 13:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-25 13:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-25 13:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-25 13:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-25 13:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-25 13:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-25 13:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-22 10:52 . 2011-09-22 08:52 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 22:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys
.
[-] 2008-04-05 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"nForce Tray Options"="sstray.exe" [2003-12-17 73728]
"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"FamilyKeyLogger"="c:\program files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe" [2003-01-31 70144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\program files\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
.
c:\documents and settings\marika\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2009-8-7 49312]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2009-6-12 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 14:58 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\ROUTE66\\ROUTE66Sync.exe"=
"c:\program files\MSN Gaming Zone\Windows\bckgzm.exe"= c:\program files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Ferguson\\18 Wheels of Steel Haulin\\Aphex.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\marika\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25:TCP"= 25:TCP:smtp.azet.sk
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12.2.2009 12:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12.2.2009 12:07 5248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 22:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.3.2009 15:33 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.7.2011 14:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.7.2011 14:22 314456]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [12.2.2009 12:18 51072]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [27.9.2011 20:08 745880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.7.2011 14:22 20568]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [1.3.2010 17:32 36608]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [10.3.2009 8:52 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.2.2010 20:49 27632]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-05 17:20
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-12-05 17:22:58
ComboFix-quarantined-files.txt 2011-12-05 16:22
ComboFix2.txt 2011-12-04 18:42
ComboFix3.txt 2011-12-02 14:25
.
Před spuštěním: 49 807 360
Po spuštění: 39 157 760
.
- - End Of File - - 8A61F3AD4CB577B12A7D8C84DF97D3EA

#11 Příspěvek od **Rudy** » 05 pro 2011 18:21

Spusťte CF tímto skriptem:

FCopy::
c:\windows\system32\dllcache\atapi.sys | c:\windows\system32\drivers\atapi.sys

2marcin · #12 Příspěvek od **2marcin** » 05 pro 2011 18:50

Myslíte si ,že sa nám to podarí rozbehať ???
a je v poriadku záznam z logu c:\windows\system32\wiaacmgr.exe . . . je infikován!!

ComboFix 11-12-05.02 - marika 05.12.2011 18:33:22.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.360 [GMT 1:00]
Spuštěný z: c:\documents and settings\marika\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\marika\Plocha\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\marika\pdf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\sstray.exe
.
c:\windows\system32\wiaacmgr.exe . . . je infikován!!
.
.
--------------- FCopy ---------------
.
c:\windows\system32\dllcache\atapi.sys --> c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-05 do 2011-12-05 )))))))))))))))))))))))))))))))
.
.
2011-12-03 19:00 . 2011-12-03 19:00 -------- d-----w- c:\program files\MSXML 4.0
2011-12-03 18:14 . 2011-12-03 18:14 -------- d-----w- c:\documents and settings\marika\Local Settings\Data aplikací\Threat Expert
2011-12-02 15:14 . 2011-12-04 11:29 -------- d-----w- c:\program files\trend micro
2011-12-02 15:14 . 2011-12-02 15:14 -------- d-----w- C:\rsit
2011-11-29 14:53 . 2011-06-21 10:24 32768 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-11-29 14:18 . 2011-11-29 14:44 -------- d-----w- c:\program files\Common Files\PC Tools
2011-11-29 14:18 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-29 14:17 . 2011-11-29 14:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2011-11-29 14:17 . 2011-11-29 14:17 -------- d-----w- c:\documents and settings\marika\Data aplikací\TestApp
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\documents and settings\marika\Data aplikací\Search Settings
2011-11-06 10:19 . 2011-11-06 10:19 -------- d-----w- c:\program files\Application Updater
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-25 13:21 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-25 13:21 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-25 13:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-25 13:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-25 13:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-25 13:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-25 13:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-25 13:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-25 13:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-25 13:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-22 10:52 . 2011-09-22 08:52 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-05 . 0C2F6B6366E23D7362EB2C2EC29262F6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"FamilyKeyLogger"="c:\program files\Windows XP Fun Pack\Winter 2003\Family\cisvc.exe" [2003-01-31 70144]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"Nokia.PCSync"="d:\program files\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]
.
c:\documents and settings\marika\Nabídka Start\Programy\Po spuštění\
Kalendár.lnk - c:\windows\MENINY.EXE [2009-8-7 49312]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2009-6-12 1183744]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 14:58 1667584 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\ROUTE66\\ROUTE66Sync.exe"=
"c:\program files\MSN Gaming Zone\Windows\bckgzm.exe"= c:\program files\MSN Gaming Zone\Windows\bckgzm.exe:192.168.1.2/255.255.255.255:Enabled:Backgammon v Internetu
"c:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Ferguson\\18 Wheels of Steel Haulin\\Aphex.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\marika\\Local Settings\\Data aplikací\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25:TCP"= 25:TCP:smtp.azet.sk
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [12.2.2009 12:07 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [12.2.2009 12:07 5248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 22:39 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.3.2009 15:33 717296]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [25.7.2011 14:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.7.2011 14:22 314456]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [12.2.2009 12:18 51072]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [27.9.2011 20:08 745880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.7.2011 14:22 20568]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 11:44 30088]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [1.3.2010 17:32 36608]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [10.3.2009 8:52 39048]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 13:58 26248]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys --> c:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys --> c:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.2.2010 20:49 27632]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 55782693
*Deregistered* - 55782693
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-nForce Tray Options - sstray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-05 18:43
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-12-05 18:45:57
ComboFix-quarantined-files.txt 2011-12-05 17:45
ComboFix2.txt 2011-12-05 16:22
ComboFix3.txt 2011-12-04 18:42
ComboFix4.txt 2011-12-02 14:25
.
Před spuštěním: 50 139 136
Po spuštění: 37 400 576
.
- - End Of File - - 115C31A9DF69E1ABF6D4EAEF54E71ED5

#13 Příspěvek od **Rudy** » 05 pro 2011 19:47

Myslíte si ,že sa nám to podarí rozbehať ???

Uvidíme.

Přiložený soubor rozbalte na plochu. Pak spusťte ComboFix následujícím skriptem:

FCopy::
c:\documents and settings\marika\Plocha\wiaacmgr.exe | c:\windows\system32\wiaacmgr.exe

Driver::
55782693

wiaacmgr.rar: (36.44 KiB) Staženo 37 x

2marcin · #14 Příspěvek od **2marcin** » 05 pro 2011 20:14

bohuzial CF sa nespustil scriptom a nic nereaguje ??????

2marcin · #15 Příspěvek od **2marcin** » 05 pro 2011 20:20

asi sa rozbehne CF ale ale strasne pomaly

VIRY.CZ

pomalý internet

pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet

Re: pomalý internet