Přestala mi fungovat wifi,asi nějaký rootkit...

Zpráva

zjewka · #1 Příspěvek od **zjewka** » 09 lis 2010 15:18

Když jsem spustila norton antivirus viděla jsem při kontrole běžet slavná jména: infostealer snifula b, rustock a,b, gen XX, pár trojanů.
Ale norton nehlásil,že by něco našel. Tak jsem zkusila další antiviry něco odstranily,ale ...
Teď mám Spyware terminator, vyčistila jsem registry ccleaner,
rsit:

Logfile of random's system information tool 1.08 (written by random/random)
Run by gibbon at 2010-11-09 15:05:37
Microsoft Windows 7 Home Premium
System drive C: has 178 GB (62%) free of 288 GB
Total RAM: 3066 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:05:50, on 9.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\hijajack\HijackThis.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\gibbon\Downloads\RSIT.exe
C:\Program Files\trend micro\gibbon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy2000:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [acevents] "c:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: c:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - c:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - c:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: QHAQSY - Sysinternals - www.sysinternals.com - C:\Users\gibbon\AppData\Local\Temp\QHAQSY.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9118 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-11-02 1252304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2009-07-23 98576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-11-02 1252304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"acevents"=c:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-04 153640]
""= []
"accrdsub"=c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-04 400936]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2009-07-07 11227136]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-30 1545512]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-11-09 2216960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-11-09 3037696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-11-09 15:05:37 ----D---- C:\rsit
2010-11-09 15:05:37 ----D---- C:\Program Files\trend micro
2010-11-09 14:53:24 ----D---- C:\Program Files\hijajack
2010-11-09 14:48:41 ----D---- C:\Program Files\CCleaner
2010-11-09 03:00:27 ----A---- C:\windows\system32\drivers\usbvideo.sys
2010-11-09 03:00:27 ----A---- C:\windows\system32\drivers\ks.sys
2010-11-09 02:54:42 ----D---- C:\VundoFix Backups
2010-11-09 02:54:42 ----A---- C:\VundoFix.txt
2010-11-09 01:21:12 ----D---- C:\Program Files\Crawler
2010-11-09 01:21:11 ----A---- C:\windows\system32\drivers\sp_rsdrv2.sys
2010-11-09 01:21:10 ----D---- C:\Users\gibbon\AppData\Roaming\Spyware Terminator
2010-11-09 01:21:09 ----D---- C:\ProgramData\Spyware Terminator
2010-11-09 01:21:09 ----D---- C:\Program Files\Spyware Terminator
2010-11-08 23:36:45 ----D---- C:\ProgramData\Alwil Software
2010-11-08 23:36:45 ----D---- C:\Program Files\Alwil Software
2010-11-08 22:53:57 ----AD---- C:\ProgramData\TEMP
2010-11-08 22:50:23 ----D---- C:\ProgramData\PC Tools
2010-11-08 22:33:19 ----A---- C:\windows\system32\drivers\AvgArCln.sys
2010-11-08 22:33:17 ----D---- C:\Program Files\GRISOFT
2010-11-08 21:37:07 ----D---- C:\Users\gibbon\AppData\Roaming\Tific
2010-11-08 21:20:18 ----A---- C:\windows\system32\t2embed.dll
2010-11-08 21:20:18 ----A---- C:\windows\system32\mshtml.dll
2010-11-08 21:20:18 ----A---- C:\windows\system32\iertutil.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\wininet.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\urlmon.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\mstime.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\msfeeds.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\licmgr10.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\ieframe.dll
2010-11-08 21:20:17 ----A---- C:\windows\system32\iedkcs32.dll
2010-11-08 21:20:16 ----A---- C:\windows\system32\mshtmled.dll
2010-11-08 21:20:16 ----A---- C:\windows\system32\msfeedssync.exe
2010-11-08 21:20:16 ----A---- C:\windows\system32\msfeedsbs.dll
2010-11-08 21:20:16 ----A---- C:\windows\system32\jsproxy.dll
2010-11-08 21:20:16 ----A---- C:\windows\system32\ieui.dll
2010-11-08 21:20:16 ----A---- C:\windows\system32\iepeers.dll
2010-11-08 21:20:14 ----A---- C:\windows\system32\ole32.dll
2010-11-08 21:20:12 ----A---- C:\windows\system32\msdri.dll
2010-11-08 21:20:12 ----A---- C:\windows\system32\CPFilters.dll
2010-11-08 21:20:11 ----A---- C:\windows\system32\schannel.dll
2010-11-08 21:20:11 ----A---- C:\windows\system32\comctl32.dll
2010-11-08 21:20:10 ----A---- C:\windows\system32\mfc40u.dll
2010-11-08 21:20:10 ----A---- C:\windows\system32\mfc40.dll
2010-11-08 21:20:04 ----A---- C:\windows\system32\wmp.dll
2010-11-08 21:20:03 ----A---- C:\windows\system32\wmploc.DLL
2010-11-08 21:20:03 ----A---- C:\windows\system32\drivers\Diskdump.sys
2010-11-08 21:20:02 ----A---- C:\windows\system32\win32k.sys
2010-11-08 21:19:57 ----A---- C:\windows\system32\wmpmde.dll
2010-11-08 21:19:57 ----A---- C:\windows\system32\StructuredQuery.dll
2010-11-08 21:19:57 ----A---- C:\windows\system32\srvsvc.dll
2010-11-08 21:19:57 ----A---- C:\windows\system32\drivers\srvnet.sys
2010-11-08 21:19:57 ----A---- C:\windows\system32\drivers\srv2.sys
2010-11-08 21:19:57 ----A---- C:\windows\system32\drivers\srv.sys
2010-11-08 19:31:00 ----D---- C:\ProgramData\PCSettings
2010-11-07 13:12:16 ----D---- C:\ProgramData\ESET
2010-11-07 13:12:16 ----D---- C:\Program Files\ESET
2010-11-07 02:29:19 ----SHD---- C:\Config.Msi
2010-11-07 01:58:50 ----D---- C:\windows\Minidump
2010-11-06 20:47:06 ----D---- C:\ProgramData\SITEguard
2010-11-06 20:46:30 ----D---- C:\ProgramData\STOPzilla!
2010-11-06 20:46:30 ----D---- C:\Program Files\Common Files\iS3
2010-10-11 09:24:33 ----D---- C:\ProgramData\Norton
2010-10-11 09:24:23 ----D---- C:\ProgramData\NortonInstaller

======List of files/folders modified in the last 1 months======

2010-11-09 15:05:50 ----D---- C:\windows\Prefetch
2010-11-09 15:05:37 ----RD---- C:\Program Files
2010-11-09 14:50:43 ----D---- C:\windows\debug
2010-11-09 14:50:43 ----D---- C:\Windows
2010-11-09 14:50:43 ----D---- C:\Users\gibbon\AppData\Roaming\Winamp
2010-11-09 14:50:43 ----D---- C:\Users\gibbon\AppData\Roaming\BitTorrent
2010-11-09 14:50:42 ----D---- C:\windows\Temp
2010-11-09 13:38:44 ----D---- C:\windows\system32\config
2010-11-09 05:07:03 ----SHD---- C:\System Volume Information
2010-11-09 04:59:54 ----D---- C:\windows\rescache
2010-11-09 04:28:40 ----D---- C:\windows\Microsoft.NET
2010-11-09 04:28:38 ----RSD---- C:\windows\assembly
2010-11-09 04:26:28 ----D---- C:\windows\System32
2010-11-09 04:26:28 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-11-09 04:26:27 ----D---- C:\windows\inf
2010-11-09 04:22:32 ----D---- C:\windows\winsxs
2010-11-09 04:21:04 ----D---- C:\windows\system32\migration
2010-11-09 04:21:04 ----D---- C:\Program Files\Internet Explorer
2010-11-09 04:21:03 ----D---- C:\windows\system32\drivers
2010-11-09 04:21:03 ----D---- C:\windows\ehome
2010-11-09 04:21:03 ----D---- C:\windows\AppPatch
2010-11-09 04:21:03 ----D---- C:\Program Files\Windows Media Player
2010-11-09 04:21:02 ----D---- C:\windows\system32\DriverStore
2010-11-09 03:00:31 ----D---- C:\windows\system32\catroot
2010-11-09 01:21:09 ----HD---- C:\ProgramData
2010-11-09 01:16:11 ----D---- C:\windows\system32\catroot2
2010-11-08 23:36:54 ----SHD---- C:\windows\Installer
2010-11-08 23:25:58 ----D---- C:\Program Files\Common Files
2010-11-08 19:39:20 ----D---- C:\windows\system32\Tasks
2010-11-08 19:05:21 ----SD---- C:\ProgramData\Microsoft
2010-11-08 16:23:41 ----A---- C:\ProgramData\HPWALog.txt
2010-11-08 16:10:13 ----D---- C:\windows\Tasks
2010-11-08 16:10:13 ----D---- C:\windows\system32\wfp
2010-11-08 16:10:12 ----D---- C:\windows\system32\wbem
2010-11-08 16:10:12 ----D---- C:\windows\system32\CodeIntegrity
2010-11-08 16:10:05 ----D---- C:\Users\gibbon\AppData\Roaming\GHISLER
2010-11-08 16:09:58 ----D---- C:\windows\registration
2010-11-08 16:07:17 ----D---- C:\windows\system32\LogFiles
2010-11-07 02:37:39 ----D---- C:\Program Files\Hewlett-Packard
2010-11-07 02:30:19 ----D---- C:\ProgramData\Microsoft Help
2010-11-07 02:29:58 ----D---- C:\Program Files\Common Files\microsoft shared
2010-11-07 02:29:54 ----D---- C:\windows\ShellNew
2010-11-07 02:29:43 ----RSD---- C:\windows\Fonts
2010-11-07 02:27:35 ----D---- C:\Program Files\Common Files\System
2010-11-07 02:25:58 ----A---- C:\windows\win.ini
2010-11-07 02:17:49 ----D---- C:\ProgramData\Skype
2010-11-07 02:16:41 ----SD---- C:\Users\gibbon\AppData\Roaming\Microsoft
2010-10-24 00:47:06 ----D---- C:\windows\system32\wdi
2010-10-18 10:23:07 ----D---- C:\windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 AVG Anti-Rootkit;AVG Anti-Rootkit; C:\windows\System32\DRIVERS\avgarkt.sys [2007-01-31 5632]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-07-30 109216]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-07-30 51408]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-07-30 12960]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-08-26 691696]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\windows\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-07-30 12528]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys [2010-11-09 142592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\windows\system32\drivers\AtiHdmi.sys [2009-07-24 103440]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\windows\System32\Drivers\ATSwpWDF.sys [2009-07-29 482176]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-30 213680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 5U876UVC;HP Webcam [2 MP series]; C:\windows\system32\DRIVERS\5U876.sys [2009-06-30 118656]
S3 agikrl2o;agikrl2o; C:\windows\system32\drivers\agikrl2o.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; c:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 ATService;AuthenTec Fingerprint Service; c:\Program Files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-10 124928]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-30 256544]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-07-07 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-09 496128]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-05-01 229944]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 QHAQSY;QHAQSY; C:\Users\gibbon\AppData\Local\Temp\QHAQSY.exe [2010-11-09 338816]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-08-27 1343400]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S4 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-04-30 74392]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 09 lis 2010 16:49

Hezké odpoledne

Tak už raději nic nezkoušejte, ať nenaděláte víc škody než užitku.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
- combofix přejmenujte na cokoliv.com

zjewka · #3 Příspěvek od **zjewka** » 23 lis 2010 12:00

Moc dekuju,
ze mi pomahate

uz mi nechodi ani zvuk, nejde pustit film nic, uplne me to ignoruje

mam tu vypis z toho combofixu:

ComboFix 10-11-22.05 - gibbon 23.11.2010 11:21:34.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3066.2253 [GMT 1:00]
Spuštìný z: c:\users\gibbon\Desktop\combo.com.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvoøené od 2010-10-23 do 2010-11-23 )))))))))))))))))))))))))))))))
.

2010-11-23 10:26 . 2010-11-23 10:26 -------- d-----w- C:\Device
2010-11-22 15:26 . 2010-11-22 15:26 0 ---ha-w- c:\users\gibbon\BITFE99.tmp
2010-11-13 04:34 . 2010-11-13 04:34 -------- d-----w- c:\users\gibbon\AppData\Local\Roxio
2010-11-09 14:05 . 2010-11-09 14:05 -------- d-----w- C:\rsit
2010-11-09 14:05 . 2010-11-09 14:05 -------- d-----w- c:\program files\trend micro
2010-11-09 13:53 . 2010-11-09 13:54 -------- d-----w- c:\program files\hijajack
2010-11-09 13:48 . 2010-11-09 13:48 -------- d-----w- c:\program files\CCleaner
2010-11-09 02:00 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-11-09 02:00 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-11-09 01:54 . 2010-11-09 01:54 -------- d-----w- C:\VundoFix Backups
2010-11-09 00:21 . 2010-11-09 00:21 -------- d-----w- c:\program files\Crawler
2010-11-09 00:21 . 2010-11-09 00:21 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-11-09 00:21 . 2010-11-23 08:05 -------- d-----w- c:\users\gibbon\AppData\Roaming\Spyware Terminator
2010-11-09 00:21 . 2010-11-09 03:22 -------- d-----w- c:\programdata\Spyware Terminator
2010-11-09 00:21 . 2010-11-09 01:27 -------- d-----w- c:\program files\Spyware Terminator
2010-11-08 22:36 . 2010-11-08 22:36 -------- d-----w- c:\programdata\Alwil Software
2010-11-08 22:36 . 2010-11-08 22:36 -------- d-----w- c:\program files\Alwil Software
2010-11-08 21:50 . 2010-11-08 22:25 -------- d-----w- c:\programdata\PC Tools
2010-11-08 21:33 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2010-11-08 20:37 . 2010-11-08 20:37 -------- d-----w- c:\users\gibbon\AppData\Roaming\Tific
2010-11-08 20:19 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-11-08 20:19 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-11-08 20:19 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-11-08 20:19 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-11-08 20:19 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-11-08 20:19 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-11-08 18:31 . 2010-11-08 18:31 -------- d-----w- c:\programdata\PCSettings
2010-11-07 12:12 . 2010-11-07 12:12 -------- d-----w- c:\program files\ESET
2010-11-07 01:22 . 2010-11-07 01:22 -------- d-----w- c:\users\gibbon\AppData\Local\Microsoft Help
2010-11-06 19:47 . 2010-11-06 19:47 -------- d-----w- c:\programdata\SITEguard
2010-11-06 19:46 . 2010-11-06 23:47 -------- d-----w- c:\programdata\STOPzilla!
2010-11-06 19:46 . 2010-11-06 19:46 -------- d-----w- c:\program files\Common Files\iS3

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 22:52 . 2010-09-28 19:16 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1598DF18-3257-43C1-8C40-B7D1BD019279}\mpengine.dll
2010-08-27 18:15 . 2010-08-27 03:51 1900 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-08-26 18:12 . 2010-08-26 18:12 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
.

(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-11-09 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-04 400936]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-07-06 11227136]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-09 2216960]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

R3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 12:01 118656]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 QHAQSY;QHAQSY;c:\users\gibbon\AppData\Local\Temp\QHAQSY.exe [x]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-27 1343400]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-26 691696]
S1 RsvLock;RsvLock; [x]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-11-09 142592]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-07-29 256544]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-07-06 77824]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-07-29 482176]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;Ovladaè NDIS6.2 Miniport pro øadiè Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker
Bioscrypt REG_MULTI_SZ ASChannel
GPSvcGroup REG_MULTI_SZ GPSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 20:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáøe 'Naplánované úlohy'

2010-11-23 c:\windows\Tasks\HPCeeScheduleForgibbon.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2010-01-18 22:38]
.
.
------- Doplòkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60327
mStart Page = hxxp://www.bing.com
uInternet Settings,ProxyServer = proxy2000:8080
uInternet Settings,ProxyOverride = <local>
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zaøízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zaøízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANÌNÉ Z REGISTRU - - - -

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: TOSHIBA_ rev.LH01 -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: >>UNKNOWN [0x82C45000]<< >>UNKNOWN [0x83B44000]<< >>UNKNOWN [0x8C7D6000]<< >>UNKNOWN [0x8C79B000]<< >>UNKNOWN [0x82C0E000]<< >>UNKNOWN [0x83950000]<< >>UNKNOWN [0x8BCF3000]<< >>UNKNOWN [0x8382E000]<< >>UNKNOWN [0x8615A938]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x82C81458] -> \Device\Harddisk0\DR0[0x87A18030]
\Driver\Disk[0x87A17A48] -> IRP_MJ_CREATE -> 0x83B4839F
3 [0x83B4859E] -> ntkrnlpa!IofCallDriver[0x82C81458] -> [0x87A16AA0]
\Driver\hpdskflt[0x879CC718] -> IRP_MJ_CREATE -> 0x8C79CFB0
5 [0x8C79D090] -> ntkrnlpa!IofCallDriver[0x82C81458] -> [0x86FA7700]
\Driver\ACPI[0x86E3FD58] -> IRP_MJ_CREATE -> 0x839594AA
7 [0x839593B2] -> ntkrnlpa!IofCallDriver[0x82C81458] -> \Device\Ide\IAAStorageDevice-1[0x86FB3028]
\Driver\iaStor[0x86FA3BF8] -> IRP_MJ_CREATE -> 0x8BD3D390
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍÈE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na bìžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2344)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\AEADISRV.EXE
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\Hewlett-Packard\IAM\Bin\AsGHost.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový èas: 2010-11-23 11:29:38 - poèítaè byl restartován
ComboFix-quarantined-files.txt 2010-11-23 10:29

Pøed spuštìním: Volných bajtù: 182 550 188 032
Po spuštìní: Volných bajtù: 181 920 440 320

- - End Of File - - 7E8BA86D079EBDAA472AEC3430ABB28C

#4 Příspěvek od **vyosek** » 23 lis 2010 12:07

Zdravim a pekny den preji

Omlouvam se kolegyni za vstup - pokracujte dle tohoto navodu - mate tam opravdu pekneho smejda

stell píše: Stiahnite si prosím TDSSKiller a uložte ho na plochu.

2x-klik na TDSSKiller.exe- spustiť aplikáciu, potom na Spustiť kontrolu-klik- Start Scan.
Ak je infikovaný súbor detekovaný, bude predvolená akcia Cure, kliknite na tlačidlo Continue.
Ak podozrivý[suspicious] súbor je detekovaný, bude predvolená akcia Skip, kliknite na Continue.
Môže vás požiadať, aby ste reštartovali počítač na dokončenie procesu. Kliknite na Reboot Now.
Ak nevyžaduje reštart, kliknite na tlačidlo Report. Log súbor by sa mal objaviť. Prosím, skopírujte a vložte obsah súboru tu.
Ak je vyžadované reštartovanie počítača, správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt". Prosím, skopírujte a vložte obsah súboru tu.

zjewka · #5 Příspěvek od **zjewka** » 24 lis 2010 18:17

Ten tdsskiller mi nejde spustit. Pise to hlasku> Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstaneni.
Vlastne na tom uz nejde spustit vubec nic od pouziti combofix

#6 Příspěvek od **vyosek** » 24 lis 2010 19:45

Zkuste ten TDSS Killer aplikovat v nouzovemn rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

#7 Příspěvek od **motji** » 24 lis 2010 21:31

Od použití combofixu jste už počítač restartovali? Pokud ne, restartujte ho, pokud ano, dejte obnovu systému do doby před použitím combofixu.

zjewka · #8 Příspěvek od **zjewka** » 27 lis 2010 01:29

Dobry vecer,
tak jsem zkusila spustit toho tdsskiler v nouzovem rezimu. V 13 s. to bylo zkontrolovano, ale nenaslo to nic. Ale vidim,jak se to tam v tom ss cykli - predtim se to cyklilo v bz, ale to vy asi nejspis vidite v tech log taky. Nemyslim si, ze by bylo nejchytrejsi vracet ten combofix zpatky,protoze to vymazalo jednu bestii a asi ji nechci obnovit

Ty logy delam tak, ze to vypaluju na cd a kopiruju pres pocitac myho pritele. To je asi to jediny, co na tom kompu delat muzu, ale vzdycky mi to tam automaticky vyhazuje do fronty, vypalyt desktop. A nechci, aby to jeho pocitac chytil taky. Asi by ze me udelal 4 maly do skolky

Ale vidim tu uplne jiny cas,nez jsem ten log delala. Ta kontrola probehla 27. 11. 2010 chvili po pulnoci. Mam pocit,ze cokoliv otevru,ta bestie ma k tomu pak pristup. Ale mozna jsem jen trochu paranoidni

Tady je log tdsskiller:
2010/11/27 00:44:36.0038 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/27 00:44:36.0038 ================================================================================
2010/11/27 00:44:36.0038 SystemInfo:
2010/11/27 00:44:36.0038
2010/11/27 00:44:36.0038 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/27 00:44:36.0038 Product type: Workstation
2010/11/27 00:44:36.0038 ComputerName: GIBBON-HP
2010/11/27 00:44:36.0038 UserName: gibbon
2010/11/27 00:44:36.0038 Windows directory: C:\windows
2010/11/27 00:44:36.0038 System windows directory: C:\windows
2010/11/27 00:44:36.0038 Processor architecture: Intel x86
2010/11/27 00:44:36.0038 Number of processors: 2
2010/11/27 00:44:36.0038 Page size: 0x1000
2010/11/27 00:44:36.0038 Boot type: Safe boot
2010/11/27 00:44:36.0038 ================================================================================
2010/11/27 00:44:36.0350 Initialize success
2010/11/27 00:46:53.0209 ================================================================================
2010/11/27 00:46:53.0209 Scan started
2010/11/27 00:46:53.0209 Mode: Manual;
2010/11/27 00:46:53.0209 ================================================================================
2010/11/27 00:46:53.0552 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2010/11/27 00:46:53.0614 5U876UVC (080a40550fb95a328917512f3f5a0409) C:\windows\system32\DRIVERS\5U876.sys
2010/11/27 00:46:53.0661 Accelerometer (4df5e6215a102a192b2b6dbb61f2fba5) C:\windows\system32\DRIVERS\Accelerometer.sys
2010/11/27 00:46:53.0723 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2010/11/27 00:46:53.0770 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2010/11/27 00:46:53.0848 ADIHdAudAddService (6c61bceb60c2c187e6f96001fd69493e) C:\windows\system32\drivers\ADIHdAud.sys
2010/11/27 00:46:53.0973 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2010/11/27 00:46:54.0004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2010/11/27 00:46:54.0035 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2010/11/27 00:46:54.0113 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2010/11/27 00:46:54.0145 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2010/11/27 00:46:54.0176 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2010/11/27 00:46:54.0223 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2010/11/27 00:46:54.0285 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2010/11/27 00:46:54.0316 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2010/11/27 00:46:54.0394 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2010/11/27 00:46:54.0425 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2010/11/27 00:46:54.0472 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2010/11/27 00:46:54.0503 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2010/11/27 00:46:54.0519 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2010/11/27 00:46:54.0550 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2010/11/27 00:46:54.0597 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2010/11/27 00:46:54.0613 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2010/11/27 00:46:54.0706 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2010/11/27 00:46:54.0769 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2010/11/27 00:46:54.0847 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys
2010/11/27 00:46:54.0893 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\windows\system32\drivers\AtiHdmi.sys
2010/11/27 00:46:55.0018 atikmdag (a4252328d2b1520571102992ef0b0e5c) C:\windows\system32\DRIVERS\atikmdag.sys
2010/11/27 00:46:55.0159 ATSwpWDF (1ec637725aebe586508626ba50af3324) C:\windows\system32\Drivers\ATSwpWDF.sys
2010/11/27 00:46:55.0237 AVG Anti-Rootkit (e8054a423e5d2bdae6062bab6da159c4) C:\windows\system32\DRIVERS\avgarkt.sys
2010/11/27 00:46:55.0268 AvgArCln (ec08d1625f5c6cf2a57b79eb35186f8c) C:\windows\system32\DRIVERS\AvgArCln.sys
2010/11/27 00:46:55.0330 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2010/11/27 00:46:55.0424 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2010/11/27 00:46:55.0471 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2010/11/27 00:46:55.0517 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2010/11/27 00:46:55.0549 bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys
2010/11/27 00:46:55.0580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2010/11/27 00:46:55.0611 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2010/11/27 00:46:55.0658 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2010/11/27 00:46:55.0689 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2010/11/27 00:46:55.0751 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2010/11/27 00:46:55.0767 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2010/11/27 00:46:55.0814 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\DRIVERS\BthEnum.sys
2010/11/27 00:46:55.0845 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2010/11/27 00:46:55.0876 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
2010/11/27 00:46:55.0923 BTHPORT (4a34888e13224678dd062466afec4240) C:\windows\system32\Drivers\BTHport.sys
2010/11/27 00:46:55.0954 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\windows\system32\Drivers\BTHUSB.sys
2010/11/27 00:46:56.0017 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys
2010/11/27 00:46:56.0095 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys
2010/11/27 00:46:56.0141 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys
2010/11/27 00:46:56.0188 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys
2010/11/27 00:46:56.0391 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2010/11/27 00:46:56.0438 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2010/11/27 00:46:56.0485 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2010/11/27 00:46:56.0531 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2010/11/27 00:46:56.0578 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2010/11/27 00:46:56.0594 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2010/11/27 00:46:56.0625 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2010/11/27 00:46:56.0719 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2010/11/27 00:46:56.0765 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2010/11/27 00:46:56.0812 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2010/11/27 00:46:56.0890 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2010/11/27 00:46:56.0937 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2010/11/27 00:46:56.0984 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2010/11/27 00:46:57.0077 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2010/11/27 00:46:57.0124 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
2010/11/27 00:46:57.0218 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2010/11/27 00:46:57.0327 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2010/11/27 00:46:57.0389 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2010/11/27 00:46:57.0452 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2010/11/27 00:46:57.0499 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2010/11/27 00:46:57.0545 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2010/11/27 00:46:57.0577 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2010/11/27 00:46:57.0608 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2010/11/27 00:46:57.0623 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2010/11/27 00:46:57.0655 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2010/11/27 00:46:57.0686 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2010/11/27 00:46:57.0701 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2010/11/27 00:46:57.0811 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
2010/11/27 00:46:57.0842 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2010/11/27 00:46:57.0873 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2010/11/27 00:46:57.0920 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2010/11/27 00:46:57.0967 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2010/11/27 00:46:57.0982 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2010/11/27 00:46:58.0013 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2010/11/27 00:46:58.0091 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2010/11/27 00:46:58.0138 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2010/11/27 00:46:58.0201 hpdskflt (e1d82f0c8456abb03b7df5d623ca47d1) C:\windows\system32\DRIVERS\hpdskflt.sys
2010/11/27 00:46:58.0263 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2010/11/27 00:46:58.0294 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2010/11/27 00:46:58.0341 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2010/11/27 00:46:58.0372 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2010/11/27 00:46:58.0450 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2010/11/27 00:46:58.0481 iaStor (01446278d4563b3013c92830ae6cbb26) C:\windows\system32\DRIVERS\iaStor.sys
2010/11/27 00:46:58.0528 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2010/11/27 00:46:58.0653 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2010/11/27 00:46:58.0793 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2010/11/27 00:46:58.0840 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2010/11/27 00:46:58.0871 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2010/11/27 00:46:58.0918 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2010/11/27 00:46:58.0949 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2010/11/27 00:46:58.0981 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2010/11/27 00:46:59.0027 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2010/11/27 00:46:59.0043 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2010/11/27 00:46:59.0074 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2010/11/27 00:46:59.0090 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2010/11/27 00:46:59.0121 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2010/11/27 00:46:59.0215 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2010/11/27 00:46:59.0246 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
2010/11/27 00:46:59.0324 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2010/11/27 00:46:59.0386 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2010/11/27 00:46:59.0417 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2010/11/27 00:46:59.0433 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2010/11/27 00:46:59.0449 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2010/11/27 00:46:59.0495 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2010/11/27 00:46:59.0573 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2010/11/27 00:46:59.0589 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2010/11/27 00:46:59.0636 MfeAVFK (64b96de8c492bd435372d9130a535f1d) C:\windows\system32\drivers\MfeAVFK.sys
2010/11/27 00:46:59.0651 MfeBOPK (078e87a89d36cc3516f19d5fb518bddc) C:\windows\system32\drivers\MfeBOPK.sys
2010/11/27 00:46:59.0698 mfehidk (168c565101fd5b9db694efdec91fafa9) C:\windows\system32\drivers\mfehidk.sys
2010/11/27 00:46:59.0729 MfeRKDK (e0842f67dc9bc4d21d1e319610ebe9e5) C:\windows\system32\drivers\MfeRKDK.sys
2010/11/27 00:46:59.0761 mfetdik (43a7acbbd70ecd62f0b63486c72089a3) C:\windows\system32\drivers\mfetdik.sys
2010/11/27 00:46:59.0776 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2010/11/27 00:46:59.0823 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2010/11/27 00:46:59.0870 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2010/11/27 00:46:59.0948 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2010/11/27 00:46:59.0979 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2010/11/27 00:47:00.0010 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2010/11/27 00:47:00.0041 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2010/11/27 00:47:00.0073 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2010/11/27 00:47:00.0104 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\windows\system32\DRIVERS\mrxsmb.sys
2010/11/27 00:47:00.0135 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\windows\system32\DRIVERS\mrxsmb10.sys
2010/11/27 00:47:00.0166 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\windows\system32\DRIVERS\mrxsmb20.sys
2010/11/27 00:47:00.0197 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2010/11/27 00:47:00.0229 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2010/11/27 00:47:00.0322 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2010/11/27 00:47:00.0353 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2010/11/27 00:47:00.0369 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2010/11/27 00:47:00.0416 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2010/11/27 00:47:00.0431 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2010/11/27 00:47:00.0447 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2010/11/27 00:47:00.0478 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2010/11/27 00:47:00.0509 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2010/11/27 00:47:00.0541 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2010/11/27 00:47:00.0556 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2010/11/27 00:47:00.0587 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2010/11/27 00:47:00.0634 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2010/11/27 00:47:00.0759 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2010/11/27 00:47:00.0790 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2010/11/27 00:47:00.0837 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2010/11/27 00:47:00.0853 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2010/11/27 00:47:00.0884 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2010/11/27 00:47:00.0915 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2010/11/27 00:47:00.0946 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2010/11/27 00:47:00.0977 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2010/11/27 00:47:01.0180 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
2010/11/27 00:47:01.0258 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2010/11/27 00:47:01.0305 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2010/11/27 00:47:01.0383 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2010/11/27 00:47:01.0430 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
2010/11/27 00:47:01.0477 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2010/11/27 00:47:01.0492 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
2010/11/27 00:47:01.0508 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
2010/11/27 00:47:01.0539 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2010/11/27 00:47:01.0570 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2010/11/27 00:47:01.0633 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2010/11/27 00:47:01.0648 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2010/11/27 00:47:01.0679 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2010/11/27 00:47:01.0757 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2010/11/27 00:47:01.0789 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2010/11/27 00:47:01.0804 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2010/11/27 00:47:01.0851 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2010/11/27 00:47:01.0882 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2010/11/27 00:47:01.0991 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2010/11/27 00:47:02.0023 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2010/11/27 00:47:02.0069 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2010/11/27 00:47:02.0163 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\windows\system32\Drivers\PxHelp20.sys
2010/11/27 00:47:02.0241 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2010/11/27 00:47:02.0303 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2010/11/27 00:47:02.0350 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2010/11/27 00:47:02.0366 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2010/11/27 00:47:02.0413 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2010/11/27 00:47:02.0506 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2010/11/27 00:47:02.0553 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2010/11/27 00:47:02.0569 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2010/11/27 00:47:02.0600 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2010/11/27 00:47:02.0615 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2010/11/27 00:47:02.0647 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2010/11/27 00:47:02.0693 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2010/11/27 00:47:02.0725 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2010/11/27 00:47:02.0740 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2010/11/27 00:47:02.0787 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2010/11/27 00:47:02.0896 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
2010/11/27 00:47:02.0943 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2010/11/27 00:47:03.0005 RsvLock (13335d083935ab88e09c9acc077355b5) C:\windows\system32\drivers\RsvLock.sys
2010/11/27 00:47:03.0037 SafeBoot (062b82fa74c895382ab0784d493c8c9c) C:\windows\system32\drivers\SafeBoot.sys
2010/11/27 00:47:03.0068 SbAlg (c9cb2c392c35cbee2733c836d23dc642) C:\windows\system32\drivers\SbAlg.sys
2010/11/27 00:47:03.0099 SbFsLock (b5a8ecdee930b52fd3ba35700a15ea53) C:\windows\system32\drivers\SbFsLock.sys
2010/11/27 00:47:03.0130 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2010/11/27 00:47:03.0239 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2010/11/27 00:47:03.0286 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2010/11/27 00:47:03.0349 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2010/11/27 00:47:03.0380 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2010/11/27 00:47:03.0411 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2010/11/27 00:47:03.0458 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2010/11/27 00:47:03.0473 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2010/11/27 00:47:03.0489 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2010/11/27 00:47:03.0520 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2010/11/27 00:47:03.0583 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2010/11/27 00:47:03.0676 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2010/11/27 00:47:03.0692 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2010/11/27 00:47:03.0739 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2010/11/27 00:47:03.0770 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2010/11/27 00:47:03.0863 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
2010/11/27 00:47:03.0988 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\windows\system32\drivers\sp_rsdrv2.sys
2010/11/27 00:47:04.0035 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\windows\system32\DRIVERS\srv.sys
2010/11/27 00:47:04.0082 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\windows\system32\DRIVERS\srv2.sys
2010/11/27 00:47:04.0113 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\windows\system32\DRIVERS\srvnet.sys
2010/11/27 00:47:04.0160 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2010/11/27 00:47:04.0207 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2010/11/27 00:47:04.0300 SynTP (1de40024679cde0e573465253519730e) C:\windows\system32\DRIVERS\SynTP.sys
2010/11/27 00:47:04.0394 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\drivers\tcpip.sys
2010/11/27 00:47:04.0441 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\DRIVERS\tcpip.sys
2010/11/27 00:47:04.0503 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2010/11/27 00:47:04.0534 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2010/11/27 00:47:04.0565 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2010/11/27 00:47:04.0597 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2010/11/27 00:47:04.0628 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2010/11/27 00:47:04.0737 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys
2010/11/27 00:47:04.0784 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2010/11/27 00:47:04.0831 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2010/11/27 00:47:04.0862 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2010/11/27 00:47:04.0893 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
2010/11/27 00:47:04.0955 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2010/11/27 00:47:05.0002 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2010/11/27 00:47:05.0033 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2010/11/27 00:47:05.0096 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
2010/11/27 00:47:05.0127 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2010/11/27 00:47:05.0158 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
2010/11/27 00:47:05.0174 usbhub (0db84eda895894ba222e27acf597c806) C:\windows\system32\DRIVERS\usbhub.sys
2010/11/27 00:47:05.0189 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2010/11/27 00:47:05.0221 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2010/11/27 00:47:05.0236 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
2010/11/27 00:47:05.0252 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
2010/11/27 00:47:05.0299 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
2010/11/27 00:47:05.0345 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2010/11/27 00:47:05.0377 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2010/11/27 00:47:05.0423 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2010/11/27 00:47:05.0455 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2010/11/27 00:47:05.0501 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2010/11/27 00:47:05.0548 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2010/11/27 00:47:05.0611 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2010/11/27 00:47:05.0642 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2010/11/27 00:47:05.0673 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2010/11/27 00:47:05.0704 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2010/11/27 00:47:05.0751 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2010/11/27 00:47:05.0798 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2010/11/27 00:47:05.0845 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2010/11/27 00:47:05.0923 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
2010/11/27 00:47:05.0985 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2010/11/27 00:47:06.0016 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2010/11/27 00:47:06.0032 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2010/11/27 00:47:06.0110 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2010/11/27 00:47:06.0141 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2010/11/27 00:47:06.0219 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2010/11/27 00:47:06.0235 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2010/11/27 00:47:06.0375 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
2010/11/27 00:47:06.0406 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2010/11/27 00:47:06.0469 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2010/11/27 00:47:06.0531 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2010/11/27 00:47:06.0562 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
2010/11/27 00:47:06.0640 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\windows\system32\DRIVERS\yk62x86.sys
2010/11/27 00:47:06.0703 ================================================================================
2010/11/27 00:47:06.0703 Scan finished
2010/11/27 00:47:06.0703 ================================================================================
2010/11/27 00:57:34.0011 Deinitialize success

zjewka · #9 Příspěvek od **zjewka** » 27 lis 2010 01:29

Dobry vecer,
tak jsem zkusila spustit toho tdsskiler v nouzovem rezimu. V 13 s. to bylo zkontrolovano, ale nenaslo to nic. Ale vidim,jak se to tam v tom ss cykli - predtim se to cyklilo v bz, ale to vy asi nejspis vidite v tech log taky. Nemyslim si, ze by bylo nejchytrejsi vracet ten combofix zpatky,protoze to vymazalo jednu bestii a asi ji nechci obnovit

Ty logy delam tak, ze to vypaluju na cd a kopiruju pres pocitac myho pritele. To je asi to jediny, co na tom kompu delat muzu, ale vzdycky mi to tam automaticky vyhazuje do fronty, vypalyt desktop. A nechci, aby to jeho pocitac chytil taky. Asi by ze me udelal 4 maly do skolky

Ale vidim tu uplne jiny cas,nez jsem ten log delala. Ta kontrola probehla 27. 11. 2010 chvili po pulnoci. Mam pocit,ze cokoliv otevru,ta bestie ma k tomu pak pristup. Ale mozna jsem jen trochu paranoidni

Tady je log tdsskiller:
2010/11/27 00:44:36.0038 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/27 00:44:36.0038 ================================================================================
2010/11/27 00:44:36.0038 SystemInfo:
2010/11/27 00:44:36.0038
2010/11/27 00:44:36.0038 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/27 00:44:36.0038 Product type: Workstation
2010/11/27 00:44:36.0038 ComputerName: GIBBON-HP
2010/11/27 00:44:36.0038 UserName: gibbon
2010/11/27 00:44:36.0038 Windows directory: C:\windows
2010/11/27 00:44:36.0038 System windows directory: C:\windows
2010/11/27 00:44:36.0038 Processor architecture: Intel x86
2010/11/27 00:44:36.0038 Number of processors: 2
2010/11/27 00:44:36.0038 Page size: 0x1000
2010/11/27 00:44:36.0038 Boot type: Safe boot
2010/11/27 00:44:36.0038 ================================================================================
2010/11/27 00:44:36.0350 Initialize success
2010/11/27 00:46:53.0209 ================================================================================
2010/11/27 00:46:53.0209 Scan started
2010/11/27 00:46:53.0209 Mode: Manual;
2010/11/27 00:46:53.0209 ================================================================================
2010/11/27 00:46:53.0552 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys
2010/11/27 00:46:53.0614 5U876UVC (080a40550fb95a328917512f3f5a0409) C:\windows\system32\DRIVERS\5U876.sys
2010/11/27 00:46:53.0661 Accelerometer (4df5e6215a102a192b2b6dbb61f2fba5) C:\windows\system32\DRIVERS\Accelerometer.sys
2010/11/27 00:46:53.0723 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys
2010/11/27 00:46:53.0770 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys
2010/11/27 00:46:53.0848 ADIHdAudAddService (6c61bceb60c2c187e6f96001fd69493e) C:\windows\system32\drivers\ADIHdAud.sys
2010/11/27 00:46:53.0973 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
2010/11/27 00:46:54.0004 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
2010/11/27 00:46:54.0035 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
2010/11/27 00:46:54.0113 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys
2010/11/27 00:46:54.0145 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys
2010/11/27 00:46:54.0176 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
2010/11/27 00:46:54.0223 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys
2010/11/27 00:46:54.0285 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys
2010/11/27 00:46:54.0316 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys
2010/11/27 00:46:54.0394 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
2010/11/27 00:46:54.0425 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
2010/11/27 00:46:54.0472 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys
2010/11/27 00:46:54.0503 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
2010/11/27 00:46:54.0519 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys
2010/11/27 00:46:54.0550 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys
2010/11/27 00:46:54.0597 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
2010/11/27 00:46:54.0613 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
2010/11/27 00:46:54.0706 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
2010/11/27 00:46:54.0769 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys
2010/11/27 00:46:54.0847 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys
2010/11/27 00:46:54.0893 AtiHdmiService (e2398389648b5d44dc63ca43fdd5b3f8) C:\windows\system32\drivers\AtiHdmi.sys
2010/11/27 00:46:55.0018 atikmdag (a4252328d2b1520571102992ef0b0e5c) C:\windows\system32\DRIVERS\atikmdag.sys
2010/11/27 00:46:55.0159 ATSwpWDF (1ec637725aebe586508626ba50af3324) C:\windows\system32\Drivers\ATSwpWDF.sys
2010/11/27 00:46:55.0237 AVG Anti-Rootkit (e8054a423e5d2bdae6062bab6da159c4) C:\windows\system32\DRIVERS\avgarkt.sys
2010/11/27 00:46:55.0268 AvgArCln (ec08d1625f5c6cf2a57b79eb35186f8c) C:\windows\system32\DRIVERS\AvgArCln.sys
2010/11/27 00:46:55.0330 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
2010/11/27 00:46:55.0424 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
2010/11/27 00:46:55.0471 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
2010/11/27 00:46:55.0517 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
2010/11/27 00:46:55.0549 bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys
2010/11/27 00:46:55.0580 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
2010/11/27 00:46:55.0611 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
2010/11/27 00:46:55.0658 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
2010/11/27 00:46:55.0689 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
2010/11/27 00:46:55.0751 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
2010/11/27 00:46:55.0767 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
2010/11/27 00:46:55.0814 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\DRIVERS\BthEnum.sys
2010/11/27 00:46:55.0845 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
2010/11/27 00:46:55.0876 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys
2010/11/27 00:46:55.0923 BTHPORT (4a34888e13224678dd062466afec4240) C:\windows\system32\Drivers\BTHport.sys
2010/11/27 00:46:55.0954 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\windows\system32\Drivers\BTHUSB.sys
2010/11/27 00:46:56.0017 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\windows\system32\drivers\btwaudio.sys
2010/11/27 00:46:56.0095 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\windows\system32\DRIVERS\btwavdt.sys
2010/11/27 00:46:56.0141 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys
2010/11/27 00:46:56.0188 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\windows\system32\DRIVERS\btwrchid.sys
2010/11/27 00:46:56.0391 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
2010/11/27 00:46:56.0438 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys
2010/11/27 00:46:56.0485 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
2010/11/27 00:46:56.0531 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
2010/11/27 00:46:56.0578 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
2010/11/27 00:46:56.0594 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys
2010/11/27 00:46:56.0625 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
2010/11/27 00:46:56.0719 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
2010/11/27 00:46:56.0765 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys
2010/11/27 00:46:56.0812 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
2010/11/27 00:46:56.0890 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys
2010/11/27 00:46:56.0937 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
2010/11/27 00:46:56.0984 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
2010/11/27 00:46:57.0077 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
2010/11/27 00:46:57.0124 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys
2010/11/27 00:46:57.0218 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
2010/11/27 00:46:57.0327 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
2010/11/27 00:46:57.0389 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys
2010/11/27 00:46:57.0452 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
2010/11/27 00:46:57.0499 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
2010/11/27 00:46:57.0545 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
2010/11/27 00:46:57.0577 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
2010/11/27 00:46:57.0608 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
2010/11/27 00:46:57.0623 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
2010/11/27 00:46:57.0655 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
2010/11/27 00:46:57.0686 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
2010/11/27 00:46:57.0701 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
2010/11/27 00:46:57.0811 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys
2010/11/27 00:46:57.0842 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
2010/11/27 00:46:57.0873 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
2010/11/27 00:46:57.0920 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys
2010/11/27 00:46:57.0967 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys
2010/11/27 00:46:57.0982 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
2010/11/27 00:46:58.0013 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
2010/11/27 00:46:58.0091 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
2010/11/27 00:46:58.0138 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys
2010/11/27 00:46:58.0201 hpdskflt (e1d82f0c8456abb03b7df5d623ca47d1) C:\windows\system32\DRIVERS\hpdskflt.sys
2010/11/27 00:46:58.0263 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
2010/11/27 00:46:58.0294 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys
2010/11/27 00:46:58.0341 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys
2010/11/27 00:46:58.0372 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys
2010/11/27 00:46:58.0450 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys
2010/11/27 00:46:58.0481 iaStor (01446278d4563b3013c92830ae6cbb26) C:\windows\system32\DRIVERS\iaStor.sys
2010/11/27 00:46:58.0528 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys
2010/11/27 00:46:58.0653 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys
2010/11/27 00:46:58.0793 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
2010/11/27 00:46:58.0840 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys
2010/11/27 00:46:58.0871 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
2010/11/27 00:46:58.0918 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
2010/11/27 00:46:58.0949 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys
2010/11/27 00:46:58.0981 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
2010/11/27 00:46:59.0027 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
2010/11/27 00:46:59.0043 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys
2010/11/27 00:46:59.0074 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys
2010/11/27 00:46:59.0090 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys
2010/11/27 00:46:59.0121 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys
2010/11/27 00:46:59.0215 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys
2010/11/27 00:46:59.0246 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys
2010/11/27 00:46:59.0324 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
2010/11/27 00:46:59.0386 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
2010/11/27 00:46:59.0417 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
2010/11/27 00:46:59.0433 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
2010/11/27 00:46:59.0449 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
2010/11/27 00:46:59.0495 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
2010/11/27 00:46:59.0573 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
2010/11/27 00:46:59.0589 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
2010/11/27 00:46:59.0636 MfeAVFK (64b96de8c492bd435372d9130a535f1d) C:\windows\system32\drivers\MfeAVFK.sys
2010/11/27 00:46:59.0651 MfeBOPK (078e87a89d36cc3516f19d5fb518bddc) C:\windows\system32\drivers\MfeBOPK.sys
2010/11/27 00:46:59.0698 mfehidk (168c565101fd5b9db694efdec91fafa9) C:\windows\system32\drivers\mfehidk.sys
2010/11/27 00:46:59.0729 MfeRKDK (e0842f67dc9bc4d21d1e319610ebe9e5) C:\windows\system32\drivers\MfeRKDK.sys
2010/11/27 00:46:59.0761 mfetdik (43a7acbbd70ecd62f0b63486c72089a3) C:\windows\system32\drivers\mfetdik.sys
2010/11/27 00:46:59.0776 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
2010/11/27 00:46:59.0823 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
2010/11/27 00:46:59.0870 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys
2010/11/27 00:46:59.0948 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
2010/11/27 00:46:59.0979 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys
2010/11/27 00:47:00.0010 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys
2010/11/27 00:47:00.0041 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
2010/11/27 00:47:00.0073 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys
2010/11/27 00:47:00.0104 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) C:\windows\system32\DRIVERS\mrxsmb.sys
2010/11/27 00:47:00.0135 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) C:\windows\system32\DRIVERS\mrxsmb10.sys
2010/11/27 00:47:00.0166 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) C:\windows\system32\DRIVERS\mrxsmb20.sys
2010/11/27 00:47:00.0197 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys
2010/11/27 00:47:00.0229 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys
2010/11/27 00:47:00.0322 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
2010/11/27 00:47:00.0353 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
2010/11/27 00:47:00.0369 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys
2010/11/27 00:47:00.0416 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
2010/11/27 00:47:00.0431 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
2010/11/27 00:47:00.0447 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
2010/11/27 00:47:00.0478 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
2010/11/27 00:47:00.0509 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys
2010/11/27 00:47:00.0541 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
2010/11/27 00:47:00.0556 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
2010/11/27 00:47:00.0587 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
2010/11/27 00:47:00.0634 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
2010/11/27 00:47:00.0759 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys
2010/11/27 00:47:00.0790 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
2010/11/27 00:47:00.0837 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
2010/11/27 00:47:00.0853 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys
2010/11/27 00:47:00.0884 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys
2010/11/27 00:47:00.0915 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys
2010/11/27 00:47:00.0946 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
2010/11/27 00:47:00.0977 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys
2010/11/27 00:47:01.0180 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\windows\system32\DRIVERS\netw5v32.sys
2010/11/27 00:47:01.0258 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
2010/11/27 00:47:01.0305 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
2010/11/27 00:47:01.0383 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
2010/11/27 00:47:01.0430 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys
2010/11/27 00:47:01.0477 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
2010/11/27 00:47:01.0492 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys
2010/11/27 00:47:01.0508 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys
2010/11/27 00:47:01.0539 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys
2010/11/27 00:47:01.0570 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys
2010/11/27 00:47:01.0633 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
2010/11/27 00:47:01.0648 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys
2010/11/27 00:47:01.0679 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
2010/11/27 00:47:01.0757 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys
2010/11/27 00:47:01.0789 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys
2010/11/27 00:47:01.0804 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
2010/11/27 00:47:01.0851 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
2010/11/27 00:47:01.0882 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
2010/11/27 00:47:01.0991 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
2010/11/27 00:47:02.0023 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
2010/11/27 00:47:02.0069 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
2010/11/27 00:47:02.0163 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\windows\system32\Drivers\PxHelp20.sys
2010/11/27 00:47:02.0241 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
2010/11/27 00:47:02.0303 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
2010/11/27 00:47:02.0350 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
2010/11/27 00:47:02.0366 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
2010/11/27 00:47:02.0413 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
2010/11/27 00:47:02.0506 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
2010/11/27 00:47:02.0553 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
2010/11/27 00:47:02.0569 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
2010/11/27 00:47:02.0600 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys
2010/11/27 00:47:02.0615 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
2010/11/27 00:47:02.0647 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys
2010/11/27 00:47:02.0693 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
2010/11/27 00:47:02.0725 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
2010/11/27 00:47:02.0740 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys
2010/11/27 00:47:02.0787 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys
2010/11/27 00:47:02.0896 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys
2010/11/27 00:47:02.0943 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
2010/11/27 00:47:03.0005 RsvLock (13335d083935ab88e09c9acc077355b5) C:\windows\system32\drivers\RsvLock.sys
2010/11/27 00:47:03.0037 SafeBoot (062b82fa74c895382ab0784d493c8c9c) C:\windows\system32\drivers\SafeBoot.sys
2010/11/27 00:47:03.0068 SbAlg (c9cb2c392c35cbee2733c836d23dc642) C:\windows\system32\drivers\SbAlg.sys
2010/11/27 00:47:03.0099 SbFsLock (b5a8ecdee930b52fd3ba35700a15ea53) C:\windows\system32\drivers\SbFsLock.sys
2010/11/27 00:47:03.0130 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys
2010/11/27 00:47:03.0239 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys
2010/11/27 00:47:03.0286 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
2010/11/27 00:47:03.0349 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
2010/11/27 00:47:03.0380 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
2010/11/27 00:47:03.0411 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
2010/11/27 00:47:03.0458 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys
2010/11/27 00:47:03.0473 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys
2010/11/27 00:47:03.0489 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys
2010/11/27 00:47:03.0520 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
2010/11/27 00:47:03.0583 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys
2010/11/27 00:47:03.0676 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
2010/11/27 00:47:03.0692 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
2010/11/27 00:47:03.0739 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
2010/11/27 00:47:03.0770 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
2010/11/27 00:47:03.0863 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
2010/11/27 00:47:03.0988 sp_rsdrv2 (8831252bcf05fcfb5abd116a22e552d8) C:\windows\system32\drivers\sp_rsdrv2.sys
2010/11/27 00:47:04.0035 srv (2dbedfb1853f06110ec2aa7f3213c89f) C:\windows\system32\DRIVERS\srv.sys
2010/11/27 00:47:04.0082 srv2 (db37131d1027c50ea7ee21c8bb4536aa) C:\windows\system32\DRIVERS\srv2.sys
2010/11/27 00:47:04.0113 srvnet (f5980b74124db9233b33f86fc5ebbb4f) C:\windows\system32\DRIVERS\srvnet.sys
2010/11/27 00:47:04.0160 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
2010/11/27 00:47:04.0207 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys
2010/11/27 00:47:04.0300 SynTP (1de40024679cde0e573465253519730e) C:\windows\system32\DRIVERS\SynTP.sys
2010/11/27 00:47:04.0394 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\drivers\tcpip.sys
2010/11/27 00:47:04.0441 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\windows\system32\DRIVERS\tcpip.sys
2010/11/27 00:47:04.0503 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys
2010/11/27 00:47:04.0534 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys
2010/11/27 00:47:04.0565 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys
2010/11/27 00:47:04.0597 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys
2010/11/27 00:47:04.0628 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys
2010/11/27 00:47:04.0737 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys
2010/11/27 00:47:04.0784 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys
2010/11/27 00:47:04.0831 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys
2010/11/27 00:47:04.0862 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
2010/11/27 00:47:04.0893 udfs (eb0a7bd4d471ac3ce55564a4c55b9d8e) C:\windows\system32\DRIVERS\udfs.sys
2010/11/27 00:47:04.0955 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys
2010/11/27 00:47:05.0002 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys
2010/11/27 00:47:05.0033 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
2010/11/27 00:47:05.0096 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys
2010/11/27 00:47:05.0127 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys
2010/11/27 00:47:05.0158 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys
2010/11/27 00:47:05.0174 usbhub (0db84eda895894ba222e27acf597c806) C:\windows\system32\DRIVERS\usbhub.sys
2010/11/27 00:47:05.0189 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys
2010/11/27 00:47:05.0221 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
2010/11/27 00:47:05.0236 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS
2010/11/27 00:47:05.0252 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys
2010/11/27 00:47:05.0299 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys
2010/11/27 00:47:05.0345 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys
2010/11/27 00:47:05.0377 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
2010/11/27 00:47:05.0423 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
2010/11/27 00:47:05.0455 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys
2010/11/27 00:47:05.0501 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys
2010/11/27 00:47:05.0548 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
2010/11/27 00:47:05.0611 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys
2010/11/27 00:47:05.0642 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys
2010/11/27 00:47:05.0673 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
2010/11/27 00:47:05.0704 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys
2010/11/27 00:47:05.0751 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
2010/11/27 00:47:05.0798 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
2010/11/27 00:47:05.0845 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
2010/11/27 00:47:05.0923 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys
2010/11/27 00:47:05.0985 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
2010/11/27 00:47:06.0016 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2010/11/27 00:47:06.0032 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys
2010/11/27 00:47:06.0110 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
2010/11/27 00:47:06.0141 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
2010/11/27 00:47:06.0219 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
2010/11/27 00:47:06.0235 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
2010/11/27 00:47:06.0375 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys
2010/11/27 00:47:06.0406 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys
2010/11/27 00:47:06.0469 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
2010/11/27 00:47:06.0531 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys
2010/11/27 00:47:06.0562 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys
2010/11/27 00:47:06.0640 yukonw7 (b07c5b7efdf936ff93d4f540938725be) C:\windows\system32\DRIVERS\yk62x86.sys
2010/11/27 00:47:06.0703 ================================================================================
2010/11/27 00:47:06.0703 Scan finished
2010/11/27 00:47:06.0703 ================================================================================
2010/11/27 00:57:34.0011 Deinitialize success

#10 Příspěvek od **motji** » 27 lis 2010 09:30

Vydržte chvilku, budete tam mít schovanou nějakou pořádnou potvoru.

Start - spustit - do řádku napište

sc stop QHAQSY
enter
sc delete QHAQSY
enter

odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC

Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu

start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde [/quote]

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

VIRY.CZ

Přestala mi fungovat wifi,asi nějaký rootkit...

Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...

Re: Přestala mi fungovat wifi,asi nějaký rootkit...