VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomaly PC, vypadavanie netu po 5min...

https://forum.viry.cz:443/viewtopic.php?t=108218

Stránka 1 z 1

Pomaly PC, vypadavanie netu po 5min...

Napsal: 06 led 2011 14:02
od tomas.salat
Dobry den,

mam mensi problem, cely NB je strasne pomaly hlavne pri starte a internet nanom vypada konstantne asi 5min po starte, za akukolvek radu dakzjem.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-12-06 14:03:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (30%) free of 153 GB
Total RAM: 2047 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:03:04, on 6.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21295)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\ASUSTPE.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Desktop\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [MultiFrame] C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - HKCU\..\Run: [ASUSTPE] C:\WINDOWS\system32\ASUSTPE.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
O4 - Startup: CCC.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Fujitech\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Bluetooth\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 1584950859
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1584934531
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 8387 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-06-29 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ACU"=C:\Program Files\Atheros\ACU.exe [2007-05-03 376921]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"PowerForPhone"=C:\Program Files\PowerForPhone\PowerForPhone.exe [2007-01-15 778240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-07-10 851968]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-03-14 54832]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
"ASUSTPE"=C:\WINDOWS\system32\ASUSTPE.exe [2006-10-14 69632]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-06 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-03-30 200064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-06-24 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Kpt51.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\scoqzrvg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Kpt51.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\scoqzrvg]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Administrator\temp\TeamViewer3\TeamViewer.exe"="C:\Documents and Settings\Administrator\temp\TeamViewer3\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe"="C:\Program Files\EA GAMES\Battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Administrator\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="C:\Program Files\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Disabled:biahh"
"C:\Program Files\Valve\hlds.exe"="C:\Program Files\Valve\hlds.exe:*:Disabled:HLDS Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-12-06 13:57:10 ----D---- C:\rsit
2010-12-06 13:57:10 ----D---- C:\Program Files\trend micro
2010-12-06 13:51:59 ----D---- C:\WINDOWS\temp
2010-12-06 13:51:57 ----A---- C:\ComboFix.txt
2010-12-06 13:41:14 ----D---- C:\Config.Msi
2010-12-06 13:33:59 ----A---- C:\WINDOWS\system32\antiwpa.dll
2010-12-06 13:31:52 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2010-12-06 13:28:07 ----D---- C:\WINDOWS\LastGood
2010-12-06 13:13:19 ----D---- C:\WINDOWS\system32\XPSViewer
2010-12-06 13:13:14 ----D---- C:\Program Files\MSBuild
2010-12-06 13:13:03 ----D---- C:\Program Files\Reference Assemblies
2010-12-06 13:12:24 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-12-06 13:12:23 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-12-06 13:12:23 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-12-06 13:12:23 ----D---- C:\43913b14f6117f08ae8437f8
2010-12-06 13:11:55 ----D---- C:\WINDOWS\SxsCaPendDel
2010-12-06 12:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-06 12:12:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-06 12:12:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-06 12:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-12-06 12:12:09 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-12-06 12:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-12-06 12:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-12-06 12:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-12-06 12:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-12-06 12:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-12-06 12:10:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-12-06 12:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-12-06 12:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-12-06 12:10:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-12-06 12:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-12-06 12:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-12-06 12:09:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-12-06 12:09:13 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-12-06 12:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-12-06 12:08:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-12-06 12:08:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-12-06 12:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-12-06 12:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-12-06 12:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-12-06 12:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-12-06 12:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-12-06 12:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-12-06 12:06:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-12-06 12:06:45 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-12-06 12:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-12-06 12:06:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-12-06 12:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-12-06 12:06:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-12-06 12:05:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-12-06 12:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-12-06 12:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-12-06 12:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-12-06 12:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-12-06 12:04:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-12-06 12:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-12-06 12:04:24 ----D---- C:\WINDOWS\system32\KB905474
2010-12-06 12:04:00 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-12-06 12:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-12-06 02:02:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-12-06 02:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-12-06 01:59:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-12-06 01:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-12-06 01:57:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-12-06 01:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-12-06 01:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-12-06 01:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-12-06 01:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-12-06 01:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-12-06 01:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-12-06 01:48:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-06 01:47:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-12-06 01:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-12-06 01:45:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-12-06 01:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-12-06 01:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-12-06 01:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-12-06 01:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-06 01:41:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-12-06 01:41:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-12-06 01:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-12-06 01:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-12-06 01:33:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-12-06 01:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-12-06 01:26:56 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-12-06 01:25:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-12-06 01:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-12-06 01:19:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-12-06 01:19:07 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-12-06 01:05:05 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-12-06 00:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-12-06 00:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-06 00:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-12-06 00:53:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-12-06 00:53:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-12-06 00:53:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-06 00:53:18 ----A---- C:\WINDOWS\imsins.BAK
2010-12-06 00:53:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-12-05 23:17:39 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2010-12-05 22:50:15 ----A---- C:\WINDOWS\system32\acovcnt.exe
2010-12-05 22:36:56 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-12-05 22:34:42 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-12-05 22:17:53 ----D---- C:\Program Files\Defraggler
2010-12-05 22:08:22 ----D---- C:\WINDOWS\pss
2010-12-05 21:54:03 ----A---- C:\WINDOWS\PEV.exe
2010-12-05 21:54:03 ----A---- C:\WINDOWS\MBR.exe
2010-12-05 21:48:37 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 1 months======

2010-12-08 21:34:08 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-06 13:59:22 ----RD---- C:\Program Files
2010-12-06 13:59:21 ----SHD---- C:\WINDOWS\Installer
2010-12-06 13:51:59 ----D---- C:\WINDOWS
2010-12-06 13:51:58 ----D---- C:\QooBox
2010-12-06 13:50:16 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-06 13:50:06 ----RSD---- C:\WINDOWS\assembly
2010-12-06 13:48:22 ----A---- C:\WINDOWS\system.ini
2010-12-06 13:47:49 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-06 13:45:36 ----D---- C:\WINDOWS\system32\drivers
2010-12-06 13:45:36 ----D---- C:\WINDOWS\system32
2010-12-06 13:45:36 ----D---- C:\WINDOWS\AppPatch
2010-12-06 13:45:32 ----D---- C:\Program Files\Common Files
2010-12-06 13:41:28 ----A---- C:\WINDOWS\wincmd.ini
2010-12-06 13:39:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-06 13:38:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-06 13:38:23 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2010-12-06 13:38:06 ----D---- C:\WINDOWS\Prefetch
2010-12-06 13:37:57 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-12-06 13:30:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-12-06 13:30:35 ----SD---- C:\WINDOWS\Tasks
2010-12-06 13:29:56 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-06 13:29:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-06 13:29:38 ----D---- C:\WINDOWS\system32\config
2010-12-06 13:28:23 ----HD---- C:\WINDOWS\inf
2010-12-06 13:26:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-06 13:17:01 ----D---- C:\WINDOWS\WinSxS
2010-12-06 13:13:11 ----D---- C:\WINDOWS\system32\en-us
2010-12-06 13:13:09 ----RSD---- C:\WINDOWS\Fonts
2010-12-06 13:12:41 ----D---- C:\WINDOWS\system32\spool
2010-12-06 13:09:40 ----D---- C:\WINDOWS\system32\mui
2010-12-06 13:05:08 ----A---- C:\WINDOWS\NeroDigital.ini
2010-12-06 12:12:56 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-06 12:09:35 ----D---- C:\Program Files\Outlook Express
2010-12-06 08:46:03 ----D---- C:\WINDOWS\system32\wbem
2010-12-06 02:04:54 ----A---- C:\WINDOWS\win.ini
2010-12-06 01:51:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-12-06 01:26:58 ----D---- C:\Program Files\Movie Maker
2010-12-06 01:24:42 ----D---- C:\Program Files\Internet Explorer
2010-12-05 22:43:24 ----D---- C:\Program Files\ASUS
2010-12-05 22:40:34 ----SH---- C:\boot.ini
2010-12-05 22:38:12 ----D---- C:\WINDOWS\SoftwareDistribution
2010-12-05 22:37:25 ----D---- C:\WINDOWS\Help
2010-12-05 22:34:42 ----D---- C:\Program Files\ESET
2010-12-05 22:11:24 ----D---- C:\Program Files\CCleaner
2010-12-05 22:06:29 ----D---- C:\WINDOWS\erdnt
2010-12-05 21:59:24 ----D---- C:\Program Files\ICQ6.5
2010-12-05 21:46:55 ----D---- C:\WINDOWS\Debug
2010-12-05 21:46:53 ----D---- C:\WINDOWS\Minidump
2010-12-05 21:40:18 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-12-05 21:38:01 ----D---- C:\Documents and Settings\Administrator\Application Data\My Battle for Middle-earth(tm) II Files
2010-12-05 21:37:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-05 21:29:54 ----D---- C:\Documents and Settings\Administrator\Application Data\Skype
2010-12-05 21:28:50 ----D---- C:\Documents and Settings\Administrator\Application Data\skypePM
2010-11-18 19:12:44 ----A---- C:\WINDOWS\system32\isign32.dll
2010-11-12 09:07:38 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-03-31 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-06-24 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-06-24 62336]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-02 546976]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-06 1972736]
R3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 RTSTOR;USB Mass Stroage Device; C:\WINDOWS\system32\drivers\RTSTOR.SYS [2007-01-15 34816]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-03-28 57024]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 scoqzrvg;scoqzrvg; C:\WINDOWS\system32\drivers\scoqzrvg.sys [2010-10-18 82944]
S3 a016bus;Sony Ericsson Device A016 driver (WDM); C:\WINDOWS\system32\DRIVERS\a016bus.sys [2008-01-18 83880]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter; C:\WINDOWS\system32\DRIVERS\a016mdfl.sys [2008-01-18 15016]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\a016mdm.sys [2008-01-18 110504]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\a016mgmt.sys [2008-01-18 104488]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\a016obex.sys [2008-01-18 100648]
S3 a7a3e3i9;a7a3e3i9; C:\WINDOWS\system32\drivers\a7a3e3i9.sys []
S3 amqzrwxk;amqzrwxk; \??\C:\WINDOWS\System32\Drivers\amqzrwxk.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 diqosvhs;diqosvhs; \??\C:\WINDOWS\System32\Drivers\diqosvhs.sys []
S3 fcevsmrt;fcevsmrt; \??\C:\WINDOWS\System32\Drivers\fcevsmrt.sys []
S3 hsitivou;hsitivou; \??\C:\WINDOWS\System32\Drivers\hsitivou.sys []
S3 iextaoxg;iextaoxg; \??\C:\WINDOWS\System32\Drivers\iextaoxg.sys []
S3 iqofgpnb;iqofgpnb; \??\C:\WINDOWS\System32\Drivers\iqofgpnb.sys []
S3 jhhcewhb;jhhcewhb; \??\C:\WINDOWS\System32\Drivers\jhhcewhb.sys []
S3 Kpt51;Kpt51; \??\C:\WINDOWS\System32\drivers\Kpt51.sys []
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mwgnzccl;mwgnzccl; \??\C:\WINDOWS\System32\Drivers\mwgnzccl.sys []
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 ncnhpprp;ncnhpprp; \??\C:\WINDOWS\System32\Drivers\ncnhpprp.sys []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 odtqkqix;odtqkqix; \??\C:\WINDOWS\System32\Drivers\odtqkqix.sys []
S3 pomkhjmx;pomkhjmx; \??\C:\WINDOWS\System32\Drivers\pomkhjmx.sys []
S3 qiefgyih;qiefgyih; \??\C:\WINDOWS\System32\Drivers\qiefgyih.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 rtxhexiv;rtxhexiv; \??\C:\WINDOWS\System32\Drivers\rtxhexiv.sys []
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\WINDOWS\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\WINDOWS\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 sdgvcrxq;sdgvcrxq; \??\C:\WINDOWS\System32\Drivers\sdgvcrxq.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscipkfe;sscipkfe; \??\C:\WINDOWS\System32\Drivers\sscipkfe.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tfxveqlt;tfxveqlt; \??\C:\WINDOWS\System32\Drivers\tfxveqlt.sys []
S3 Tosrfcom;Tosrfcom; C:\WINDOWS\system32\drivers\Tosrfcom.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 vtaehvpw;vtaehvpw; \??\C:\WINDOWS\System32\Drivers\vtaehvpw.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2007-06-24 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-06-24 82944]
S3 xmhwfibj;xmhwfibj; \??\C:\WINDOWS\System32\Drivers\xmhwfibj.sys []
S3 ysqferpx;ysqferpx; \??\C:\WINDOWS\System32\Drivers\ysqferpx.sys []
S3 zljdrbkm;zljdrbkm; \??\C:\WINDOWS\System32\Drivers\zljdrbkm.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-05-03 364629]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-06 446464]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-05-14 272024]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\WINDOWS\System32\StkCSrv.exe [2007-04-18 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2007-11-30 26488]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 06 led 2011 16:58
od stell
zdravim
PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 06 led 2011 21:37
od tomas.salat
Prikladam:

ComboFix 11-01-06.02 - Administrator 06.12.2010 21:29:49.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1457 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\common.data

.
((((((((((((((((((((((((( Files Created from 2010-11-06 to 2010-12-06 )))))))))))))))))))))))))))))))
.

2010-12-06 20:27 . 2010-12-06 20: ----a-w- c:\temp\ComboFix.exe
2010-12-06 20:18 . 2008-02-14 18:04 5376 ----a-w- c:\windows\system32\antiwpa.dll
2010-12-06 13:57 . 2010-12-06 13:57 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-12-06 13:57 . 2010-12-06 13:57 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2010-12-06 13:57 . 2010-12-06 13:58 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-12-06 13:51 . 2010-11-03 17:15 359016 ----a-w- c:\windows\vncutil.exe
2010-12-06 13:51 . 2010-11-11 12:27 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-12-06 13:51 . 2010-11-03 17:14 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-12-06 13:51 . 2009-11-18 06: ----a-w- c:\windows\system32\drivers\Monfilt.sys
2010-12-06 13:51 . 2009-11-18 06: ----a-w- c:\windows\system32\drivers\Ambfilt.sys
2010-12-06 13:48 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-12-06 13:45 . 2010-11-05 15:47 1938272 ----a-w- c:\windows\system32\drivers\athw.sys
2010-12-06 13:43 . 2010-12-06 13:43 -------- d-----w- c:\windows\system32\sda
2010-12-06 13:43 . 2010-10-29 22:11 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-12-06 13:43 . 2010-10-29 22:11 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-12-06 13:43 . 2010-10-29 22:11 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2010-12-06 13:14 . 2010-12-06 13:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Desktop Search
2010-12-06 13:13 . 2010-12-06 13:13 -------- d-----w- c:\program files\Windows Desktop Search
2010-12-06 13:13 . 2010-12-06 13:13 -------- d-----w- c:\windows\system32\GroupPolicy
2010-12-06 13:12 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-12-06 13:12 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-12-06 13:12 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-12-06 13:09 . 2010-12-06 13:09 -------- d-----w- c:\program files\Driver-Soft
2010-12-06 12:57 . 2010-12-06 13:03 -------- d-----w- c:\program files\trend micro
2010-12-06 12:57 . 2010-12-06 12:59 -------- d-----w- C:\rsit
2010-12-06 12:31 . 2010-12-06 12:31 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2010-12-06 12:13 . 2010-12-06 12:13 -------- d-----w- c:\windows\system32\XPSViewer
2010-12-06 12:13 . 2010-12-06 12:13 -------- d-----w- c:\program files\MSBuild
2010-12-06 12:13 . 2010-12-06 12:13 -------- d-----w- c:\program files\Reference Assemblies
2010-12-06 12:12 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-12-06 12:12 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-12-06 12:12 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-12-06 12:12 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-12-06 12:12 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-12-06 12:12 . 2010-12-06 12:12 -------- d-----w- C:\43913b14f6117f08ae8437f8
2010-12-06 12:12 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-12-06 12:12 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-12-06 12:12 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-12-06 12:12 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-12-06 12:11 . 2010-12-06 12:23 -------- d-----w- c:\windows\SxsCaPendDel
2010-12-06 11:02 . 2010-08-27 05:57 99840 -c----w- c:\windows\system32\dllcache\srvsvc.dll
2010-12-06 11:02 . 2009-10-21 05:38 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
2010-12-06 11:02 . 2009-10-21 05:38 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
2010-12-06 11:02 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
2010-12-06 11:02 . 2009-07-17 19:01 58880 -c----w- c:\windows\system32\dllcache\atl.dll
2010-12-06 10:57 . 2009-06-10 06:14 132096 -c----w- c:\windows\system32\dllcache\wkssvc.dll
2010-12-06 10:57 . 2010-02-12 04:33 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll
2010-12-06 10:57 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
2010-12-06 10:57 . 2009-05-07 15:32 345600 -c----w- c:\windows\system32\dllcache\localspl.dll
2010-12-06 10:57 . 2010-07-16 12:05 1288192 -c----w- c:\windows\system32\dllcache\ole32.dll
2010-12-06 10:57 . 2010-06-18 17:45 293376 -c----w- c:\windows\system32\dllcache\winsrv.dll
2010-12-06 10:56 . 2008-06-12 14:23 91648 -c----w- c:\windows\system32\dllcache\mtxoci.dll
2010-12-06 10:56 . 2008-06-12 14:23 66560 -c----w- c:\windows\system32\dllcache\mtxclu.dll
2010-12-06 10:56 . 2008-06-12 14:23 161792 -c----w- c:\windows\system32\dllcache\msdtcuiu.dll
2010-12-06 10:56 . 2008-06-12 14:23 956928 -c----w- c:\windows\system32\dllcache\msdtctm.dll
2010-12-06 10:56 . 2008-06-12 14:23 58880 -c----w- c:\windows\system32\dllcache\msdtclog.dll
2010-12-06 10:56 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2010-12-06 10:56 . 2009-11-27 17:11 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-12-06 10:56 . 2010-04-16 15:36 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2010-12-06 10:55 . 2010-07-27 06:30 8462336 -c----w- c:\windows\system32\dllcache\shell32.dll
2010-12-06 10:55 . 2009-10-13 10:30 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2010-12-06 10:55 . 2009-11-27 16:07 84992 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-12-06 10:55 . 2009-11-27 16:07 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-12-06 10:55 . 2009-11-27 16:07 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-12-06 00:10 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-12-06 00:10 . 2010-11-06 00:34 17408 -c----w- c:\windows\system32\dllcache\corpol.dll
2010-12-06 00:10 . 2010-11-06 00:34 78336 -c----w- c:\windows\system32\dllcache\ieencode.dll
2010-12-06 00:10 . 2009-06-25 08:25 56832 -c----w- c:\windows\system32\dllcache\secur32.dll
2010-12-06 00:10 . 2010-06-30 12:31 149504 -c----w- c:\windows\system32\dllcache\schannel.dll
2010-12-06 00:10 . 2009-09-11 14:18 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
2010-12-06 00:10 . 2009-06-25 08:25 54272 -c----w- c:\windows\system32\dllcache\wdigest.dll
2010-12-06 00:10 . 2009-06-25 08:25 301568 -c----w- c:\windows\system32\dllcache\kerberos.dll
2010-12-06 00:10 . 2009-06-24 11:18 92928 -c----w- c:\windows\system32\dllcache\ksecdd.sys
2010-12-06 00:10 . 2009-06-25 08:25 730112 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-12-06 00:09 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2010-12-06 00:09 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2010-12-06 00:09 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2010-12-06 00:09 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-12-06 00:09 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-12-06 00:08 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-12-06 00:08 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-06 00:07 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-12-06 00:07 . 2010-08-27 08:02 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-12-06 00:07 . 2009-03-06 14:22 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-12-06 00:07 . 2009-02-09 12:10 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-12-06 00:07 . 2009-02-09 12:10 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-12-06 00:07 . 2009-02-09 12:10 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-12-06 00:07 . 2009-02-06 11:11 110592 -c----w- c:\windows\system32\dllcache\services.exe
2010-12-06 00:07 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-12-06 00:07 . 2009-02-09 12:10 714752 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-12-06 00:07 . 2009-02-09 12:10 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-12-06 00:07 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-12-06 00:06 . 2010-06-14 07:41 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-12-06 00:05 . 2009-08-05 09:01 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2010-12-06 00:05 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-12-05 22:29 . 2010-01-13 14:01 86016 -c----w- c:\windows\system32\dllcache\cabview.dll
2010-12-05 22:28 . 2009-12-24 06:59 177664 -c----w- c:\windows\system32\dllcache\wintrust.dll
2010-12-05 22:25 . 2010-07-12 12:55 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-12-05 22:24 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-05 22:17 . 2010-08-26 12:52 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-12-05 22:17 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2010-12-05 21:50 . 2010-12-05 21:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-12-05 21:36 . 2009-08-06 18:24 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2010-12-05 21:34 . 2010-12-05 21:34 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-12-05 21:17 . 2010-12-05 21:17 -------- d-----w- c:\program files\Defraggler

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-30 16:06 . 2008-03-31 18:29 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:12 . 2008-03-31 18:05 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2008-03-31 18:29 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-06 00:34 . 2007-06-24 07:41 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2007-06-24 07:40 841216 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2007-06-24 07:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2007-06-24 07:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 17:15 . 2008-03-31 18:29 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2008-03-31 18:29 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2008-03-31 18:29 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2008-03-31 18:29 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2008-03-31 18:29 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2008-03-31 18:29 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2008-03-31 18:29 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2008-03-31 18:29 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2008-03-31 18:29 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:00 . 2007-06-24 07:41 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-08-23 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-03 23:56 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2008-03-31 18:29 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:25 . 2007-06-24 07:40 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-18 19:16 . 2010-10-18 19:16 82944 ----a-w- c:\windows\system32\drivers\scoqzrvg.sys
2010-09-18 11:23 . 2007-06-24 07:38 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2007-06-24 07:38 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-18 06:53 . 2004-08-03 23:56 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-08-23 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll

((((((((((((((((((((((((((((( SnapShot_2010-12-06_12.48.21 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-26 21:18 . 2008-05-26 21:18 56320 c:\windows\system32\xmlfilter.dll
+ 2008-03-31 18:31 . 2009-03-16 21:19 58208 c:\windows\system32\wsimd.sys
+ 2008-05-26 21:19 . 2008-05-26 21:19 97792 c:\windows\system32\UncCplExt.dll
+ 2008-05-26 20:59 . 2008-05-26 20:59 18904 c:\windows\system32\structuredqueryschematrivial.bin
+ 2008-03-31 18:27 . 2009-03-23 09:50 26488 c:\windows\system32\spupdsvc.exe
- 2008-03-31 18:27 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
- 2008-04-01 16:15 . 2007-11-30 12:39 17272 c:\windows\system32\spmsg.dll
+ 2008-04-01 16:15 . 2009-03-23 09:50 17272 c:\windows\system32\spmsg.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 87552 c:\windows\system32\searchfilterhost.exe
+ 2010-12-06 13:43 . 2010-10-29 22:11 75880 c:\windows\system32\sda\SDRTCPRM.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 38400 c:\windows\system32\rtffilt.dll
+ 2010-12-06 13:52 . 2006-07-21 08:14 86016 c:\windows\system32\ReinstallBackups\0008\DriverFiles\SOUNDMAN.EXE
+ 2010-12-06 13:52 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\wdmaud.drv
+ 2010-12-06 13:52 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\stream.sys
+ 2010-12-06 13:52 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\drmk.sys
+ 2010-12-06 13:53 . 2005-05-03 10:43 69632 c:\windows\system32\ReinstallBackups\0008\DriverFiles\ALCMTR.EXE
+ 2010-12-06 13:43 . 2007-01-15 12:37 34816 c:\windows\system32\ReinstallBackups\0007\DriverFiles\RTSTOR.sys
+ 2010-12-06 13:43 . 2004-07-05 19:07 83968 c:\windows\system32\ReinstallBackups\0007\DriverFiles\DriveIcon.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 71680 c:\windows\system32\propdefs.dll
+ 2010-03-30 23:16 . 2010-03-30 23:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2001-08-23 12:00 . 2010-12-06 14:08 75544 c:\windows\system32\perfc009.dat
+ 2001-08-23 12:00 . 2009-10-08 13:56 20480 c:\windows\system32\oleaccrc.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 11264 c:\windows\system32\oephRes.dll
+ 2004-08-03 23:56 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll
- 2004-08-03 23:56 . 2008-04-14 00:12 98304 c:\windows\system32\nlhtml.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 44032 c:\windows\system32\msstrc.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 32768 c:\windows\system32\mssprxy.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 87552 c:\windows\system32\mssitlb.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 11776 c:\windows\system32\msshooks.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 60416 c:\windows\system32\msscntrs.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 34816 c:\windows\system32\msscb.dll
+ 2001-08-23 12:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll
- 2001-08-23 12:00 . 2008-04-14 00:11 29696 c:\windows\system32\mimefilt.dll
+ 2008-03-31 18:31 . 2009-03-16 21:19 58208 c:\windows\system32\drivers\wsimd.sys
+ 2005-11-05 02:55 . 2008-04-13 19:45 49408 c:\windows\system32\drivers\stream.sys
- 2005-11-05 02:55 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
- 2008-03-31 18:29 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2008-03-31 18:29 . 2008-04-13 19:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2005-11-05 02:55 . 2008-04-13 19:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2001-08-23 12:00 . 2009-10-08 13:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2008-03-31 18:29 . 2008-04-13 19:45 60160 c:\windows\system32\dllcache\drmk.sys
- 2008-07-29 18:16 . 2008-07-29 18:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2010-09-22 08:43 . 2010-09-22 08:43 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2009-11-07 00:07 . 2009-11-07 00:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2010-12-06 12:30 . 2010-12-06 12:55 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\ProductName.chm.de_D066A77819B7480BA99CC79FB02C9357.exe
- 2010-12-06 12:30 . 2010-12-06 12:30 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\ProductName.chm.de_D066A77819B7480BA99CC79FB02C9357.exe
+ 2010-12-06 12:30 . 2010-12-06 12:55 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.pt_6CF114D33913468CBA2AA6967939B819.exe
- 2010-12-06 12:30 . 2010-12-06 12:30 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.pt_6CF114D33913468CBA2AA6967939B819.exe
+ 2010-12-06 12:30 . 2010-12-06 12:55 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.it_251B66F1CA924E82A1EE29E85D5EC5A1.exe
- 2010-12-06 12:30 . 2010-12-06 12:30 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.it_251B66F1CA924E82A1EE29E85D5EC5A1.exe
- 2010-12-06 12:30 . 2010-12-06 12:30 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.fr_E1678746353A46E3A9150D3E8B3832B1.exe
+ 2010-12-06 12:30 . 2010-12-06 12:55 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.fr_E1678746353A46E3A9150D3E8B3832B1.exe
- 2010-12-06 12:30 . 2010-12-06 12:30 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.es_654C8EA5162D4D4084239A5EDD67F462.exe
+ 2010-12-06 12:30 . 2010-12-06 12:55 75064 c:\windows\Installer\{4640FDE1-B83A-4376-84ED-86F86BEE2D41}\DriverDetective.es_654C8EA5162D4D4084239A5EDD67F462.exe
+ 2010-12-06 12:16 . 2010-12-06 12:16 10752 c:\windows\assembly\temp\NUZ38CGLPU\Accessibility.dll
+ 2010-12-06 14:00 . 2010-12-06 14:00 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2010-12-06 15:00 . 2010-12-06 15:00 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2010-12-06 14:37 . 2010-12-06 14:37 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-12-06 14:37 . 2010-12-06 14:37 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2010-12-06 13:53 . 2010-12-06 13:53 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2010-12-06 13:50 . 2010-12-06 13:50 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2010-12-06 14:54 . 2010-12-06 14:54 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2010-12-06 14:33 . 2010-12-06 14:33 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2010-12-06 14:35 . 2010-12-06 14:35 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2010-12-06 14:33 . 2010-12-06 14:33 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2010-12-06 14:32 . 2010-12-06 14:32 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-12-06 13:21 . 2010-12-06 13:21 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-12-06 12:13 . 2010-12-06 12:13 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 2048 c:\windows\system32\UncRes.dll
+ 2010-12-06 13:52 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\ksuser.dll
- 2008-03-31 18:29 . 2008-04-14 00:11 4096 c:\windows\system32\ksuser.dll
+ 2008-03-31 18:29 . 2008-04-14 01:11 4096 c:\windows\system32\ksuser.dll
+ 2008-03-31 18:29 . 2008-04-14 01:11 4096 c:\windows\system32\dllcache\ksuser.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-12-06 12:17 . 2010-12-06 12:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 131072 c:\windows\system32\UncPH.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 108032 c:\windows\system32\UncNE.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 143872 c:\windows\system32\UncDMS.dll
+ 2008-07-29 18:59 . 2009-10-08 13:57 611328 c:\windows\system32\uiautomationcore.dll
+ 2008-05-26 20:59 . 2008-05-26 20:59 106605 c:\windows\system32\structuredqueryschema.bin
+ 2008-05-26 21:17 . 2008-05-26 21:17 301568 c:\windows\system32\srchadmin.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 184832 c:\windows\system32\searchprotocolhost.exe
+ 2008-05-26 21:18 . 2008-05-26 21:18 439808 c:\windows\system32\searchindexer.exe
+ 2008-03-31 18:29 . 2010-11-03 17:15 137832 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2008-03-31 18:29 . 2010-11-23 17:45 297576 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2010-12-06 13:53 . 2006-07-21 23:40 143360 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RTLCPAPI.dll
+ 2010-12-06 13:53 . 2006-08-17 06:03 270336 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RTCOMDLL.dll
+ 2010-12-06 13:52 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\portcls.sys
+ 2010-12-06 13:52 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\ks.sys
+ 2010-12-06 13:45 . 2007-05-02 17:00 546976 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ar5211.sys
+ 2008-05-26 21:17 . 2008-05-26 21:17 754176 c:\windows\system32\propsys.dll
+ 2010-03-30 23:10 . 2010-03-30 23:10 295264 c:\windows\system32\PresentationHost.exe
+ 2001-08-23 12:00 . 2010-12-06 14:08 456638 c:\windows\system32\perfh009.dat
+ 2001-08-23 12:00 . 2009-10-08 13:57 220160 c:\windows\system32\oleacc.dll
+ 2004-08-03 23:56 . 2008-03-07 17:02 192000 c:\windows\system32\offfilt.dll
- 2004-08-03 23:56 . 2008-04-14 00:12 192000 c:\windows\system32\offfilt.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 273408 c:\windows\system32\oeph.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 203776 c:\windows\system32\mssphtb.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 350208 c:\windows\system32\mssph.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 231936 c:\windows\system32\msshsq.dll
+ 2009-11-07 00:07 . 2009-11-07 00:07 297808 c:\windows\system32\mscoree.dll
- 2004-03-16 08:58 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2004-03-16 08:58 . 2008-04-13 20:19 146048 c:\windows\system32\drivers\portcls.sys
+ 2004-08-03 23:15 . 2008-04-13 20:16 141056 c:\windows\system32\drivers\ks.sys
- 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\drivers\ks.sys
+ 2004-03-16 08:58 . 2008-04-13 20:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2001-08-23 12:00 . 2009-10-08 13:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2004-08-03 23:15 . 2008-04-13 20:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2010-03-30 23:16 . 2010-03-30 23:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 18:16 . 2008-07-29 18:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-09-22 08:43 . 2010-09-22 08:43 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 11:22 . 2010-02-09 11:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-05-11 05:40 . 2010-05-11 05:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2010-05-11 05:40 . 2010-05-11 05:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-02-24 23:14 . 2010-02-24 23:14 543232 c:\windows\Installer\307505.msp
+ 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\3074e1.msp
+ 2010-12-06 12:17 . 2010-12-06 12:17 372736 c:\windows\assembly\temp\QX26BFKOTX\System.Management.dll
+ 2010-12-06 12:17 . 2010-12-06 12:17 303104 c:\windows\assembly\temp\AHMQVZ48DH\System.Runtime.Remoting.dll
+ 2010-12-06 12:17 . 2010-12-06 12:17 425984 c:\windows\assembly\temp\4DLRX28CHL\System.configuration.dll
+ 2010-12-06 12:17 . 2010-12-06 12:17 626688 c:\windows\assembly\temp\4BGLQV049E\System.Drawing.dll
+ 2010-12-06 14:32 . 2010-12-06 14:32 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2010-12-06 14:00 . 2010-12-06 14:00 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2010-12-06 14:00 . 2010-12-06 14:00 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll
+ 2010-12-06 14:00 . 2010-12-06 14: c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2010-12-06 13:25 . 2010-12-06 13:25 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12B7.tmp\PresentationFramework.Classic.dll
+ 2010-12-06 15:02 . 2010-12-06 15:02 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2010-12-06 14:58 . 2010-12-06 14:58 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\22430f635f78e165adc8df760d54d093\System.Web.Extensions.Design.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\22d1acce74bb263ae91cca82e5dfed94\System.Web.Entity.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\567bc9e7e082dc4c4e0fa235e2f521c6\System.Web.Entity.Design.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\434c74721156d301e15b4e5c360665a4\System.Web.DynamicData.ni.dll
+ 2010-12-06 14:58 . 2010-12-06 14:58 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2010-12-06 14:56 . 2010-12-06 14:56 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2010-12-06 14:56 . 2010-12-06 14:56 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2010-12-06 14:34 . 2010-12-06 14:34 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2010-12-06 14:51 . 2010-12-06 14:51 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-12-06 14:54 . 2010-12-06 14:54 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2010-12-06 14:51 . 2010-12-06 14:51 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2010-12-06 14:50 . 2010-12-06 14:50 330752 c:\windows\assembly\NativeImages_v2.0.50727_32
.

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 06 led 2011 21:40
od tomas.salat
druha polka:

\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2010-12-06 14:19 . 2010-12-06 14:19 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2010-12-06 14:19 . 2010-12-06 14:19 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2010-12-06 14:49 . 2010-12-06 14:49 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2010-12-06 14:49 . 2010-12-06 14:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll
+ 2010-12-06 14:48 . 2010-12-06 14:48 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-12-06 14:48 . 2010-12-06 14:48 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2010-12-06 14:46 . 2010-12-06 14:46 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2010-12-06 14:46 . 2010-12-06 14:46 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2010-12-06 14:43 . 2010-12-06 14:43 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2010-12-06 14:38 . 2010-12-06 14:38 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2010-12-06 14:34 . 2010-12-06 14:34 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2010-12-06 14:51 . 2010-12-06 14:51 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2010-12-06 14:37 . 2010-12-06 14:37 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2010-12-06 14:32 . 2010-12-06 14:32 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2010-12-06 14:31 . 2010-12-06 14:31 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2010-12-06 14:31 . 2010-12-06 14:31 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2010-12-06 13:57 . 2010-12-06 13:57 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2010-12-06 13:57 . 2010-12-06 13:57 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2010-12-06 14:33 . 2010-12-06 14:33 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2010-12-06 14:31 . 2010-12-06 14:31 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-12-06 14:36 . 2010-12-06 14:36 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2010-12-06 14:36 . 2010-12-06 14:36 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-12-06 14:35 . 2010-12-06 14:35 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2010-12-06 14:35 . 2010-12-06 14:35 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-12-06 14:35 . 2010-12-06 14:35 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2010-12-06 14:30 . 2010-12-06 14:30 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2010-12-06 14:32 . 2010-12-06 14:32 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-12-06 13:21 . 2010-12-06 13:21 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-12-06 13:21 . 2010-12-06 13:21 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-12-06 12:13 . 2010-12-06 12:13 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2010-12-06 13:21 . 2010-12-06 13:21 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-05-26 21:21 . 2008-05-26 21:21 1582592 c:\windows\system32\tquery.dll
+ 2010-12-06 13:52 . 2006-05-16 10:04 2879488 c:\windows\system32\ReinstallBackups\0008\DriverFiles\SkyTel.exe
+ 2010-12-06 13:53 . 2006-11-13 05:07 1183744 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RtlUpd.exe
+ 2010-12-06 13:52 . 2006-05-04 08:35 9709568 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RTLCPL.EXE
+ 2010-12-06 13:52 . 2006-11-15 06:34 4225920 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RtkHDAud.sys
+ 2010-12-06 13:52 . 2006-10-11 09:42 2157568 c:\windows\system32\ReinstallBackups\0008\DriverFiles\MicCal.exe
+ 2010-12-06 13:53 . 2006-05-04 08:26 2808832 c:\windows\system32\ReinstallBackups\0008\DriverFiles\ALCWZRD.EXE
+ 2008-05-26 21:21 . 2008-05-26 21:21 1418240 c:\windows\system32\mssrch.dll
+ 2009-11-07 00:06 . 2009-11-07 00:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
- 2008-11-25 03:59 . 2008-11-25 03:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-09-22 08:44 . 2010-09-22 08:44 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2010-03-23 04:32 . 2010-03-23 04:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2010-05-11 05:40 . 2010-05-11 05:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2010-05-11 05:40 . 2010-05-11 05:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-09-23 06:39 . 2010-09-23 06:39 4265472 c:\windows\Installer\307543.msp
+ 2009-11-08 23:25 . 2009-11-08 23:25 1935360 c:\windows\Installer\307520.msp
+ 2010-04-11 21:17 . 2010-04-11 21:17 2607104 c:\windows\Installer\3074ee.msp
+ 2010-04-11 21:17 . 2010-04-11 21:17 4210688 c:\windows\Installer\3074ed.msp
+ 2010-12-06 12:16 . 2010-12-06 12:16 5242880 c:\windows\assembly\temp\X59EINSW15\System.Web.dll
+ 2010-12-06 12:17 . 2010-12-06 12:17 2048000 c:\windows\assembly\temp\X38DHMQVZ3\System.XML.dll
+ 2010-12-06 12:16 . 2010-12-06 12:16 5025792 c:\windows\assembly\temp\RY37CGLQUZ\System.Windows.Forms.dll
+ 2010-12-06 13:51 . 2010-12-06 13:51 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2010-12-06 14:00 . 2010-12-06 14:00 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2010-12-06 13:43 . 2010-12-06 13:43 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1561.tmp\ReachFramework.dll
+ 2010-12-06 13:31 . 2010-12-06 13:31 2024448 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1443.tmp\ReachFramework.dll
+ 2010-12-06 13:50 . 2010-12-06 13:50 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll
+ 2010-12-06 15:02 . 2010-12-06 15:02 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2010-12-06 15:01 . 2010-12-06 15:01 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2010-12-06 15:01 . 2010-12-06 15:01 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2010-12-06 15:00 . 2010-12-06 15:00 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2010-12-06 15:00 . 2010-12-06 15:00 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2010-12-06 14:59 . 2010-12-06 14:59 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\722b203f351322aad7a54efe8622883b\System.Web.Extensions.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll
+ 2010-12-06 14:56 . 2010-12-06 14:56 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\d61908249d680d7c73ba0fead09d3935\System.ServiceModel.Web.ni.dll
+ 2010-12-06 14:19 . 2010-12-06 14:19 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2010-12-06 14:19 . 2010-12-06 14:19 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll
+ 2010-12-06 14:47 . 2010-12-06 14:47 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2010-12-06 14:47 . 2010-12-06 14:47 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll
+ 2010-12-06 14:34 . 2010-12-06 14:34 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2010-12-06 14:45 . 2010-12-06 14:45 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll
+ 2010-12-06 14:42 . 2010-12-06 14:42 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2010-12-06 13:58 . 2010-12-06 13:58 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2010-12-06 13:50 . 2010-12-06 13:50 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll
+ 2010-12-06 14:37 . 2010-12-06 14:37 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2010-12-06 14:30 . 2010-12-06 14:30 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2010-12-06 14:53 . 2010-12-06 14:53 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2010-12-06 14:36 . 2010-12-06 14:36 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2010-12-06 14:36 . 2010-12-06 14:36 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-12-06 14:33 . 2010-12-06 14:33 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2010-12-06 13:40 . 2010-12-06 13:40 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-12-06 13:21 . 2010-12-06 13:21 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-12-06 13:40 . 2010-12-06 13:40 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-12-06 12:16 . 2010-12-06 12:16 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-12-06 12:17 . 2010-12-06 12:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-12-06 12:13 . 2010-12-06 12:13 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-12-06 13:40 . 2010-12-06 13:40 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2010-12-06 13:55 . 2010-12-06 13:55 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-12-06 13:52 . 2006-11-14 09:21 16270848 c:\windows\system32\ReinstallBackups\0008\DriverFiles\RTHDCPL.EXE
+ 2010-05-19 12:08 . 2010-05-19 12:08 11408896 c:\windows\Installer\307538.msp
+ 2010-03-31 00:23 . 2010-03-31 00:23 15638528 c:\windows\Installer\30752d.msp
+ 2010-04-11 21:17 . 2010-04-11 21:17 14599680 c:\windows\Installer\3074fd.msp
+ 2010-12-06 13:59 . 2010-12-06 13:59 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll
+ 2010-12-06 14:57 . 2010-12-06 14:58 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2010-12-06 14:23 . 2010-12-06 14:23 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2010-12-06 13:59 . 2010-12-06 13:59 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\fdc42078fd10e4dc8b05087900c63977\System.Design.ni.dll
+ 2010-12-06 13:57 . 2010-12-06 13:57 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2010-12-06 13:51 . 2010-12-06 13:52 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
+ 2010-12-06 13:49 . 2010-12-06 13:49 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-10-14 69632]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-01-15 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 54832]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-04 2219184]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Kpt51.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2008 20:56 639224]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3.8.2010 12:28 95896]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [4.11.2010 17:15 810144]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [31.3.2008 19:32 24576]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [6.12.2010 14:43 197224]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [31.3.2008 19:32 1260672]
S2 scoqzrvg;scoqzrvg;c:\windows\system32\drivers\scoqzrvg.sys [18.10.2010 20:16 82944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6.12.2010 14:51 1691480]
S3 amqzrwxk;amqzrwxk;\??\c:\windows\System32\Drivers\amqzrwxk.sys --> c:\windows\System32\Drivers\amqzrwxk.sys [?]
S3 diqosvhs;diqosvhs;\??\c:\windows\System32\Drivers\diqosvhs.sys --> c:\windows\System32\Drivers\diqosvhs.sys [?]
S3 fcevsmrt;fcevsmrt;\??\c:\windows\System32\Drivers\fcevsmrt.sys --> c:\windows\System32\Drivers\fcevsmrt.sys [?]
S3 hsitivou;hsitivou;\??\c:\windows\System32\Drivers\hsitivou.sys --> c:\windows\System32\Drivers\hsitivou.sys [?]
S3 iextaoxg;iextaoxg;\??\c:\windows\System32\Drivers\iextaoxg.sys --> c:\windows\System32\Drivers\iextaoxg.sys [?]
S3 iqofgpnb;iqofgpnb;\??\c:\windows\System32\Drivers\iqofgpnb.sys --> c:\windows\System32\Drivers\iqofgpnb.sys [?]
S3 jhhcewhb;jhhcewhb;\??\c:\windows\System32\Drivers\jhhcewhb.sys --> c:\windows\System32\Drivers\jhhcewhb.sys [?]
S3 Kpt51;Kpt51;\??\c:\windows\System32\drivers\Kpt51.sys --> c:\windows\System32\drivers\Kpt51.sys [?]
S3 mwgnzccl;mwgnzccl;\??\c:\windows\System32\Drivers\mwgnzccl.sys --> c:\windows\System32\Drivers\mwgnzccl.sys [?]
S3 ncnhpprp;ncnhpprp;\??\c:\windows\System32\Drivers\ncnhpprp.sys --> c:\windows\System32\Drivers\ncnhpprp.sys [?]
S3 odtqkqix;odtqkqix;\??\c:\windows\System32\Drivers\odtqkqix.sys --> c:\windows\System32\Drivers\odtqkqix.sys [?]
S3 pomkhjmx;pomkhjmx;\??\c:\windows\System32\Drivers\pomkhjmx.sys --> c:\windows\System32\Drivers\pomkhjmx.sys [?]
S3 qiefgyih;qiefgyih;\??\c:\windows\System32\Drivers\qiefgyih.sys --> c:\windows\System32\Drivers\qiefgyih.sys [?]
S3 rtxhexiv;rtxhexiv;\??\c:\windows\System32\Drivers\rtxhexiv.sys --> c:\windows\System32\Drivers\rtxhexiv.sys [?]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [5.8.2008 13:35 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [5.8.2008 13:35 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [5.8.2008 13:35 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [5.8.2008 13:35 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [5.8.2008 13:35 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [5.8.2008 13:35 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [5.8.2008 13:35 110120]
S3 sdgvcrxq;sdgvcrxq;\??\c:\windows\System32\Drivers\sdgvcrxq.sys --> c:\windows\System32\Drivers\sdgvcrxq.sys [?]
S3 sscipkfe;sscipkfe;\??\c:\windows\System32\Drivers\sscipkfe.sys --> c:\windows\System32\Drivers\sscipkfe.sys [?]
S3 tfxveqlt;tfxveqlt;\??\c:\windows\System32\Drivers\tfxveqlt.sys --> c:\windows\System32\Drivers\tfxveqlt.sys [?]
S3 vtaehvpw;vtaehvpw;\??\c:\windows\System32\Drivers\vtaehvpw.sys --> c:\windows\System32\Drivers\vtaehvpw.sys [?]
S3 xmhwfibj;xmhwfibj;\??\c:\windows\System32\Drivers\xmhwfibj.sys --> c:\windows\System32\Drivers\xmhwfibj.sys [?]
S3 ysqferpx;ysqferpx;\??\c:\windows\System32\Drivers\ysqferpx.sys --> c:\windows\System32\Drivers\ysqferpx.sys [?]
S3 zljdrbkm;zljdrbkm;\??\c:\windows\System32\Drivers\zljdrbkm.sys --> c:\windows\System32\Drivers\zljdrbkm.sys [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\Fujitech\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send to &Bluetooth Device... - c:\program files\Bluetooth\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8wh19yk8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-06 21:34
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-329068152-73586283-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:a4,91,fe,ac,d7,3f,a8,e6,ee,f1,85,f0,dd,f7,f4,70,f2,0b,fe,08,55,
6f,0e,c4,9d,84,f0,7b,7d,27,b8,8f,0b,ae,a2,34,32,21,a5,79,cc,31,6d,ef,64,1d,\
"rkeysecu"=hex:6a,84,b5,d9,b5,f9,94,c4,a1,71,bb,e2,ca,a6,4c,e0
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(816)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\antiwpa.dll
.
Completion time: 2010-12-06 21:35:57
ComboFix-quarantined-files.txt 2010-12-06 20:35
ComboFix2.txt 2010-12-06 12:51
ComboFix3.txt 2010-12-05 22:42
ComboFix4.txt 2010-12-05 21:08

Pre-Run: 47 434 530 816 bytes free
Post-Run: 14 adresárov, 47 487 188 992 voľných bajtov

- - End Of File - - 4F7997BA1E99BFC2823CA144E073FA27

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 08:43
od stell
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
scoqzrvg
amqzrwxk
diqosvhs
fcevsmrt
hsitivou
iextaoxg
iqofgpnb
Kpt51
mwgnzccl
ncnhpprp
odtqkqix
pomkhjmx
qiefgyih
rtxhexiv
sdgvcrxq
sscipkfe
tfxveqlt
vtaehvpw
xmhwfibj
ysqferpx
zljdrbkm
Rootkit::
c:\windows\system32\drivers\scoqzrvg.sys
c:\windows\System32\Drivers\amqzrwxk.sys
c:\windows\System32\Drivers\diqosvhs.sys
c:\windows\System32\Drivers\fcevsmrt.sys
c:\windows\System32\Drivers\hsitivou.sys
c:\windows\System32\Drivers\iextaoxg.sys
c:\windows\System32\Drivers\iqofgpnb.sys
c:\windows\System32\drivers\Kpt51.sys
c:\windows\System32\Drivers\mwgnzccl.sys
c:\windows\System32\Drivers\ncnhpprp.sys
c:\windows\System32\Drivers\odtqkqix.sys
c:\windows\System32\Drivers\pomkhjmx.sys
c:\windows\System32\Drivers\qiefgyih.sys
c:\windows\System32\Drivers\rtxhexiv.sys
c:\windows\System32\Drivers\sdgvcrxq.sys
c:\windows\System32\Drivers\sscipkfe.sys
c:\windows\System32\Drivers\tfxveqlt.sys
c:\windows\System32\Drivers\vtaehvpw.sys
c:\windows\System32\Drivers\xmhwfibj.sys
c:\windows\System32\Drivers\ysqferpx.sys
c:\windows\System32\Drivers\zljdrbkm.sys
Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 09:09
od tomas.salat
Prikladam:

ComboFix 11-01-06.04 - Administrator 07.01.2011 8:58.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1381 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_amqzrwxk
-------\Service_diqosvhs
-------\Service_fcevsmrt
-------\Service_hsitivou
-------\Service_iextaoxg
-------\Service_iqofgpnb
-------\Service_Kpt51
-------\Service_mwgnzccl
-------\Service_ncnhpprp
-------\Service_odtqkqix
-------\Service_pomkhjmx
-------\Service_qiefgyih
-------\Service_rtxhexiv
-------\Service_scoqzrvg
-------\Service_sdgvcrxq
-------\Service_sscipkfe
-------\Service_tfxveqlt
-------\Service_vtaehvpw
-------\Service_xmhwfibj
-------\Service_ysqferpx
-------\Service_zljdrbkm


((((((((((((((((((((((((( Files Created from 2010-12-07 to 2011-01-07 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 21:50 . 2010-12-05 21:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-11-30 16:06 . 2008-03-31 18:29 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:12 . 2008-03-31 18:05 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2008-03-31 18:29 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-11 12:27 . 2010-12-06 13:51 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-11-06 00:34 . 2007-06-24 07:41 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2007-06-24 07:40 841216 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2007-06-24 07:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2007-06-24 07:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-05 15:47 . 2010-12-06 13:45 1938272 ----a-w- c:\windows\system32\drivers\athw.sys
2010-11-03 17:15 . 2010-12-06 13:51 359016 ----a-w- c:\windows\vncutil.exe
2010-11-03 17:15 . 2008-03-31 18:29 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2008-03-31 18:29 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2008-03-31 18:29 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2008-03-31 18:29 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2008-03-31 18:29 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-12-06 13:51 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-11-03 17:14 . 2008-03-31 18:29 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2008-03-31 18:29 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2008-03-31 18:29 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2008-03-31 18:29 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:00 . 2007-06-24 07:41 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-08-23 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-29 22:11 . 2010-12-06 13:43 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-10-29 22:11 . 2010-12-06 13:43 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-10-29 22:11 . 2010-12-06 13:43 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2010-10-28 13:13 . 2004-08-03 23:56 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2008-03-31 18:29 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:25 . 2007-06-24 07:40 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-10-14 69632]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-01-15 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 54832]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-04 2219184]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2008 20:56 639224]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3.8.2010 12:28 95896]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [4.11.2010 17:15 810144]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [31.3.2008 19:32 24576]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [6.12.2010 14:43 197224]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [31.3.2008 19:32 1260672]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6.12.2010 14:51 1691480]
S3 jhhcewhb;jhhcewhb;\??\c:\windows\System32\Drivers\jhhcewhb.sys --> c:\windows\System32\Drivers\jhhcewhb.sys [?]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [5.8.2008 13:35 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [5.8.2008 13:35 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [5.8.2008 13:35 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [5.8.2008 13:35 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [5.8.2008 13:35 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [5.8.2008 13:35 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [5.8.2008 13:35 110120]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\Fujitech\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send to &Bluetooth Device... - c:\program files\Bluetooth\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8wh19yk8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-Kpt51.sys



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-07 09:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-329068152-73586283-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:a4,91,fe,ac,d7,3f,a8,e6,ee,f1,85,f0,dd,f7,f4,70,f2,0b,fe,08,55,
6f,0e,c4,9d,84,f0,7b,7d,27,b8,8f,0b,ae,a2,34,32,21,a5,79,cc,31,6d,ef,64,1d,\
"rkeysecu"=hex:6a,84,b5,d9,b5,f9,94,c4,a1,71,bb,e2,ca,a6,4c,e0
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(812)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3560)
c:\windows\system32\WININET.dll
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\acs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\ACEngSvr.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Completion time: 2011-01-07 09:09:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-07 08:09
ComboFix2.txt 2010-12-06 20:35

Pre-Run: 48 213 598 208 bytes free
Post-Run: 13 adresárov, 48 199 729 152 voľných bajtov

- - End Of File - - E49B9ACC2EE2FA9A630876FE4BB792A6

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 09:36
od stell
ok, zopakuj akciu, teraz tento script

Kód: Vybrat vše

KILLALL::
Driver::
jhhcewhb
Rootkit::
c:\windows\System32\Drivers\jhhcewhb.sys

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 10:05
od tomas.salat
Prikladam log:

ComboFix 11-01-06.04 - Administrator 07.01.2011 9:53.10.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1474 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_jhhcewhb


((((((((((((((((((((((((( Files Created from 2010-12-07 to 2011-01-07 )))))))))))))))))))))))))))))))
.

2011-01-07 08:15 . 2011-01-07 08:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2011-01-07 08:13 . 2011-01-07 08:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 21:50 . 2010-12-05 21:50 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-11-30 16:06 . 2008-03-31 18:29 6261352 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-11-18 18:12 . 2008-03-31 18:05 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-16 19:34 . 2008-03-31 18:29 19722344 ----a-w- c:\windows\RTHDCPL.EXE
2010-11-11 12:27 . 2010-12-06 13:51 55912 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-11-06 00:34 . 2007-06-24 07:41 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:34 . 2007-06-24 07:40 841216 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:34 . 2007-06-24 07:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:34 . 2007-06-24 07:41 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-05 15:47 . 2010-12-06 13:45 1938272 ----a-w- c:\windows\system32\drivers\athw.sys
2010-11-03 17:15 . 2010-12-06 13:51 359016 ----a-w- c:\windows\vncutil.exe
2010-11-03 17:15 . 2008-03-31 18:29 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-11-03 17:15 . 2008-03-31 18:29 1833576 ----a-w- c:\windows\SkyTel.exe
2010-11-03 17:15 . 2008-03-31 18:29 891496 ----a-w- c:\windows\system32\RTSndMgr.CPL
2010-11-03 17:15 . 2008-03-31 18:29 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-11-03 17:15 . 2008-03-31 18:29 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-11-03 17:14 . 2010-12-06 13:51 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-11-03 17:14 . 2008-03-31 18:29 2180712 ----a-w- c:\windows\MicCal.exe
2010-11-03 17:13 . 2008-03-31 18:29 285288 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2010-11-03 17:13 . 2008-03-31 18:29 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-11-03 17:13 . 2008-03-31 18:29 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-11-03 12:00 . 2007-06-24 07:41 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-08-23 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-29 22:11 . 2010-12-06 13:43 197224 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-10-29 22:11 . 2010-12-06 13:43 9888360 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-10-29 22:11 . 2010-12-06 13:43 313960 ----a-w- c:\windows\system32\RtsUStor.dll
2010-10-28 13:13 . 2004-08-03 23:56 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 09:46 . 2008-03-31 18:29 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-10-26 13:25 . 2007-06-24 07:40 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-12-06_20.34.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-31 18:27 . 2009-05-12 14:12 26144 c:\windows\system32\spupdsvc.exe
+ 2008-04-01 16:15 . 2009-05-12 14:12 16928 c:\windows\system32\spmsg.dll
+ 2001-08-23 12:00 . 2011-01-07 08:14 68490 c:\windows\system32\perfc009.dat
+ 2011-01-07 08:22 . 2011-01-07 08:22 10134 c:\windows\Installer\{640BE6CD-9B4E-4FA4-98BC-E6975A30DC4F}\callmsi.exe
- 2010-12-05 21:35 . 2010-12-05 21:35 10134 c:\windows\Installer\{640BE6CD-9B4E-4FA4-98BC-E6975A30DC4F}\callmsi.exe
+ 2011-01-07 08:35 . 2006-12-14 07:11 7680 c:\windows\system32\ReinstallBackups\0009\DriverFiles\ATKACPI.sys
+ 2008-03-31 18:18 . 2007-08-28 04:58 5760 c:\windows\system32\drivers\ATKACPI.sys
+ 2001-08-23 12:00 . 2011-01-07 08:14 435594 c:\windows\system32\perfh009.dat
+ 2011-01-07 08:21 . 2011-01-07 08:21 233936 c:\windows\system32\Macromed\Flash\FlashUtil10l_Plugin.exe
+ 2010-09-23 20:02 . 2010-09-23 20:02 798208 c:\windows\Installer\3ed1be.msp
+ 2011-01-07 08:22 . 2011-01-07 08:22 967680 c:\windows\Installer\2d8b5.msi
+ 2011-01-07 08:22 . 2011-01-07 08:22 101504 c:\windows\Installer\{640BE6CD-9B4E-4FA4-98BC-E6975A30DC4F}\egui.exe
- 2010-12-05 21:35 . 2010-12-05 21:35 101504 c:\windows\Installer\{640BE6CD-9B4E-4FA4-98BC-E6975A30DC4F}\egui.exe
+ 2010-12-07 07:38 . 2010-12-07 07:38 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2010-12-07 07:38 . 2010-12-07 07:38 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2010-12-07 07:38 . 2010-12-07 07:38 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2010-12-07 07:38 . 2010-12-07 07:38 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2010-12-06 21:28 . 2009-05-12 14:12 382496 c:\windows\$NtUninstallKB963093$\spuninst\updspapi.dll
+ 2010-12-06 21:28 . 2009-05-12 14:12 231456 c:\windows\$NtUninstallKB963093$\spuninst\spuninst.exe
+ 2010-12-06 21:28 . 2008-05-26 21:18 350208 c:\windows\$NtUninstallKB963093$\mssph.dll
+ 2010-12-06 21:28 . 2008-05-26 21:19 304128 c:\windows\$NtUninstallKB963093$\msnlnamespacemgr.dll
+ 2010-12-06 21:28 . 2008-05-26 21:20 595456 c:\windows\$NtUninstallKB963093$\msnlext.dll
+ 2010-12-06 21:28 . 2008-05-26 21:19 275456 c:\windows\$NtUninstallKB963093$\mapine.dll
+ 2010-01-27 01:07 . 2011-01-07 08:21 5971408 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-12-07 07:38 . 2010-12-07 07:38 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2010-12-07 07:38 . 2010-12-07 07:38 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2010-12-06 21:28 . 2010-12-06 21:28 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2010-12-06 12:18 . 2010-12-06 12:18 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-10-14 69632]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ACU"="c:\program files\Atheros\ACU.exe" [2007-05-03 376921]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\PowerForPhone\PowerForPhone.exe" [2007-01-15 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-03-14 54832]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"RTHDCPL"="RTHDCPL.EXE" [2010-11-16 19722344]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-04 2219184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer3\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 1942\\BF1942.exe"=
"c:\\Documents and Settings\\Administrator\\temp\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Ubisoft\\Gearbox Software\\Brothers in Arms - Hell's Highway\\Binaries\\biahh.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.3.2008 20:56 639224]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.7.2010 12:31 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3.8.2010 12:28 95896]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [4.11.2010 17:15 810144]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [31.3.2008 19:32 24576]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [6.12.2010 14:43 197224]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [31.3.2008 19:32 1260672]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [6.12.2010 14:51 1691480]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [5.8.2008 13:35 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [5.8.2008 13:35 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [5.8.2008 13:35 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [5.8.2008 13:35 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [5.8.2008 13:35 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [5.8.2008 13:35 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [5.8.2008 13:35 110120]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\Fujitech\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send to &Bluetooth Device... - c:\program files\Bluetooth\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\8wh19yk8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-07 10:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-329068152-73586283-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:a4,91,fe,ac,d7,3f,a8,e6,ee,f1,85,f0,dd,f7,f4,70,f2,0b,fe,08,55,
6f,0e,c4,9d,84,f0,7b,7d,27,b8,8f,0b,ae,a2,34,32,21,a5,79,cc,31,6d,ef,64,1d,\
"rkeysecu"=hex:6a,84,b5,d9,b5,f9,94,c4,a1,71,bb,e2,ca,a6,4c,e0
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(812)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2176)
c:\windows\system32\WININET.dll
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\acs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\ACEngSvr.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\program files\ATK Hotkey\WDC.exe
.
**************************************************************************
.
Completion time: 2011-01-07 10:04:05 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-07 09:04
ComboFix2.txt 2011-01-07 08:09
ComboFix3.txt 2010-12-06 20:35

Pre-Run: 47 948 779 520 bytes free
Post-Run: 13 adresárov, 47 937 851 392 voľných bajtov

- - End Of File - - 394B0D67ABE9B824BBE739E8234FB0B6

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 10:08
od stell
otestuj na www.virustotal.com
c:\windows\system32\drivers\Ambfilt.sys
link z testu vloz sem.

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 10:25
od tomas.salat
http://www.virustotal.com/file-scan/rep ... 1294392307

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 10:28
od stell
1:premenuj ikonu combofixu na uninstall
a spust>>combofix sa odinstaluje:

2:Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem.

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:Files
ipconfig /flushdns /c

:Commands
[resethosts]
[emptytemp]
[clearallrestorepoints]
[start explorer]
[EMPTYFLASH]
[Reboot]

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 11:07
od tomas.salat
Prikladam log:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\003164_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1282.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12B7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1443.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1561.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1689.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP287.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP336.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP418.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C49.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7CE5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8D9.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI435.tmp moved successfully.
C:\WINDOWS\Installer\MSI44C.tmp moved successfully.
C:\WINDOWS\Installer\MSI60A.tmp moved successfully.
C:\WINDOWS\Installer\MSI7E9.tmp moved successfully.
C:\WINDOWS\Installer\MSI8FD.tmp moved successfully.
C:\WINDOWS\Installer\MSI90F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\22c1edc0f58e9ea8b1654deb838ff0f6\BITD7.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Konfigurácia protokolu IP systému Windows
Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.
C:\Documents and Settings\Administrator\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 916906 bytes
->Temporary Internet Files folder emptied: 177362 bytes
->FireFox cache emptied: 75824636 bytes
->Flash cache emptied: 1932923 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Desktop

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 255 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 75,00 mb


Restore points cleared and new OTM Restore Point set!

OTM by OldTimer - Version 3.1.17.2 log created on 01072011_104846

Files moved on Reboot...

Registry entries deleted on Reboot...

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 11:11
od stell
1:spust OTM>klik>clanup>>yes>>yes>

2:Stáhni, nainstaluj program CCleaner - http://www.ccleaner.com/download/downloadpage.aspx?f=2
- PravyKlik na kos-spustit ccleaner ->>>Cakas>>na cistenie,,
PravyKlik na kos-otvorit ccleaner-záložka Windows a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na záložku Aplikace a stiskni Analyzovat a poté Spustit Cleaner
- Klikni na Registry, stiskni Hledej problémy, po dokončení skenování klikni na Opravit vybrané problémy,
-zvol Ano pro vytvoření zálohy, ulož nabídnutý soubor a klikni na Opravit všechny problémy,

3: nainstaluj Firewall, bez spyware doctora, tak ako je v navode:
http://www.viry.cz/forum/viewtopic.php? ... 36#p868836

Ak vsetko bude ok, tot, vse.

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 11:30
od tomas.salat
Vyzera byt vsetko ako ma, dakujem za pomoc.

s pozdravom,

Tomas

Re: Pomaly PC, vypadavanie netu po 5min...

Napsal: 07 led 2011 11:33
od stell
Nemas zaco. :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz