Prosím o kontrolu logu

astra · Příspěvekod **astra** » 13 lis 2012 21:21

Dobrý den, dostal se mi do rukou počítač, který se občas špatně připojuje na internet. Trochu jsem si s ním pohrála (vyčistila), ale zdá se mě pořád takový daremný... Například některé programy, které se spouští při startu se mi nedaří vypnout, občas něco reaguje jinak, než by mělo. Možná jsem paranoidní. Mohli byste mi, prosím, zkouknout log z HijactThis? Nerada bych něco pokazila. Předem děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:39, on 13.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Zástupce - procexp.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 8527318929
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8086 bytes

Reklama

Příspěvekod **memphisto** » 13 lis 2012 23:48

Odinstaluj:
Google Toolbar
Ask Toolbar

v logu fixni:
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

astra · Příspěvekod **astra** » 14 lis 2012 17:23

To je zvláštní - večer jsem spustila kontrolu, přestože jsem neměla připojený PC k internetu (nemá wifi) - hlásilo to jeden nález.Teď jsem si přinesla internet a aktualizovala program a není hlášen žádný nález. Škoda, že jsem ráno ten PC vypla aniž jsem si ten log ze včerejška uložila.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.14.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Uživatel :: OEM [administrátor]

Ochrana: Povolena

14.11.2012 17:09:18
mbam-log-2012-11-14 (17-09-18).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232274
Uplynulý čas: 6 minut, 32 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Příspěvekod **memphisto** » 14 lis 2012 18:37

V Mbam bude pod polozkou protokoly

Odesláno z mého GT-I9100 pomocí Tapatalk 2

astra · Příspěvekod **astra** » 14 lis 2012 20:37

Bohužel není ani tam.
Možná ten nález byl zapříčiněn tím, že ten program nebyl aktualizován.

Příspěvekod **memphisto** » 14 lis 2012 23:26

Nevadí...

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

astra · Příspěvekod **astra** » 15 lis 2012 00:49

23:44:40.0984 2504 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:44:41.0187 2504 ============================================================
23:44:41.0187 2504 Current date / time: 2012/11/14 23:44:41.0187
23:44:41.0187 2504 SystemInfo:
23:44:41.0187 2504
23:44:41.0187 2504 OS Version: 5.1.2600 ServicePack: 3.0
23:44:41.0187 2504 Product type: Workstation
23:44:41.0187 2504 ComputerName: OEM
23:44:41.0187 2504 UserName: Uživatel
23:44:41.0187 2504 Windows directory: C:\WINDOWS
23:44:41.0187 2504 System windows directory: C:\WINDOWS
23:44:41.0187 2504 Processor architecture: Intel x86
23:44:41.0187 2504 Number of processors: 2
23:44:41.0187 2504 Page size: 0x1000
23:44:41.0187 2504 Boot type: Normal boot
23:44:41.0187 2504 ============================================================
23:44:43.0140 2504 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:44:43.0140 2504 Drive \Device\Harddisk1\DR5 - Size: 0xF2300000 (3.78 Gb), SectorSize: 0x200, Cylinders: 0x1ED, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:44:43.0140 2504 ============================================================
23:44:43.0140 2504 \Device\Harddisk0\DR0:
23:44:43.0140 2504 MBR partitions:
23:44:43.0140 2504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA412FE
23:44:43.0156 2504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBA4137C, BlocksNum 0x254E584
23:44:43.0156 2504 \Device\Harddisk1\DR5:
23:44:43.0156 2504 MBR partitions:
23:44:43.0156 2504 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0x78F880
23:44:43.0156 2504 ============================================================
23:44:43.0218 2504 D: <-> \Device\Harddisk0\DR0\Partition2
23:44:43.0250 2504 C: <-> \Device\Harddisk0\DR0\Partition1
23:44:43.0250 2504 ============================================================
23:44:43.0250 2504 Initialize success
23:44:43.0250 2504 ============================================================
23:44:52.0109 2360 ============================================================
23:44:52.0109 2360 Scan started
23:44:52.0109 2360 Mode: Manual;
23:44:52.0109 2360 ============================================================
23:44:52.0484 2360 ================ Scan system memory ========================
23:44:52.0500 2360 System memory - ok
23:44:52.0500 2360 ================ Scan services =============================
23:44:52.0593 2360 .EsetTrialReset - ok
23:44:52.0703 2360 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
23:44:52.0703 2360 Aavmker4 - ok
23:44:52.0703 2360 Abiosdsk - ok
23:44:52.0718 2360 abp480n5 - ok
23:44:52.0812 2360 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
23:44:52.0812 2360 ACDaemon - ok
23:44:52.0875 2360 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:44:52.0875 2360 ACPI - ok
23:44:52.0906 2360 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:44:52.0921 2360 ACPIEC - ok
23:44:52.0968 2360 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:44:52.0984 2360 AdobeFlashPlayerUpdateSvc - ok
23:44:53.0000 2360 adpu160m - ok
23:44:53.0031 2360 [ 2F6EBF8EA760FDEE8326DFAB18AE45C4 ] adusbmdm6501 C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys
23:44:53.0046 2360 adusbmdm6501 - ok
23:44:53.0078 2360 [ E4283B3DE62494325818D60C638CDD51 ] adusbser C:\WINDOWS\system32\DRIVERS\adusbser.sys
23:44:53.0078 2360 adusbser - ok
23:44:53.0093 2360 [ 2F6EBF8EA760FDEE8326DFAB18AE45C4 ] adusbser6501 C:\WINDOWS\system32\DRIVERS\adusbser65.sys
23:44:53.0093 2360 adusbser6501 - ok
23:44:53.0140 2360 [ E696E749BEDCDA8B23757B8B5EA93780 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
23:44:53.0140 2360 aeaudio - ok
23:44:53.0187 2360 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:44:53.0203 2360 aec - ok
23:44:53.0250 2360 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:44:53.0250 2360 AFD - ok
23:44:53.0312 2360 [ B34B1AB0A7690A0E2301FEC6D17B2FC1 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
23:44:53.0312 2360 AFS2K - ok
23:44:53.0343 2360 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
23:44:53.0343 2360 agp440 - ok
23:44:53.0359 2360 Aha154x - ok
23:44:53.0359 2360 aic78u2 - ok
23:44:53.0375 2360 aic78xx - ok
23:44:53.0406 2360 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:44:53.0421 2360 Alerter - ok
23:44:53.0453 2360 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
23:44:53.0453 2360 ALG - ok
23:44:53.0468 2360 AliIde - ok
23:44:53.0484 2360 amsint - ok
23:44:53.0578 2360 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:44:53.0578 2360 Apple Mobile Device - ok
23:44:53.0625 2360 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:44:53.0640 2360 AppMgmt - ok
23:44:53.0671 2360 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:44:53.0671 2360 Arp1394 - ok
23:44:53.0671 2360 asc - ok
23:44:53.0687 2360 asc3350p - ok
23:44:53.0703 2360 asc3550 - ok
23:44:53.0781 2360 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:44:53.0812 2360 aspnet_state - ok
23:44:53.0843 2360 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
23:44:53.0843 2360 aswFsBlk - ok
23:44:53.0859 2360 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
23:44:53.0875 2360 aswMon2 - ok
23:44:53.0890 2360 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
23:44:53.0890 2360 AswRdr - ok
23:44:53.0953 2360 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
23:44:54.0000 2360 aswSnx - ok
23:44:54.0031 2360 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
23:44:54.0031 2360 aswSP - ok
23:44:54.0078 2360 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
23:44:54.0078 2360 aswTdi - ok
23:44:54.0109 2360 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:44:54.0109 2360 AsyncMac - ok
23:44:54.0125 2360 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:44:54.0125 2360 atapi - ok
23:44:54.0140 2360 Atdisk - ok
23:44:54.0156 2360 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:44:54.0156 2360 Atmarpc - ok
23:44:54.0218 2360 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:44:54.0218 2360 AudioSrv - ok
23:44:54.0265 2360 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:44:54.0265 2360 audstub - ok
23:44:54.0328 2360 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:44:54.0328 2360 avast! Antivirus - ok
23:44:54.0390 2360 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:44:54.0390 2360 Beep - ok
23:44:54.0421 2360 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
23:44:54.0500 2360 BITS - ok
23:44:54.0546 2360 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:44:54.0609 2360 Bonjour Service - ok
23:44:54.0671 2360 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
23:44:54.0671 2360 Browser - ok
23:44:54.0718 2360 [ DF863A3F97A8CBF9E7FBBC2A0854F582 ] BT848 C:\WINDOWS\system32\drivers\wf2kvcap.sys
23:44:54.0718 2360 BT848 - ok
23:44:54.0750 2360 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:44:54.0750 2360 cbidf2k - ok
23:44:54.0796 2360 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:44:54.0796 2360 CCDECODE - ok
23:44:54.0796 2360 cd20xrnt - ok
23:44:54.0812 2360 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:44:54.0812 2360 Cdaudio - ok
23:44:54.0843 2360 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:44:54.0843 2360 Cdfs - ok
23:44:54.0859 2360 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:44:54.0875 2360 Cdrom - ok
23:44:54.0875 2360 Changer - ok
23:44:54.0921 2360 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:44:54.0921 2360 CiSvc - ok
23:44:54.0937 2360 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:44:54.0937 2360 ClipSrv - ok
23:44:54.0953 2360 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:44:55.0015 2360 clr_optimization_v2.0.50727_32 - ok
23:44:55.0031 2360 CmdIde - ok
23:44:55.0031 2360 COMSysApp - ok
23:44:55.0062 2360 Cpqarray - ok
23:44:55.0093 2360 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:44:55.0093 2360 CryptSvc - ok
23:44:55.0109 2360 dac2w2k - ok
23:44:55.0109 2360 dac960nt - ok
23:44:55.0171 2360 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:44:55.0187 2360 DcomLaunch - ok
23:44:55.0218 2360 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:44:55.0234 2360 Dhcp - ok
23:44:55.0265 2360 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:44:55.0265 2360 Disk - ok
23:44:55.0265 2360 dmadmin - ok
23:44:55.0328 2360 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:44:55.0359 2360 dmboot - ok
23:44:55.0375 2360 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:44:55.0375 2360 dmio - ok
23:44:55.0390 2360 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:44:55.0406 2360 dmload - ok
23:44:55.0437 2360 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:44:55.0437 2360 dmserver - ok
23:44:55.0484 2360 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:44:55.0484 2360 DMusic - ok
23:44:55.0515 2360 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:44:55.0515 2360 Dnscache - ok
23:44:55.0593 2360 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:44:55.0593 2360 Dot3svc - ok
23:44:55.0609 2360 dpti2o - ok
23:44:55.0640 2360 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:44:55.0640 2360 drmkaud - ok
23:44:55.0687 2360 [ 555E54AC2F601A8821CEF58961653991 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
23:44:55.0703 2360 dtsoftbus01 - ok
23:44:55.0718 2360 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:44:55.0734 2360 EapHost - ok
23:44:55.0781 2360 [ D0C7F8CA97D16263D434D943B4B7004F ] EL2000 C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys
23:44:55.0781 2360 EL2000 - ok
23:44:55.0828 2360 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:44:55.0828 2360 ERSvc - ok
23:44:55.0890 2360 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
23:44:55.0906 2360 Eventlog - ok
23:44:55.0953 2360 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
23:44:55.0968 2360 EventSystem - ok
23:44:56.0015 2360 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:44:56.0015 2360 Fastfat - ok
23:44:56.0062 2360 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:44:56.0078 2360 FastUserSwitchingCompatibility - ok
23:44:56.0093 2360 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:44:56.0109 2360 Fdc - ok
23:44:56.0125 2360 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:44:56.0125 2360 Fips - ok
23:44:56.0140 2360 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:44:56.0140 2360 Flpydisk - ok
23:44:56.0171 2360 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:44:56.0171 2360 FltMgr - ok
23:44:56.0234 2360 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:44:56.0250 2360 FontCache3.0.0.0 - ok
23:44:56.0265 2360 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:44:56.0281 2360 Fs_Rec - ok
23:44:56.0281 2360 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:44:56.0296 2360 Ftdisk - ok
23:44:56.0312 2360 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:44:56.0328 2360 GEARAspiWDM - ok
23:44:56.0359 2360 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:44:56.0359 2360 Gpc - ok
23:44:56.0437 2360 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:44:56.0453 2360 gupdate - ok
23:44:56.0468 2360 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:44:56.0468 2360 gupdatem - ok
23:44:56.0546 2360 [ 9513DE607CD2C6D7FBECA2E6E0AE5DC0 ] HCF_MSFT C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
23:44:56.0578 2360 HCF_MSFT - ok
23:44:56.0625 2360 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:44:56.0640 2360 helpsvc - ok
23:44:56.0640 2360 HidServ - ok
23:44:56.0703 2360 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:44:56.0703 2360 hidusb - ok
23:44:56.0765 2360 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:44:56.0781 2360 hkmsvc - ok
23:44:56.0781 2360 hpn - ok
23:44:56.0843 2360 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:44:56.0859 2360 HTTP - ok
23:44:56.0906 2360 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:44:56.0921 2360 HTTPFilter - ok
23:44:56.0921 2360 i2omgmt - ok
23:44:56.0937 2360 i2omp - ok
23:44:56.0953 2360 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:44:56.0968 2360 i8042prt - ok
23:44:57.0046 2360 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:44:57.0078 2360 idsvc - ok
23:44:57.0078 2360 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:44:57.0093 2360 Imapi - ok
23:44:57.0125 2360 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:44:57.0140 2360 ImapiService - ok
23:44:57.0156 2360 ini910u - ok
23:44:57.0171 2360 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:44:57.0171 2360 IntelIde - ok
23:44:57.0187 2360 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:44:57.0203 2360 intelppm - ok
23:44:57.0218 2360 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:44:57.0218 2360 Ip6Fw - ok
23:44:57.0265 2360 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:44:57.0265 2360 IpFilterDriver - ok
23:44:57.0281 2360 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:44:57.0281 2360 IpInIp - ok
23:44:57.0312 2360 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:44:57.0312 2360 IpNat - ok
23:44:57.0375 2360 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:44:57.0390 2360 iPod Service - ok
23:44:57.0437 2360 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:44:57.0437 2360 IPSec - ok
23:44:57.0468 2360 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:44:57.0468 2360 IRENUM - ok
23:44:57.0484 2360 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:44:57.0484 2360 isapnp - ok
23:44:57.0578 2360 [ 9DBA73C2F1E76EC4CB837E67C5743596 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
23:44:57.0578 2360 JavaQuickStarterService - ok
23:44:57.0609 2360 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:44:57.0609 2360 Kbdclass - ok
23:44:57.0656 2360 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:44:57.0656 2360 kbdhid - ok
23:44:57.0703 2360 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:44:57.0703 2360 kmixer - ok
23:44:57.0734 2360 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:44:57.0734 2360 KSecDD - ok
23:44:57.0781 2360 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:44:57.0796 2360 lanmanserver - ok
23:44:57.0828 2360 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:44:57.0843 2360 lanmanworkstation - ok
23:44:57.0859 2360 lbrtfdc - ok
23:44:57.0906 2360 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:44:57.0906 2360 LmHosts - ok
23:44:57.0937 2360 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:44:57.0937 2360 MBAMProtector - ok
23:44:57.0984 2360 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:44:58.0000 2360 MBAMScheduler - ok
23:44:58.0046 2360 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:44:58.0062 2360 MBAMService - ok
23:44:58.0109 2360 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:44:58.0109 2360 Messenger - ok
23:44:58.0156 2360 [ 63C34814492AA65FC517B002DE77B191 ] MidiSyn C:\WINDOWS\system32\drivers\MidiSyn.sys
23:44:58.0156 2360 MidiSyn - ok
23:44:58.0218 2360 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:44:58.0218 2360 mnmdd - ok
23:44:58.0250 2360 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:44:58.0250 2360 mnmsrvc - ok
23:44:58.0281 2360 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:44:58.0281 2360 Modem - ok
23:44:58.0328 2360 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:44:58.0328 2360 Mouclass - ok
23:44:58.0343 2360 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:44:58.0343 2360 mouhid - ok
23:44:58.0375 2360 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:44:58.0375 2360 MountMgr - ok
23:44:58.0375 2360 mraid35x - ok
23:44:58.0406 2360 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:44:58.0406 2360 MRxDAV - ok
23:44:58.0468 2360 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:44:58.0484 2360 MRxSmb - ok
23:44:58.0515 2360 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:44:58.0515 2360 MSDTC - ok
23:44:58.0531 2360 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:44:58.0546 2360 Msfs - ok
23:44:58.0546 2360 MSIServer - ok
23:44:58.0578 2360 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:44:58.0593 2360 MSKSSRV - ok
23:44:58.0625 2360 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:44:58.0625 2360 MSPCLOCK - ok
23:44:58.0656 2360 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:44:58.0656 2360 MSPQM - ok
23:44:58.0656 2360 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:44:58.0671 2360 mssmbios - ok
23:44:58.0703 2360 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:44:58.0703 2360 MSTEE - ok
23:44:58.0734 2360 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:44:58.0734 2360 Mup - ok
23:44:58.0765 2360 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:44:58.0765 2360 NABTSFEC - ok
23:44:58.0828 2360 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:44:58.0843 2360 napagent - ok
23:44:58.0968 2360 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
23:44:59.0000 2360 NBService - ok
23:44:59.0031 2360 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:44:59.0046 2360 NDIS - ok
23:44:59.0078 2360 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:44:59.0078 2360 NdisIP - ok
23:44:59.0109 2360 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:44:59.0125 2360 NdisTapi - ok
23:44:59.0140 2360 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:44:59.0140 2360 Ndisuio - ok
23:44:59.0156 2360 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:44:59.0156 2360 NdisWan - ok
23:44:59.0218 2360 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:44:59.0218 2360 NDProxy - ok
23:44:59.0234 2360 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:44:59.0250 2360 NetBIOS - ok
23:44:59.0281 2360 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:44:59.0296 2360 NetBT - ok
23:44:59.0328 2360 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
23:44:59.0375 2360 NetDDE - ok
23:44:59.0390 2360 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:44:59.0390 2360 NetDDEdsdm - ok
23:44:59.0546 2360 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:44:59.0562 2360 Netlogon - ok
23:44:59.0609 2360 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
23:44:59.0625 2360 Netman - ok
23:44:59.0687 2360 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:44:59.0718 2360 NetTcpPortSharing - ok
23:44:59.0750 2360 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:44:59.0750 2360 NIC1394 - ok
23:44:59.0796 2360 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
23:44:59.0812 2360 Nla - ok
23:44:59.0906 2360 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
23:44:59.0921 2360 NMIndexingService - ok
23:44:59.0968 2360 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
23:44:59.0968 2360 nmwcd - ok
23:45:00.0000 2360 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
23:45:00.0000 2360 nmwcdc - ok
23:45:00.0046 2360 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:45:00.0046 2360 Npfs - ok
23:45:00.0093 2360 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:45:00.0140 2360 Ntfs - ok
23:45:00.0171 2360 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:45:00.0187 2360 NtLmSsp - ok
23:45:00.0265 2360 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:45:00.0296 2360 NtmsSvc - ok
23:45:00.0312 2360 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:45:00.0328 2360 Null - ok
23:45:00.0718 2360 [ 9F4384AA43548DDD438F7B7825D11699 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:45:00.0937 2360 nv - ok
23:45:01.0000 2360 [ 0C41C4ACFE00D826DB479C40C1D9EDC8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
23:45:01.0015 2360 NVSvc - ok
23:45:01.0062 2360 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:45:01.0062 2360 NwlnkFlt - ok
23:45:01.0078 2360 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:45:01.0078 2360 NwlnkFwd - ok
23:45:01.0125 2360 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:45:01.0125 2360 ohci1394 - ok
23:45:01.0171 2360 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:45:01.0171 2360 ose - ok
23:45:01.0203 2360 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:45:01.0218 2360 Parport - ok
23:45:01.0218 2360 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:45:01.0234 2360 PartMgr - ok
23:45:01.0265 2360 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:45:01.0265 2360 ParVdm - ok
23:45:01.0296 2360 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
23:45:01.0312 2360 pccsmcfd - ok
23:45:01.0312 2360 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:45:01.0328 2360 PCI - ok
23:45:01.0328 2360 PCIDump - ok
23:45:01.0359 2360 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys
23:45:01.0359 2360 PCIIde - ok
23:45:01.0375 2360 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:45:01.0375 2360 Pcmcia - ok
23:45:01.0390 2360 PDCOMP - ok
23:45:01.0390 2360 PDFRAME - ok
23:45:01.0406 2360 PDRELI - ok
23:45:01.0421 2360 PDRFRAME - ok
23:45:01.0437 2360 perc2 - ok
23:45:01.0437 2360 perc2hib - ok
23:45:01.0500 2360 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
23:45:01.0500 2360 PlugPlay - ok
23:45:01.0515 2360 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:45:01.0531 2360 PolicyAgent - ok
23:45:01.0562 2360 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:45:01.0562 2360 PptpMiniport - ok
23:45:01.0578 2360 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:45:01.0578 2360 ProtectedStorage - ok
23:45:01.0593 2360 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:45:01.0593 2360 PSched - ok
23:45:01.0609 2360 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:45:01.0609 2360 Ptilink - ok
23:45:01.0625 2360 ql1080 - ok
23:45:01.0640 2360 Ql10wnt - ok
23:45:01.0656 2360 ql12160 - ok
23:45:01.0656 2360 ql1240 - ok
23:45:01.0671 2360 ql1280 - ok
23:45:01.0703 2360 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:45:01.0703 2360 RasAcd - ok
23:45:01.0718 2360 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:45:01.0734 2360 RasAuto - ok
23:45:01.0750 2360 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:45:01.0750 2360 Rasl2tp - ok
23:45:01.0796 2360 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:45:01.0812 2360 RasMan - ok
23:45:01.0828 2360 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:45:01.0828 2360 RasPppoe - ok
23:45:01.0843 2360 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:45:01.0843 2360 Raspti - ok
23:45:01.0875 2360 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:45:01.0875 2360 Rdbss - ok
23:45:01.0890 2360 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:45:01.0890 2360 RDPCDD - ok
23:45:01.0921 2360 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:45:01.0921 2360 rdpdr - ok
23:45:01.0953 2360 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:45:01.0968 2360 RDPWD - ok
23:45:01.0984 2360 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:45:02.0000 2360 RDSessMgr - ok
23:45:02.0031 2360 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:45:02.0031 2360 redbook - ok
23:45:02.0046 2360 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:45:02.0062 2360 RemoteAccess - ok
23:45:02.0078 2360 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:45:02.0093 2360 RemoteRegistry - ok
23:45:02.0109 2360 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
23:45:02.0109 2360 RpcLocator - ok
23:45:02.0156 2360 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:45:02.0171 2360 RpcSs - ok
23:45:02.0187 2360 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:45:02.0203 2360 RSVP - ok
23:45:02.0234 2360 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
23:45:02.0234 2360 SamSs - ok
23:45:02.0265 2360 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:45:02.0281 2360 SCardSvr - ok
23:45:02.0328 2360 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:45:02.0343 2360 Schedule - ok
23:45:02.0375 2360 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:45:02.0375 2360 Secdrv - ok
23:45:02.0390 2360 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:45:02.0406 2360 seclogon - ok
23:45:02.0437 2360 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
23:45:02.0437 2360 SENS - ok
23:45:02.0468 2360 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:45:02.0468 2360 serenum - ok
23:45:02.0484 2360 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:45:02.0484 2360 Serial - ok
23:45:02.0609 2360 [ 979AE6E47129E51A242434DA9664054C ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
23:45:02.0640 2360 ServiceLayer - ok
23:45:02.0703 2360 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:45:02.0703 2360 Sfloppy - ok
23:45:02.0765 2360 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:45:02.0781 2360 SharedAccess - ok
23:45:02.0828 2360 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:45:02.0843 2360 ShellHWDetection - ok
23:45:02.0843 2360 Simbad - ok
23:45:02.0890 2360 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:45:02.0890 2360 SLIP - ok
23:45:02.0953 2360 [ 7D9B50329AF9FD94B0529282530D2CB7 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
23:45:02.0984 2360 smwdm - ok
23:45:03.0078 2360 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
23:45:03.0078 2360 SoundMAX Agent Service (default) - ok
23:45:03.0078 2360 Sparrow - ok
23:45:03.0156 2360 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:45:03.0156 2360 splitter - ok
23:45:03.0203 2360 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:45:03.0218 2360 Spooler - ok
23:45:03.0265 2360 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:45:03.0265 2360 sr - ok
23:45:03.0328 2360 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
23:45:03.0343 2360 srservice - ok
23:45:03.0375 2360 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:45:03.0406 2360 Srv - ok
23:45:03.0437 2360 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:45:03.0453 2360 SSDPSRV - ok
23:45:03.0484 2360 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:45:03.0531 2360 stisvc - ok
23:45:03.0578 2360 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:45:03.0593 2360 streamip - ok
23:45:03.0625 2360 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:45:03.0625 2360 swenum - ok
23:45:03.0625 2360 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:45:03.0640 2360 swmidi - ok
23:45:03.0640 2360 SwPrv - ok
23:45:03.0656 2360 symc810 - ok
23:45:03.0671 2360 symc8xx - ok
23:45:03.0687 2360 sym_hi - ok
23:45:03.0703 2360 sym_u3 - ok
23:45:03.0750 2360 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:45:03.0750 2360 sysaudio - ok
23:45:03.0781 2360 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:45:03.0796 2360 SysmonLog - ok
23:45:03.0828 2360 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:45:03.0843 2360 TapiSrv - ok
23:45:03.0906 2360 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:45:03.0921 2360 Tcpip - ok
23:45:03.0937 2360 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:45:03.0937 2360 TDPIPE - ok
23:45:03.0984 2360 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:45:03.0984 2360 TDTCP - ok
23:45:04.0031 2360 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:45:04.0031 2360 TermDD - ok
23:45:04.0078 2360 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
23:45:04.0093 2360 TermService - ok
23:45:04.0125 2360 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
23:45:04.0140 2360 Themes - ok
23:45:04.0156 2360 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:45:04.0171 2360 TlntSvr - ok
23:45:04.0187 2360 TosIde - ok
23:45:04.0234 2360 Tq_91Assistant - ok
23:45:04.0265 2360 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:45:04.0281 2360 TrkWks - ok
23:45:04.0328 2360 [ DEC0E131B20F36246549C0DB2B23A677 ] tv2ktunr C:\WINDOWS\system32\drivers\wf2ktunr.sys
23:45:04.0343 2360 tv2ktunr - ok
23:45:04.0343 2360 [ 53DB0D251B022C034A1EB0B8B7264CC5 ] Tv2kXbar C:\WINDOWS\system32\drivers\wf2kxbar.sys
23:45:04.0359 2360 Tv2kXbar - ok
23:45:04.0406 2360 TwonkyMedia - ok
23:45:04.0421 2360 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:45:04.0421 2360 Udfs - ok
23:45:04.0468 2360 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
23:45:04.0468 2360 UleadBurningHelper - ok
23:45:04.0484 2360 ultra - ok
23:45:04.0515 2360 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:45:04.0546 2360 Update - ok
23:45:04.0609 2360 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
23:45:04.0625 2360 upnphost - ok
23:45:04.0656 2360 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
23:45:04.0656 2360 upperdev - ok
23:45:04.0671 2360 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
23:45:04.0687 2360 UPS - ok
23:45:04.0718 2360 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:45:04.0718 2360 USBAAPL - ok
23:45:04.0765 2360 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:45:04.0765 2360 usbccgp - ok
23:45:04.0781 2360 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:45:04.0781 2360 usbehci - ok
23:45:04.0796 2360 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:45:04.0796 2360 usbhub - ok
23:45:04.0828 2360 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:45:04.0828 2360 usbprint - ok
23:45:04.0843 2360 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:45:04.0843 2360 usbscan - ok
23:45:04.0859 2360 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
23:45:04.0859 2360 usbser - ok
23:45:04.0906 2360 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:45:04.0906 2360 USBSTOR - ok
23:45:04.0937 2360 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:45:04.0937 2360 usbuhci - ok
23:45:04.0953 2360 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:45:04.0953 2360 VgaSave - ok
23:45:04.0968 2360 ViaIde - ok
23:45:05.0015 2360 [ 7058745E5E1515C8EE7B93056E25766B ] viaraid C:\WINDOWS\system32\DRIVERS\viaraid.sys
23:45:05.0031 2360 viaraid - ok
23:45:05.0031 2360 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:45:05.0046 2360 VolSnap - ok
23:45:05.0062 2360 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
23:45:05.0093 2360 VSS - ok
23:45:05.0125 2360 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
23:45:05.0140 2360 W32Time - ok
23:45:05.0156 2360 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:45:05.0156 2360 Wanarp - ok
23:45:05.0203 2360 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
23:45:05.0234 2360 Wdf01000 - ok
23:45:05.0234 2360 WDICA - ok
23:45:05.0250 2360 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:45:05.0265 2360 wdmaud - ok
23:45:05.0281 2360 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:45:05.0296 2360 WebClient - ok
23:45:05.0390 2360 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:45:05.0406 2360 winmgmt - ok
23:45:05.0468 2360 [ 588C1DF21321EC51EEBFF2C8909D1587 ] WmBEnum C:\WINDOWS\system32\drivers\WmBEnum.sys
23:45:05.0468 2360 WmBEnum - ok
23:45:05.0500 2360 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:45:05.0500 2360 WmdmPmSN - ok
23:45:05.0562 2360 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:45:05.0593 2360 Wmi - ok
23:45:05.0640 2360 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:45:05.0640 2360 WmiApSrv - ok
23:45:05.0734 2360 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
23:45:05.0781 2360 WMPNetworkSvc - ok
23:45:05.0828 2360 [ FE7D6991FD5894F06AAE95DC78E79948 ] WmVirHid C:\WINDOWS\system32\drivers\WmVirHid.sys
23:45:05.0843 2360 WmVirHid - ok
23:45:05.0843 2360 [ DCBB4688EE775912444B9010CD3FE9B6 ] WmXlCore C:\WINDOWS\system32\drivers\WmXlCore.sys
23:45:05.0859 2360 WmXlCore - ok
23:45:05.0890 2360 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:45:05.0906 2360 wscsvc - ok
23:45:05.0953 2360 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:45:05.0953 2360 WSTCODEC - ok
23:45:05.0984 2360 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:45:06.0015 2360 wuauserv - ok
23:45:06.0062 2360 [ 50EB9E21963B4F06FD010D007D54351B ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:45:06.0062 2360 WudfPf - ok
23:45:06.0093 2360 [ 6E209664BDEA8A15B5E8E480D6C607C2 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:45:06.0109 2360 WudfRd - ok
23:45:06.0140 2360 [ AE93084D2D236887BA56467AE42B4955 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
23:45:06.0156 2360 WudfSvc - ok
23:45:06.0234 2360 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:45:06.0328 2360 WZCSVC - ok
23:45:06.0359 2360 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:45:06.0375 2360 xmlprov - ok
23:45:06.0390 2360 ================ Scan global ===============================
23:45:06.0437 2360 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
23:45:06.0468 2360 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
23:45:06.0515 2360 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
23:45:06.0562 2360 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
23:45:06.0578 2360 [Global] - ok
23:45:06.0578 2360 ================ Scan MBR ==================================
23:45:06.0593 2360 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
23:45:06.0796 2360 \Device\Harddisk0\DR0 - ok
23:45:06.0796 2360 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR5
23:45:07.0718 2360 \Device\Harddisk1\DR5 - ok
23:45:07.0718 2360 ================ Scan VBR ==================================
23:45:07.0718 2360 [ FD133CA49CF65704A47E1209BF549404 ] \Device\Harddisk0\DR0\Partition1
23:45:07.0734 2360 \Device\Harddisk0\DR0\Partition1 - ok
23:45:07.0750 2360 [ 8A1320A03E448B26577A0D4C03D9FD79 ] \Device\Harddisk0\DR0\Partition2
23:45:07.0750 2360 \Device\Harddisk0\DR0\Partition2 - ok
23:45:07.0765 2360 [ A95212470E166EF4222845C281CC27EE ] \Device\Harddisk1\DR5\Partition1
23:45:07.0765 2360 \Device\Harddisk1\DR5\Partition1 - ok
23:45:07.0765 2360 ============================================================
23:45:07.0765 2360 Scan finished
23:45:07.0765 2360 ============================================================
23:45:07.0781 3844 Detected object count: 0
23:45:07.0781 3844 Actual detected object count: 0
23:45:14.0843 2136 Deinitialize success

astra · Příspěvekod **astra** » 15 lis 2012 00:50

ComboFix 12-11-14.01 - Uživatel 15.11.2012 0:14.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.112 [GMT 1:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\index.htm
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Dvbpws.dll
d:\zaloha~1\tv.Exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-14 do 2012-11-14 )))))))))))))))))))))))))))))))
.
.
2012-11-14 15:42 . 2009-11-06 02:20 106880 ----a-w- c:\windows\system32\drivers\adusbser.sys
2012-11-14 15:42 . 2012-11-14 23:05 -------- d-----w- c:\program files\Ufonuv fofr internet
2012-11-14 15:42 . 2012-11-14 15:42 -------- d-----w- c:\program files\Wireless modem driver
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-13 23:09 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 20:12 . 2012-11-13 20:12 388096 ----a-r- c:\documents and settings\Uživatel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-13 20:12 . 2012-11-13 20:12 -------- d-----w- c:\program files\Trend Micro
2012-11-13 19:37 . 2012-11-13 19:37 -------- d-----w- c:\program files\CCleaner
2012-11-06 16:16 . 2012-11-06 16:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Nokia
2012-11-04 19:44 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2012-11-04 19:43 . 2012-11-04 20:00 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Nseries
2012-11-04 17:02 . 2012-11-04 20:01 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Nokia
2012-11-04 17:02 . 2012-11-04 20:07 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\PC Suite
2012-11-04 17:02 . 2012-11-04 17:02 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Nokia
2012-11-04 16:54 . 2012-11-04 16:54 -------- d-----w- c:\program files\MSXML 6.0
2012-11-04 16:54 . 2012-11-04 16:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Installations
2012-11-04 16:53 . 2012-11-04 16:53 -------- d-----w- c:\program files\Common Files\muvee Technologies
2012-11-04 16:52 . 2012-11-04 16:54 -------- d-----w- c:\windows\Globalization
2012-11-04 16:51 . 2012-11-04 16:55 -------- d-----w- c:\program files\Common Files\Nokia
2012-11-04 16:49 . 2012-11-04 16:49 -------- d-----w- c:\program files\DIFX
2012-11-04 16:49 . 2007-09-17 14:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-11-04 16:44 . 2008-06-06 08:24 8064 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-04 16:44 . 2008-05-07 06:38 20864 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-04 16:44 . 2008-05-07 06:39 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2012-11-04 16:44 . 2008-05-07 06:38 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2012-11-04 16:44 . 2008-05-07 06:38 17536 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-04 16:44 . 2012-11-04 16:55 -------- d-----w- c:\program files\Nokia
2012-11-04 16:44 . 2008-05-07 06:38 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-18 18:36 . 2012-07-30 21:12 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-18 18:36 . 2012-07-30 21:12 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 15:18 . 2004-08-17 13:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-17 13:49 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-17 13:44 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-17 13:49 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2004-08-17 13:45 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 10:12 . 2002-01-01 01:17 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 10:12 . 2002-01-01 01:17 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-21 09:13 . 2012-09-24 22:51 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-09-24 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-09-24 22:51 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-09-24 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-09-24 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-09-24 22:51 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-09-24 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2012-09-24 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-17 13:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-17 13:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-17 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-17 . E28340F6CB7BAC3EACDA9C74A0BE42BE . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2004-08-17 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2004-08-17 . 227163195E9495BD99C915EF5F42445C . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[-] 2004-08-17 . 93B9E2450B9E5D7F650C72B6E05FD81E . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\AGP440.SYS
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-17 13:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 06:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 06:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 13:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2004-08-17 . B75F372796170EBD15DF35AE9963BFB8 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 10:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2011-01-12 101888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Zástupce - procexp.lnk - c:\documents and settings\Uživatel\Plocha\ProcessExplorer\procexp.exe [2012-11-13 4845856]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Nokia Ovi Suite.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Nokia Ovi Suite.lnk
backup=c:\windows\pss\Nokia Ovi Suite.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 17:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWT myPrintMileage Agent]
2005-01-26 01:45 102400 ----a-w- c:\program files\Hewlett-Packard\HP Business Inkjet 1000\Toolbox\mpm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 12:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 12:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-17 08:42 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
.
R0 viaraid;viaraid;c:\windows\system32\drivers\viaraid.sys [17.4.2011 19:02 72192]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.9.2012 23:51 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24.9.2012 23:51 355632]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.4.2011 22:27 218688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.9.2012 23:51 21256]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [17.4.2011 21:46 59776]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [17.4.2011 21:46 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [17.4.2011 21:46 9600]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [14.11.2012 16:42 106880]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\system32\regedt32.exe [25.10.2001 15:00 3584]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.11.2012 0:09 676936]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2011 17:36 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [21.4.2011 20:54 64896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.11.2012 0:09 22856]
S3 Tq_91Assistant;Tq_91Assistant;\??\c:\program files\NetDragon\91 Mobile\iPhone\Tq_91Assistant.sys --> c:\program files\NetDragon\91 Mobile\iPhone\Tq_91Assistant.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - PROCEXP141
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 18:36]
.
2012-04-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-11-14 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2002-01-01 10:12]
.
2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-02 21:55]
.
2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-02 21:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Start WingMan Profiler - (no file)
MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-15 00:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2012-11-15 00:28:39
ComboFix-quarantined-files.txt 2012-11-14 23:28
.
Před spuštěním: Volných bajtů: 40 796 606 464
Po spuštění: Volných bajtů: 40 963 813 376
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 4F628C12E44A4902D9349F2CB6C46D40

Příspěvekod **memphisto** » 15 lis 2012 22:47

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
.EsetTrialReset
TwonkyMedia
Tq_91Assistant

File::
c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
c:\program files\NetDragon\91 Mobile\iPhone\Tq_91Assistant.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

astra · Příspěvekod **astra** » 15 lis 2012 23:36

ComboFix 12-11-14.01 - Uživatel 15.11.2012 23:14:20.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.100 [GMT 1:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\program files\NetDragon\91 Mobile\iPhone\Tq_91Assistant.sys"
"c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_TQ_91ASSISTANT
-------\Legacy_TWONKYMEDIA
-------\Service_.EsetTrialReset
-------\Service_Tq_91Assistant
-------\Service_TwonkyMedia
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-15 do 2012-11-15 )))))))))))))))))))))))))))))))
.
.
2012-11-14 15:42 . 2009-11-06 02:20 106880 ----a-w- c:\windows\system32\drivers\adusbser.sys
2012-11-14 15:42 . 2012-11-14 23:05 -------- d-----w- c:\program files\Ufonuv fofr internet
2012-11-14 15:42 . 2012-11-14 15:42 -------- d-----w- c:\program files\Wireless modem driver
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-11-13 23:09 . 2012-11-13 23:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-13 23:09 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 20:12 . 2012-11-13 20:12 388096 ----a-r- c:\documents and settings\Uživatel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-13 20:12 . 2012-11-13 20:12 -------- d-----w- c:\program files\Trend Micro
2012-11-13 19:37 . 2012-11-13 19:37 -------- d-----w- c:\program files\CCleaner
2012-11-06 16:16 . 2012-11-06 16:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Nokia
2012-11-04 19:44 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2012-11-04 19:43 . 2012-11-04 20:00 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Nseries
2012-11-04 17:02 . 2012-11-04 20:01 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Nokia
2012-11-04 17:02 . 2012-11-04 20:07 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\PC Suite
2012-11-04 17:02 . 2012-11-04 17:02 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Nokia
2012-11-04 16:54 . 2012-11-04 16:54 -------- d-----w- c:\program files\MSXML 6.0
2012-11-04 16:54 . 2012-11-04 16:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Installations
2012-11-04 16:53 . 2012-11-04 16:53 -------- d-----w- c:\program files\Common Files\muvee Technologies
2012-11-04 16:52 . 2012-11-04 16:54 -------- d-----w- c:\windows\Globalization
2012-11-04 16:51 . 2012-11-04 16:55 -------- d-----w- c:\program files\Common Files\Nokia
2012-11-04 16:49 . 2012-11-04 16:49 -------- d-----w- c:\program files\DIFX
2012-11-04 16:49 . 2007-09-17 14:53 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2012-11-04 16:44 . 2008-06-06 08:24 8064 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2012-11-04 16:44 . 2008-05-07 06:38 20864 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2012-11-04 16:44 . 2008-05-07 06:39 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
2012-11-04 16:44 . 2008-05-07 06:38 659968 ----a-w- c:\windows\system32\nmwcdcocls.dll
2012-11-04 16:44 . 2008-05-07 06:38 17536 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2012-11-04 16:44 . 2012-11-04 16:55 -------- d-----w- c:\program files\Nokia
2012-11-04 16:44 . 2008-05-07 06:38 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-18 18:36 . 2012-07-30 21:12 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-18 18:36 . 2012-07-30 21:12 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 15:18 . 2004-08-17 13:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-17 13:49 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-17 13:44 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2004-08-17 13:49 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2004-08-17 15:45 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-23 06:27 . 2004-08-17 13:45 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 10:12 . 2002-01-01 01:17 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 10:12 . 2002-01-01 01:17 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-21 09:13 . 2012-09-24 22:51 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-09-24 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-09-24 22:51 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-09-24 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-08-21 09:13 . 2012-09-24 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-08-21 09:13 . 2012-09-24 22:51 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-08-21 09:13 . 2012-09-24 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:13 . 2012-09-24 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
.
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll
.
[-] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-17 13:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2004-08-17 13:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2004-08-17 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-17 . E28340F6CB7BAC3EACDA9C74A0BE42BE . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2004-08-17 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll
.
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msimg32.dll
[-] 2008-04-14 . 627551A1011199BCE013D0F4B6CACECF . 4608 . . [5.1.2600.5512] . . c:\windows\system32\msimg32.dll
[-] 2004-08-17 . 227163195E9495BD99C915EF5F42445C . 4608 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msimg32.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime
[-] 2008-04-14 . 26AE5F5ADF4A30C8BCEA736343170201 . 177152 . . [5.1.2600.5512] . . c:\windows\system32\msctfime.ime
[-] 2004-08-17 . 93B9E2450B9E5D7F650C72B6E05FD81E . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\AGP440.SYS
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
.
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-17 13:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 06:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 06:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 13:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
.
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wshtcpip.dll
[-] 2008-04-14 . 8DBCEA7B495024A29FEF59B5FE709DAC . 19456 . . [5.1.2600.5512] . . c:\windows\system32\wshtcpip.dll
[-] 2004-08-17 . B75F372796170EBD15DF35AE9963BFB8 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wshtcpip.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 10:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-05-29 790528]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2011-01-12 101888]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Zástupce - procexp.lnk - c:\documents and settings\Uživatel\Plocha\ProcessExplorer\procexp.exe [2012-11-13 4845856]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Nokia Ovi Suite.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Nokia Ovi Suite.lnk
backup=c:\windows\pss\Nokia Ovi Suite.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2011-11-01 22:25 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2010-10-27 17:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 17:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWT myPrintMileage Agent]
2005-01-26 01:45 102400 ----a-w- c:\program files\Hewlett-Packard\HP Business Inkjet 1000\Toolbox\mpm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 12:01 13529088 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 12:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 13:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-17 08:42 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"=
"c:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"=
.
R0 viaraid;viaraid;c:\windows\system32\drivers\viaraid.sys [17.4.2011 19:02 72192]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24.9.2012 23:51 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24.9.2012 23:51 355632]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [17.4.2011 22:27 218688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.9.2012 23:51 21256]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [17.4.2011 21:46 59776]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.11.2012 0:09 676936]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [17.4.2011 21:46 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [17.4.2011 21:46 9600]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [14.11.2012 16:42 106880]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [14.11.2012 0:09 22856]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [28.4.2011 17:36 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [21.4.2011 20:54 64896]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - PROCEXP141
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-30 18:36]
.
2012-04-12 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-11-15 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2002-01-01 10:12]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-02 21:55]
.
2012-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-02 21:55]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-15 23:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2692)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2012-11-15 23:34:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-15 22:33
ComboFix2.txt 2012-11-14 23:28
.
Před spuštěním: Volných bajtů: 40 776 921 088
Po spuštění: Volných bajtů: 40 602 689 536
.
- - End Of File - - DFA0EC12867285B233CF091115CA1A1C

Příspěvekod **jaro3** » 16 lis 2012 10:35

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\drivers\adusbser.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

vlož nový log z HJT.+info o problémech.

astra · Příspěvekod **astra** » 18 lis 2012 19:56

TFC proběhl bez problému a nakonec i sám restartoval.

adusbser.sys jsem otestovala nejprve na virustotal - tam to našlo Detection ratio: 1/43, pomocí TrendMicro-HouseCall - konkrétně: TROJ_GEN.F4AHZFR https://www.virustotal.com/file/5dbe010 ... 353264030/. Následně jsem zkusila to samé na virscan, ale tam to nenašlo nic:

VirSCAN.org Scanned Report :
Scanned time : 2012/11/18 19:42:07 (CET)
Scanner results: Scanners did not find malware!
File Name : adusbser.sys
File Size : 106880 byte
File Type : PE32 executable for MS Windows (native) Intel 80386 32-bit
MD5 : e4283b3de62494325818d60c638cdd51
SHA1 : 2791c6ed7db19b09c6e65f59e9d618b0d0b4f33e
Online report : http://r.virscan.org/6db8096b8fb77886f2623ea5d3b967ad

Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.1.0.4 20121118051141 2012-11-18 9.45 -
AhnLab V3 2012.11.18.00 2012.11.18 2012-11-18 2.87 -
AntiVir 8.2.10.202 7.11.50.58 2012-11-16 0.20 -
Antiy 2.0.18 2.0.18. 0002-18-00 0.43 -
Arcavir 2011 201211130144 2012-11-13 5.59 -
Authentium 5.1.1 201209090949 2012-09-09 2.82 -
AVAST! 4.7.4 121118-0 2012-11-18 0.27 -
AVG 12.0.1794 2441/5402 2012-11-17 0.50 -
BitDefender 7.90123.7975197 7.44042 2012-11-19 5.72 -
ClamAV 0.97.5 15593 2012-11-18 0.28 -
Comodo 5.1 14239 2012-11-18 4.03 -
CP Secure 1.3.0.5 2012.11.19 2012-11-19 0.21 -
Dr.Web 7.0.4.9250 2012.11.18 2012-11-18 16.33 -
F-Prot 4.6.2.117 20121117 2012-11-17 0.96 -
F-Secure 7.02.73807 2012.11.18.04 2012-11-18 0.68 -
Fortinet 4.3.392 16.549 2012-11-19 0.24 -
GData 22.6730 20121118 2012-11-18 6.12 -
ViRobot 20121116 2012.11.16 2012-11-16 0.37 -
Ikarus T3.1.32.20.0 2012.11.18.82778 2012-11-18 7.83 -
JiangMin 13.0.900 2012.11.18 2012-11-18 2.63 -
Kaspersky 5.5.10 2012.10.16 2012-10-16 0.39 -
KingSoft 2009.2.5.15 2012.11.18.9 2012-11-18 1.07 -
McAfee 5400.1158 6899 2012-11-17 11.87 -
Microsoft 1.8904 2012.11.17 2012-11-17 0.17 -
NOD32 3.0.21 7704 2012-11-18 0.21 -
Norman 6.8.3 201208311030 2012-08-31 0.00 -
Panda 9.05.01 2012.11.17 2012-11-17 5.68 -
Trend Micro 9.500-1005 9.534.04 2012-11-18 0.21 -
Quick Heal 11.00 2012.11.17 2012-11-17 1.01 -
Rising 20.0 24.36.03.03 2012-11-15 2.87 -
Sophos 3.35.1 4.81 2012-11-19 6.26 -
Sunbelt 3.9.2552.2 14020 2012-11-17 1.09 -
Symantec 1.3.0.24 20121117.005 2012-11-17 0.42 -
nProtect 20121117.01 12613268 2012-11-17 1.51 -
The Hacker 6.8.0.0 v00128 2012-11-17 0.61 -
VBA32 3.12.18.3 20121116.1810 2012-11-16 4.43 -
VirusBuster 5.5.2.13 15.0.259.0/102649832012-11-17 0.20 -

Prosím o kontrolu logu Vyřešeno

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online