Pravidlá • Registrovať • Prihlásenie

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » problem s windows update

problem s windows update

Stránka: 1 z 1

[ Príspevkov: 17 ]

Autor

Správa

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal

tino: 08.10.2009 20:27

caute, mam problem s windows update, ak spustim manualne web stranku windows update tak mi nikdy nenajde ziadne dostupne kriticke ani volitelne aplikacie. vsetko prebehne bez chyby ale nenajde mi ziadne nove aktualizacie

tu je log
tu je este log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by tatko at 2009-10-08 19:59:10
Systém Microsoft Windows XP Professional Service Pack 3, v.5657
System drive C: has 29 GB (58%) free of 50 GB
Total RAM: 1023 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:19, on 8.10.2009
Platform: Windows XP SP3, v.5657 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Mozilla Firefox\MCS\AP\Components\Service\CardBusService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
c:\install\RSIT.exe
D:\martin\tatko.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AsusServiceProvider] C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 6534451515
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9CD456BD-7E0B-4ECD-9194-EEAC93A3DAA6}: NameServer = 192.168.100.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Mozilla Firefox\MCS\AP\Components\Service\CardBusService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1c989d0c3614c8c) (gupdate1c989d0c3614c8c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5067 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"AsusServiceProvider"=C:\Program Files\ASUS\AASP\1.00.23\aaCenter.exe [2007-01-05 597504]
"AsusStartupHelp"=C:\Program Files\ASUS\AASP\1.00.23\AsRunHelp.exe [2006-12-29 363008]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-02-12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X Configure]
C:\WINDOWS\system32\JMRaidSetup.exe [2006-10-30 1953792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-02-12 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickTV.lnk]
C:\PROGRA~1\AVerTV\QuickTV.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, credssp.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=129

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Disabled:Nero ShowTime Essentials"
"D:\hry\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="D:\hry\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Disabled:speed2"
"F:\skype_port\Portable Skype\Phone\Skype.exe"="F:\skype_port\Portable Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\hry\Microsoft Games\Rise of Nations\rise.exe"="D:\hry\Microsoft Games\Rise of Nations\rise.exe:*:Disabled:Rise of Nations"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\skype\Portable Skype\Phone\Skype.exe"="I:\skype\Portable Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\hry\Ubisoft\Demo\Tom Clancy's H.A.W.X\HAWX.exe"="D:\hry\Ubisoft\Demo\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"D:\hry\Ubisoft\Demo\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="D:\hry\Ubisoft\Demo\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-10-08 19:59:10 ----D---- C:\rsit
2009-10-08 19:21:12 ----A---- C:\mbam-log-2009-10-08 (19-21-04).txt
2009-10-08 19:11:34 ----D---- C:\Documents and Settings\tatko\Application Data\Malwarebytes
2009-10-08 19:11:29 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-10-08 19:11:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-10-07 20:55:28 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-10-07 20:53:16 ----A---- C:\WINDOWS\setuplog.txt
2009-10-04 15:49:38 ----D---- C:\Program Files\HD Tune

======List of files/folders modified in the last 1 months======

2009-10-08 19:58:44 ----D---- C:\WINDOWS\Temp
2009-10-08 19:57:00 ----D---- C:\install
2009-10-08 19:54:31 ----D---- C:\Program Files\Mozilla Firefox
2009-10-08 19:53:47 ----A---- C:\WINDOWS\wincmd.ini
2009-10-08 19:41:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-10-08 19:11:30 ----D---- C:\WINDOWS\system32\drivers
2009-10-08 19:11:28 ----RD---- C:\Program Files
2009-10-08 19:06:31 ----D---- C:\WINDOWS\system32\CatRoot2
2009-10-08 08:04:18 ----D---- C:\WINDOWS
2009-10-07 21:00:24 ----HD---- C:\WINDOWS\inf
2009-10-07 20:56:25 ----D---- C:\WINDOWS\Prefetch
2009-10-07 20:55:28 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-10-07 20:55:27 ----D---- C:\WINDOWS\system32
2009-10-07 20:55:00 ----D---- C:\WINDOWS\SoftwareDistribution
2009-10-06 17:38:46 ----SHD---- C:\WINDOWS\CSC
2009-10-04 15:35:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-10-04 10:15:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-10-03 17:12:39 ----D---- C:\WINDOWS\Help
2009-09-27 10:41:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-09-13 20:44:30 ----D---- C:\Documents and Settings\tatko\Application Data\Skype
2009-09-13 20:01:17 ----D---- C:\Documents and Settings\tatko\Application Data\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-02-12 36352]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 CX23880;AVerMedia, AVerTV Video Capture; C:\WINDOWS\system32\drivers\cx88vid.sys [2005-12-09 270336]
R2 CX88XBAR;AVerMedia, AVerTV Crossbar (88x); C:\WINDOWS\system32\drivers\CX88XBAR.sys [2005-12-09 9312]
R2 CXTUNE;AVerMedia AVerTV Tuner Service (88x); C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-12-09 32032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-02-12 10368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-02-12 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-02-12 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-02-12 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2005-04-12 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2005-04-12 45504]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-02-12 14592]
S3 a959pgq1;a959pgq1; C:\WINDOWS\system32\drivers\a959pgq1.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-02-12 17024]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-07-07 55216]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-02-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-02-12 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-02-12 10880]
S3 QV2KUX;Casio Digital Camera; C:\WINDOWS\system32\DRIVERS\qv2kux.sys [2001-08-17 3328]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-02-12 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-02-12 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-02-12 32128]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-02-12 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-09-06 9600]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2005-04-12 22240]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2005-04-12 17632]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2005-04-12 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-02-12 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CardBusService;CardBusService; C:\Program Files\Mozilla Firefox\MCS\AP\Components\Service\CardBusService.exe [2007-04-24 188416]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 gupdate1c989d0c3614c8c;Google Update Service (gupdate1c989d0c3614c8c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 09.10.2009 19:19

Ahoj, pouzivas Alcohol/Daemon?
Co nasiel MbAM?

Stiahni RootRepeal. Spustis program, kliknes na "Report" -> "Scan" a zafajknes vsetky polozky. Stlac "OK" a spusti sa scan. Po jeho dokonceni klik na "Save Report" a vzniknuty log skopiruj sem.

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 10.10.2009 19:14

pitimir píše:

mbam nic nenasiel
neviem niekedy davno som vypinal aktualizacie, mozno aj cez registre
ale nechapem preco web windows update normalne ide ale vypise ze ziadne aktualizacie sa nenasli, ci tak nejako

asi preinstalujem win a bude. uz som daval logy na viry.cz, nikto nic . takze ktovie v com to bude. na tom webe nevypisuje ziadnu chybu, akoby boli vsetky aktualizacie nainstalovane

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 11.10.2009 15:01

Tvoj log som si pozrel...par veci by sa este dalo skusit, preto sprav toto:

1) Start -> Spustit -> (napis) notepad "C:\ComboFix.txt"
Enter. Obsah textaku, ktory sa ti otvori, mi sem skopiruj.

2) MbAM predsa len nieco nasiel - ak chces pomoct, tak potrebujem vediet vsetko :waggle:

3) Ostala nezodpovedana otazka na emulacne programy a nikde nevidim log z RootRepealu.

Takze?

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 11.10.2009 18:13

pitimir píše:

3) Ostala nezodpovedana otazka na emulacne programy a nikde nevidim log z RootRepealu.

Takze?

pouzivam deamon tools lite
takze root repal

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/10/11 18:00
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xF2A2A000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7A72000 Size: 8192 File Visible: No Signed: -
Status: -

Name: PCI_PNP1030
Image Path: \Driver\PCI_PNP1030
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xBA4C2000 Size: 49152 File Visible: No Signed: -
Status: -

Name: spsi.sys
Image Path: spsi.sys
Address: 0xF72DB000 Size: 1048576 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0x864418a0

#: 041 Function Name: NtCreateKey
Status: Hooked by "spsi.sys" at address 0xf72dc0e0

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "spsi.sys" at address 0xf72faca2

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "spsi.sys" at address 0xf72fb030

#: 119 Function Name: NtOpenKey
Status: Hooked by "spsi.sys" at address 0xf72dc0c0

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x86440cb0

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x864410d0

#: 160 Function Name: NtQueryKey
Status: Hooked by "spsi.sys" at address 0xf72fb108

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "spsi.sys" at address 0xf72faf88

#: 247 Function Name: NtSetValueKey
Status: Hooked by "spsi.sys" at address 0xf72fb19a

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x864416d0

#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x864414f0

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x86440ee0

#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x86441310

Stealth Objects
-------------------
Object: Hidden Code [ETHREAD: 0x86c93020]
Process: System Address: 0x8643f930 Size: 1000

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x871661f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x86e301f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_CREATE]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_CLOSE]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_POWER]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: JRAID, IRP_MJ_PNP]
Process: System Address: 0x871671f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CREATE]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_CLOSE]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_READ]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_WRITE]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SHUTDOWN]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_POWER]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: dmio, IRP_MJ_PNP]
Process: System Address: 0x871681f8 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CREATE]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_CLOSE]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_POWER]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: usbuhci, IRP_MJ_PNP]
Process: System Address: 0x86f42340 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x871d91f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_CREATE]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_CLOSE]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_POWER]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: a04x42ggȅ扏煓ȁఄ䵃慖, IRP_MJ_PNP]
Process: System Address: 0x86eed1f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x864c21f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x86e721f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x860271f8 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_CREATE]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_CLOSE]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_READ]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_CLEANUP]
Process: System Address: 0x86b06500 Size: 121

Object: Hidden Code [Driver: Cdfsࠅఒ瑓杲㩃坜义佄南, IRP_MJ_PNP]
Process: System Address: 0x86b06500 Size: 121

==EOF==

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 11.10.2009 18:20

tu je mbam

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 2925
Windows 5.1.2600 Service Pack 3, v.5657

8.10.2009 19:52:58
mbam-log-2009-10-08 (19-52-58).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 147878
Uplynutý cas: 6 minute(s), 32 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 11.10.2009 18:21

pitimir píše:

3) Ostala nezodpovedana otazka na emulacne programy a nikde nevidim log z RootRepealu.

Takze?

a combofix

ComboFix 09-10-08.04 - tatko 09.10.2009 18:36.1.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1023.618 [GMT 2:00]
Running from: c:\documents and settings\tatko\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 )))))))))))))))))))))))))))))))
.

2009-10-08 17:59 . 2009-10-08 17:59 -------- d-----w- C:\rsit
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\documents and settings\tatko\Application Data\Malwarebytes
2009-10-08 17:11 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-08 17:11 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-04 13:49 . 2009-10-04 13:49 -------- d-----w- c:\program files\HD Tune
2009-09-29 16:16 . 2009-09-29 16:16 -------- d-sh--w- c:\documents and settings\indian\PrivacIE
2009-09-11 14:33 . 2009-09-11 14:33 -------- d-sh--w- c:\documents and settings\TINA\PrivacIE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-09 16:32 . 2009-03-30 16:36 -------- d-----w- c:\documents and settings\TINA\Application Data\Skype
2009-10-09 16:32 . 2009-03-30 16:39 -------- d-----w- c:\documents and settings\TINA\Application Data\skypePM
2009-10-09 14:37 . 2009-01-14 16:20 -------- d-----w- c:\documents and settings\indian\Application Data\Skype
2009-10-09 14:36 . 2009-01-29 07:54 -------- d-----w- c:\documents and settings\indian\Application Data\skypePM
2009-10-04 13:35 . 2007-07-16 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-13 18:44 . 2009-01-28 19:23 -------- d-----w- c:\documents and settings\tatko\Application Data\Skype
2009-09-13 18:01 . 2009-01-28 19:25 -------- d-----w- c:\documents and settings\tatko\Application Data\skypePM
2009-08-06 17:24 . 2007-07-16 17:50 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2007-07-16 17:50 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2008-10-16 13:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2007-07-16 17:50 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2007-07-16 17:50 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-04 01:07 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2007-07-16 17:50 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2007-07-16 17:50 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-07-12 10:21 . 2004-08-04 01:07 233472 ----a-w- c:\windows\system32\wmpdxm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"AsusServiceProvider"="c:\program files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504]
"AsusStartupHelp"="c:\program files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-22 1622016]
"NvMediaCenter"="NvMCTray.dll" - c:\windows\system32\nvmctray.dll [2006-10-22 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2009-5-10 618496]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickTV.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickTV.lnk
backup=c:\windows\pss\QuickTV.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"d:\\hry\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\hry\\Microsoft Games\\Rise of Nations\\rise.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\hry\\Ubisoft\\Demo\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208]
R2 CX88XBAR;AVerMedia, AVerTV Crossbar (88x);c:\windows\system32\drivers\cx88xbar.sys [17.11.2008 19:46 9312]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 15:23 727720]
S2 CardBusService;CardBusService;c:\program files\Mozilla Firefox\MCS\AP\Components\SERVICE\CardBusService.exe [10.5.2009 20:05 188416]
S2 gupdate1c989d0c3614c8c;Google Update Service (gupdate1c989d0c3614c8c);c:\program files\Google\Update\GoogleUpdate.exe [8.2.2009 11:36 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 09:36]

2009-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 09:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {9CD456BD-7E0B-4ECD-9194-EEAC93A3DAA6} = 192.168.100.1
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
FF - ProfilePath - c:\documents and settings\tatko\Application Data\Mozilla\Firefox\Profiles\l8ikrd6v.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-09 18:39
Windows 5.1.2600 Service Pack 3, v.5657 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1376)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-10-09 18:40
ComboFix-quarantined-files.txt 2009-10-09 16:40

Pre-Run: 32 427 274 240 bytes free
Post-Run: 14 adresárov, 32 942 755 840 voľných bajtov

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
121

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 11.10.2009 18:29

Otazka - aky pouzivas bezpecnostny soft? ESET alebo Kaspersky?

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 11.10.2009 18:37

pitimir píše:

Otazka - aky pouzivas bezpecnostny soft? ESET alebo Kaspersky?

eset samrt security 4-ku

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 11.10.2009 20:57

1) Pouzi tento subor.

2) Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:

Kód:

KillAll::
SecCenter::
{2C4D4BC6-0793-4956-A9F9-E252435469C0}

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000000

DDS::
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab 

FixCSet::

Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.

problem s windows update

Program script spracuje a spravi novy log.

Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 13.10.2009 12:01

pitimir píše:

1) Pouzi tento subor.

2) Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:

nepomohlo

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 13.10.2009 19:06

To je sice pekne a mozne, ale pokial mi nemienis davat logy podla instrukcii, tak ti poradit neviem a nemozem.

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 14.10.2009 20:59

pitimir píše:

To je sice pekne a mozne, ale pokial mi nemienis davat logy podla instrukcii, tak ti poradit neviem a nemozem.

prepac, myslel som ze ten scrypt to mal urobit. tu je log

ComboFix 09-10-08.04 - tatko 12.10.2009 19:11.2.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1023.680 [GMT 2:00]
Running from: c:\documents and settings\tatko\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\tatko\Desktop\CFScript.txt.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-09-12 to 2009-10-12 )))))))))))))))))))))))))))))))
.

2009-10-12 17:11 . 2009-10-12 17:11 -------- d-----w- c:\documents and settings\tatko\Local Settings\Application Data\ESET
2009-10-11 16:56 . 2009-10-11 16:56 -------- d-----w- c:\program files\IPACS
2009-10-11 15:58 . 2009-10-12 17:08 -------- d-----w- C:\a
2009-10-11 10:41 . 2009-10-11 10:41 -------- d-----w- c:\windows\system32\URTTEMP
2009-10-10 18:09 . 2009-10-10 18:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2009-10-10 18:06 . 2009-10-10 18:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ESET
2009-10-10 17:58 . 2009-10-10 17:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\GHISLER
2009-10-10 17:57 . 2009-10-10 17:57 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2009-10-10 17:56 . 2009-10-10 17:56 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2009-10-10 17:38 . 2009-10-10 17:38 -------- d-----w- c:\program files\SystemRequirementsLab
2009-10-10 12:29 . 2009-10-10 12:29 -------- d-----w- c:\windows\system32\CatRoot_bak
2009-10-10 11:31 . 2009-10-10 11:35 -------- d-----w- c:\windows\NV31483524.TMP
2009-10-08 17:59 . 2009-10-08 17:59 -------- d-----w- C:\rsit
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\documents and settings\tatko\Application Data\Malwarebytes
2009-10-08 17:11 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-08 17:11 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-08 17:11 . 2009-10-08 17:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-04 13:49 . 2009-10-04 13:49 -------- d-----w- c:\program files\HD Tune
2009-09-29 16:16 . 2009-09-29 16:16 -------- d-sh--w- c:\documents and settings\indian\PrivacIE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-12 16:39 . 2009-01-14 16:20 -------- d-----w- c:\documents and settings\indian\Application Data\Skype
2009-10-12 15:39 . 2009-01-29 07:54 -------- d-----w- c:\documents and settings\indian\Application Data\skypePM
2009-10-11 16:56 . 2007-07-16 18:05 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-11 16:36 . 2009-03-12 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-10-11 16:26 . 2009-03-12 18:37 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-10 17:59 . 2007-08-13 12:26 -------- d-----w- c:\documents and settings\tatko\Application Data\Zoner
2009-10-09 16:32 . 2009-03-30 16:36 -------- d-----w- c:\documents and settings\TINA\Application Data\Skype
2009-10-09 16:32 . 2009-03-30 16:39 -------- d-----w- c:\documents and settings\TINA\Application Data\skypePM
2009-09-13 18:44 . 2009-01-28 19:23 -------- d-----w- c:\documents and settings\tatko\Application Data\Skype
2009-09-13 18:01 . 2009-01-28 19:25 -------- d-----w- c:\documents and settings\tatko\Application Data\skypePM
2009-08-06 17:24 . 2007-07-16 17:50 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2007-07-16 17:50 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2008-10-16 13:09 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2007-07-16 17:50 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2007-07-16 17:50 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-04 01:07 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2007-07-16 17:50 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2007-07-16 17:50 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-07-28 06:55 . 2007-07-16 18:08 143360 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-10-09_16.39.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-02-21 03:16 . 2003-02-21 03:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
+ 2009-07-08 02:05 . 2009-07-08 02:05 73728 c:\windows\system32\RtNicProp32.dll
+ 2009-10-11 10:42 . 2006-07-27 01:49 83712 c:\windows\system32\ReinstallBackups\0024\DriverFiles\Rtenicxp.sys
+ 2009-10-10 11:30 . 2006-10-22 10:22 81920 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvwddi.dll
+ 2009-10-10 11:30 . 2006-10-22 04:22 86016 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmctray.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 35840 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvcod.dll
+ 2004-08-04 01:07 . 2009-10-11 10:41 62422 c:\windows\system32\perfc009.dat
+ 2006-10-22 04:22 . 2008-09-17 21:55 81920 c:\windows\system32\nvwddi.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 81920 c:\windows\system32\nvwddi.dll
- 2006-10-22 04:22 . 2006-10-22 04:22 86016 c:\windows\system32\nvmctray.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 86016 c:\windows\system32\nvmctray.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 45056 c:\windows\system32\nvmccsrs.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 45056 c:\windows\system32\nvmccsrs.dll
+ 2003-02-20 18:10 . 2003-02-20 18:10 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 64000 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.Design.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Configuration.Install.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe
+ 2003-02-21 05:26 . 2003-02-21 05:26 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe
+ 2003-02-20 17:09 . 2003-02-20 17:09 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\ngen.exe
+ 2003-02-20 16:43 . 2003-02-20 16:43 22528 c:\windows\Microsoft.NET\Framework\v1.1.4322\MUI\0409\mscorsecr.dll
+ 2003-02-20 17:18 . 2003-02-20 17:18 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\mtxoci8.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2003-02-20 17:06 . 2003-02-20 17:06 65536 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorpe.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
+ 2003-02-21 05:25 . 2003-02-21 05:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2003-02-21 05:25 . 2003-02-21 05:25 11264 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.Vsa.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.Vsa.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\jsc.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 26112 c:\windows\Microsoft.NET\Framework\v1.1.4322\ISymWrapper.dll
+ 2003-02-20 17:22 . 2003-02-20 17:22 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtilLib.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 15872 c:\windows\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-02-21 02:12 . 2003-02-21 02:12 28672 c:\windows\Microsoft.NET\Framework\v1.1.4322\cvtres.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 33792 c:\windows\Microsoft.NET\Framework\v1.1.4322\CustomMarshalers.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 12288 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscompmgd.dll
+ 2003-02-21 08:20 . 2003-02-21 08:20 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2003-02-20 17:09 . 2003-02-20 17:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\CasPol.exe
+ 2003-02-20 17:19 . 2003-02-20 17:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2003-02-20 17:19 . 2003-02-20 17:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2003-02-20 17:19 . 2003-02-20 17:19 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2003-02-20 17:19 . 2003-02-20 17:19 40960 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_rc.dll
+ 2003-02-20 17:19 . 2003-02-20 17:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2003-02-21 03:00 . 2003-02-21 03:00 98304 c:\windows\Microsoft.NET\Framework\v1.1.4322\alink.dll
+ 2003-02-21 01:55 . 2003-02-21 01:55 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\cscompui.dll
+ 2003-02-21 00:59 . 2003-02-21 00:59 16896 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\alinkui.dll
+ 2009-10-11 10:42 . 2009-10-11 10:42 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_78816e1e\System.Drawing.Design.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_e4b0427e\CustomMarshalers.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 64000 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 65536 c:\windows\assembly\GAC\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 86016 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 77824 c:\windows\assembly\GAC\System.Configuration.Install\1.0.5000.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 32768 c:\windows\assembly\GAC\Microsoft.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 11264 c:\windows\assembly\GAC\Microsoft.Vsa.Vb.CodeDOMProcessor\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 28672 c:\windows\assembly\GAC\Microsoft.VisualBasic.Vsa\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 26112 c:\windows\assembly\GAC\ISymWrapper\1.0.5000.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 33792 c:\windows\assembly\GAC\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 12288 c:\windows\assembly\GAC\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2003-02-20 16:43 . 2003-02-20 16:43 4096 c:\windows\system32\mui\0409\mscoreer.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 9216 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscortim.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 6656 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft_VsaVb.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 6144 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualC.Dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 4608 c:\windows\Microsoft.NET\Framework\v1.1.4322\IIEHost.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 7168 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
+ 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExec.exe
+ 2003-02-21 05:24 . 2003-02-21 05:24 7680 c:\windows\Microsoft.NET\Framework\v1.1.4322\Accessibility.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 6656 c:\windows\assembly\GAC\Microsoft_VsaVb\7.0.5000.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 6144 c:\windows\assembly\GAC\Microsoft.VisualC\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualC.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 4608 c:\windows\assembly\GAC\IIEHost\1.0.5000.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 7168 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 7680 c:\windows\assembly\GAC\Accessibility\1.0.5000.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-10-10 11:30 . 2006-10-22 04:22 159810 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvsvc32.exe
+ 2009-10-10 11:30 . 2006-10-22 10:22 286720 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvnt4cpl.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 888832 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmobls.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 458752 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmccssr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 188416 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmccss.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 229376 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmccs.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 581632 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvhwvid.dll
+ 2009-10-10 11:30 . 2006-10-22 04:22 212992 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvapi.dll
+ 2004-08-04 01:07 . 2009-10-11 10:41 400760 c:\windows\system32\perfh009.dat
+ 2006-10-22 10:22 . 2008-09-17 21:55 167936 c:\windows\system32\nvwrszht.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 167936 c:\windows\system32\nvwrszht.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 163840 c:\windows\system32\nvwrszhc.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 163840 c:\windows\system32\nvwrszhc.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 303104 c:\windows\system32\nvwrstr.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 303104 c:\windows\system32\nvwrstr.dll
+ 2008-09-17 21:55 . 2008-09-17 21:55 290816 c:\windows\system32\nvwrsth.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 294912 c:\windows\system32\nvwrssv.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 294912 c:\windows\system32\nvwrssv.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 303104 c:\windows\system32\nvwrssl.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 303104 c:\windows\system32\nvwrssl.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 299008 c:\windows\system32\nvwrssk.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 299008 c:\windows\system32\nvwrssk.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 315392 c:\windows\system32\nvwrsru.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 315392 c:\windows\system32\nvwrsru.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 319488 c:\windows\system32\nvwrsptb.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 319488 c:\windows\system32\nvwrsptb.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 323584 c:\windows\system32\nvwrspt.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 323584 c:\windows\system32\nvwrspt.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 294912 c:\windows\system32\nvwrspl.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 294912 c:\windows\system32\nvwrspl.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 299008 c:\windows\system32\nvwrsno.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 299008 c:\windows\system32\nvwrsno.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 319488 c:\windows\system32\nvwrsnl.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 319488 c:\windows\system32\nvwrsnl.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 196608 c:\windows\system32\nvwrsko.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 196608 c:\windows\system32\nvwrsko.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 212992 c:\windows\system32\nvwrsja.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 212992 c:\windows\system32\nvwrsja.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 323584 c:\windows\system32\nvwrsit.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 323584 c:\windows\system32\nvwrsit.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 315392 c:\windows\system32\nvwrshu.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 315392 c:\windows\system32\nvwrshu.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 278528 c:\windows\system32\nvwrshe.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 278528 c:\windows\system32\nvwrshe.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 327680 c:\windows\system32\nvwrsfr.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 327680 c:\windows\system32\nvwrsfr.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 303104 c:\windows\system32\nvwrsfi.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 303104 c:\windows\system32\nvwrsfi.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 327680 c:\windows\system32\nvwrsesm.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 327680 c:\windows\system32\nvwrsesm.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 335872 c:\windows\system32\nvwrses.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 335872 c:\windows\system32\nvwrses.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 286720 c:\windows\system32\nvwrseng.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 286720 c:\windows\system32\nvwrseng.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 335872 c:\windows\system32\nvwrsel.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 335872 c:\windows\system32\nvwrsel.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 311296 c:\windows\system32\nvwrsde.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 311296 c:\windows\system32\nvwrsde.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 294912 c:\windows\system32\nvwrsda.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 294912 c:\windows\system32\nvwrsda.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 286720 c:\windows\system32\nvwrscs.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 286720 c:\windows\system32\nvwrscs.dll
- 2006-10-22 10:22 . 2006-10-22 10:22 282624 c:\windows\system32\nvwrsar.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 282624 c:\windows\system32\nvwrsar.dll
+ 2007-07-17 19:45 . 2008-09-17 21:55 453152 c:\windows\system32\NVUNINST.EXE
+ 2007-07-17 19:45 . 2008-09-17 21:55 453152 c:\windows\system32\nvudisp.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 163908 c:\windows\system32\nvsvc32.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 466944 c:\windows\system32\nvshell.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 466944 c:\windows\system32\nvshell.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 122880 c:\windows\system32\nvrszht.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 225280 c:\windows\system32\nvrszhc.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 253952 c:\windows\system32\nvrstr.dll
+ 2008-09-17 21:55 . 2008-09-17 21:55 253952 c:\windows\system32\nvrsth.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 253952 c:\windows\system32\nvrssv.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 258048 c:\windows\system32\nvrssl.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 258048 c:\windows\system32\nvrssk.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 266240 c:\windows\system32\nvrsru.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 266240 c:\windows\system32\nvrsptb.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 270336 c:\windows\system32\nvrspt.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 253952 c:\windows\system32\nvrspl.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 253952 c:\windows\system32\nvrsno.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 274432 c:\windows\system32\nvrsnl.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 262144 c:\windows\system32\nvrsko.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 270336 c:\windows\system32\nvrsja.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 278528 c:\windows\system32\nvrsit.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 258048 c:\windows\system32\nvrshu.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 331776 c:\windows\system32\nvrshe.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 282624 c:\windows\system32\nvrsfr.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 249856 c:\windows\system32\nvrsfi.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 274432 c:\windows\system32\nvrsesm.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 282624 c:\windows\system32\nvrses.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 245760 c:\windows\system32\nvrseng.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 282624 c:\windows\system32\nvrsel.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 278528 c:\windows\system32\nvrsde.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 253952 c:\windows\system32\nvrsda.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 245760 c:\windows\system32\nvrscs.dll
+ 2006-10-22 10:22 . 2008-09-17 21:55 331776 c:\windows\system32\nvrsar.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 286720 c:\windows\system32\nvnt4cpl.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 286720 c:\windows\system32\nvnt4cpl.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 458752 c:\windows\system32\nvmccssr.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 458752 c:\windows\system32\nvmccssr.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 188416 c:\windows\system32\nvmccss.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 188416 c:\windows\system32\nvmccss.dll
- 2006-10-22 04:22 . 2006-10-22 10:22 229376 c:\windows\system32\nvmccs.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 229376 c:\windows\system32\nvmccs.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 797216 c:\windows\system32\nvcplui.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 143360 c:\windows\system32\nvcolor.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 122880 c:\windows\system32\nvcodins.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 122880 c:\windows\system32\nvcod.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 449056 c:\windows\system32\nvappbar.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 475136 c:\windows\system32\nvapi.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 436768 c:\windows\system32\keystone.exe
+ 2003-02-21 08:20 . 2003-02-21 08:20 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2003-02-21 05:27 . 2003-02-21 05:27 569344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
+ 2003-02-21 05:27 . 2003-02-21 05:27 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2003-02-21 05:27 . 2003-02-21 05:27 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 368640 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 122880 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusres.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\shfusion.dll
+ 2003-02-21 02:42 . 2003-02-21 02:42 348160 c:\windows\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2003-02-20 16:43 . 2003-02-20 16:43 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscormmc.dll
+ 2003-02-20 17:06 . 2003-02-20 17:06 311296 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 716800 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2003-02-20 17:09 . 2003-02-20 17:09 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2003-02-20 17:06 . 2003-02-20 17:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
+ 2003-02-20 17:16 . 2003-02-20 17:16 798720 c:\windows\Microsoft.NET\Framework\v1.1.4322\EventLogMessages.dll
+ 2003-02-21 08:21 . 2003-02-21 08:21 524288 c:\windows\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
+ 2003-02-21 08:21 . 2003-02-21 08:21 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2002-07-29 09:11 . 2002-07-29 09:11 219136 c:\windows\Microsoft.NET\Framework\v1.1.4322\c_g18030.dll
+ 2003-02-20 17:19 . 2003-02-20 17:19 253952 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2003-02-21 03:04 . 2003-02-21 03:04 155648 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\Vsavb7rtUI.dll
+ 2003-02-21 01:02 . 2003-02-21 01:02 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\1033\vbc7ui.dll
+ 2009-04-03 08:26 . 2009-04-03 08:26 354608 c:\windows\Downloaded Program Files\sysreqlab_nvd.dll
+ 2009-10-11 10:42 . 2009-10-11 10:42 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_fcaf83c0\System.Drawing.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 569344 c:\windows\assembly\GAC\System.Web.Services\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 819200 c:\windows\assembly\GAC\System.Web.Mobile\1.0.5000.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 126976 c:\windows\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 131072 c:\windows\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 323584 c:\windows\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 241664 c:\windows\assembly\GAC\System.Messaging\1.0.5000.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 368640 c:\windows\assembly\GAC\System.Management\1.0.5000.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 241664 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 466944 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 299008 c:\windows\assembly\GAC\System.Data.OracleClient\1.0.5000.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 299008 c:\windows\assembly\GAC\Microsoft.VisualBasic\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 716800 c:\windows\assembly\GAC\Microsoft.JScript\7.0.5000.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 1732608 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvwssr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 1236992 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvwss.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 2973696 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvvitvsr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 2924544 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvvitvs.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 5644288 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvoglnt.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 2859008 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvmoblsr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 3203072 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvgamesr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 3047424 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvgames.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 5255168 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvdispsr.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 5619712 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvdisps.dll
+ 2009-10-10 11:30 . 2006-10-22 04:22 7700480 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nvcpl.dll
+ 2009-10-10 11:30 . 2006-10-22 10:22 3994624 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nv4_mini.sys
+ 2009-10-10 11:30 . 2006-10-22 04:22 4527488 c:\windows\system32\ReinstallBackups\0023\DriverFiles\nv4_disp.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1657376 c:\windows\system32\nwiz.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 2981888 c:\windows\system32\nvwssr.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 2686976 c:\windows\system32\nvwss.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1101824 c:\windows\system32\nvwimg.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1724416 c:\windows\system32\nvwdmcpl.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 4149248 c:\windows\system32\nvvitvsr.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 3764224 c:\windows\system32\nvvitvs.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 8826880 c:\windows\system32\nvoglnt.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 2854912 c:\windows\system32\nvmoblsr.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1257472 c:\windows\system32\nvmobls.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1503232 c:\windows\system32\nview.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 3457024 c:\windows\system32\nvgamesr.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 3444736 c:\windows\system32\nvgames.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1346080 c:\windows\system32\nvdspsch.exe
+ 2006-10-22 04:22 . 2008-09-17 21:55 5799936 c:\windows\system32\nvdispsr.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 3989504 c:\windows\system32\nvdisps.dll
+ 2008-09-17 21:55 . 2008-09-17 21:55 1368064 c:\windows\system32\nvcuda.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 1108512 c:\windows\system32\nvcpluir.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 6057472 c:\windows\system32\nv4_disp.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 6132576 c:\windows\system32\drivers\nv4_mini.sys
+ 2006-10-22 04:22 . 2008-09-17 21:55 6132576 c:\windows\system32\dllcache\nv4_mini.sys
+ 2003-02-21 03:04 . 2003-02-21 03:04 1032192 c:\windows\Microsoft.NET\Framework\v1.1.4322\VsaVb7rt.dll
+ 2003-02-21 05:27 . 2003-02-21 05:27 1335296 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.XML.dll
+ 2003-02-21 05:27 . 2003-02-21 05:27 2039808 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2003-02-21 05:27 . 2003-02-21 05:27 1245184 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 1216512 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 1699840 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Design.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 1290240 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.dll
+ 2003-02-20 17:08 . 2003-02-20 17:08 2482176 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2003-02-20 17:07 . 2003-02-20 17:07 2494464 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2003-02-21 05:26 . 2003-02-21 05:26 2088960 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2003-02-21 05:25 . 2003-02-21 05:25 1564672 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorcfg.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 3443712 c:\windows\Installer\4a82fc.msi
+ 2009-10-11 10:42 . 2009-10-11 10:42 1929216 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7ae2adee\System.dll
+ 2009-10-11 10:42 . 2009-10-11 10:42 2076672 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_c51b7261\System.Xml.dll
+ 2009-10-11 10:42 . 2009-10-11 10:42 2994176 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f2d93506\System.Windows.Forms.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1462272 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9758f3df\System.Design.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 3289088 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1a33c136\mscorlib.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1216512 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1335296 c:\windows\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.Xml.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 2039808 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1245184 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1699840 c:\windows\assembly\GAC\System.Design\1.0.5000.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1290240 c:\windows\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll
+ 2009-10-11 10:41 . 2009-10-11 10:41 1564672 c:\windows\assembly\GAC\mscorcfg\1.0.5000.0__b03f5f7f11d50a3a\mscorcfg.dll
+ 2006-10-22 04:22 . 2008-09-17 21:55 13574144 c:\windows\system32\nvcpl.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"AsusServiceProvider"="c:\program files\ASUS\AASP\1.00.23\aaCenter.exe" [2007-01-05 597504]
"AsusStartupHelp"="c:\program files\ASUS\AASP\1.00.23\AsRunHelp.exe" [2006-12-29 363008]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2009-5-10 618496]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickTV.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickTV.lnk
backup=c:\windows\pss\QuickTV.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"d:\\hry\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"d:\\hry\\Microsoft Games\\Rise of Nations\\rise.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\hry\\Ubisoft\\Demo\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 15:23 106208]
R2 CardBusService;CardBusService;c:\program files\Mozilla Firefox\MCS\AP\Components\SERVICE\CardBusService.exe [10.5.2009 20:05 188416]
R2 CX88XBAR;AVerMedia, AVerTV Crossbar (88x);c:\windows\system32\drivers\cx88xbar.sys [17.11.2008 19:46 9312]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 15:23 727720]
S2 gupdate1c989d0c3614c8c;Google Update Service (gupdate1c989d0c3614c8c);c:\program files\Google\Update\GoogleUpdate.exe [8.2.2009 11:36 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 09:36]

2009-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 09:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {9CD456BD-7E0B-4ECD-9194-EEAC93A3DAA6} = 192.168.100.1
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
FF - ProfilePath - c:\documents and settings\tatko\Application Data\Mozilla\Firefox\Profiles\l8ikrd6v.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-12 19:15
Windows 5.1.2600 Service Pack 3, v.5657 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1880)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-10-12 19:17 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-12 17:17
ComboFix2.txt 2009-10-09 16:40

Pre-Run: 39 307 038 720 bytes free
Post-Run: 10 adresárov, 39 276 589 056 voľných bajtov

449

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 15.10.2009 19:25

1) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.

2) Otvor poznamkovy blok a skopiruj donho:

Kód:

cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.dll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 WUAUENG1.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUPS2.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit 

Uloz ako fix.bat (typ vsetky subory) na plochu a spust.

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 16.10.2009 20:22

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 2971
Windows 5.1.2600 Service Pack 3, v.5657

16.10.2009 20:21:24
mbam-log-2009-10-16 (20-21-24).txt

Typ kontroly: Úplná (C:\|D:\|E:\|)
Objektov kontrolovaných: 261086
Uplynutý cas: 29 minute(s), 55 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

pitimir

Skúsený užívateľ

Skúsený užívateľ

Registrovaný: 15.08.09
Prihlásený: 05.02.10
Príspevky: 355
Témy: 0

Napísal

pitimir: 16.10.2009 22:07

A nie je jednoducho mozne, ze ziadne nove aktualizacie nie su?

Skus pockat do utorka, mali by tusim vyst nejake nove zaplaty od Mrkvosoftu a potom daj echo.

tino

Užívateľ

Registrovaný: 31.08.07
Prihlásený: 05.01.17
Príspevky: 21
Témy: 5

Napísal autor témy Offline

tino: 17.10.2009 19:01

pitimir píše:

A nie je jednoducho mozne, ze ziadne nove aktualizacie nie su?

Skus pockat do utorka, mali by tusim vyst nejake nove zaplaty od Mrkvosoftu a potom daj echo.

nie urcite su nove, neponuka mi ani volitelne aktualizacie. kaslem na to preinstalujem system

Stránka: 1 z 1

[ Príspevkov: 17 ]

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Antivíry a antispywary » problem s windows update

Témy		Odpovede	Zobrazenia	Posledný príspevok
Podobné témy
	Windows Update - problem v Operačné systémy Microsoft	4	516	07.02.2012 18:54 Jurike
	windows update problem v Operačné systémy Microsoft	1	974	24.10.2009 0:38 Tech
	Problém s Windows Update v Sieťové a internetové programy	4	699	22.06.2012 22:02 tairikuokami
	Intel Kaby Lake / AMD Ryzen a novšie - Windows Update budú fungovať len na Windows 10 v Novinky	0	530	20.03.2017 12:50 hanesovic
	Windows Update v Operačné systémy Microsoft	2	524	14.07.2009 12:41 rastino7
	Windows Update v Operačné systémy Microsoft	7	481	25.01.2007 19:49 quatermain
	Windows Update v Operačné systémy Microsoft	9	670	31.05.2006 18:45 ScorpionSX
	Windows Update v Operačné systémy Microsoft	4	671	10.03.2007 10:29 matomeister
	Windows Update v Operačné systémy Microsoft	4	392	24.11.2016 22:11 Ryxwaer
	windows update v Operačné systémy Microsoft	2	370	14.11.2013 19:56 mahalo1111
	Windows update v Operačné systémy Microsoft	6	514	23.08.2007 22:48 Rbot
	Nefunkcny windows update v Operačné systémy Microsoft	3	1027	24.03.2009 20:49 honda
	Nejde Windows Update v Bezpečnosť a firewally	3	690	15.02.2015 9:51 tatko Tom
	Windows 10 update v Operačné systémy Microsoft	23	530	04.12.2015 11:44 vlado_PLUS
	Windows Update chyba v Operačné systémy Microsoft	0	673	03.03.2007 22:03 edkis
	Windows Update chyba v Operačné systémy Microsoft	6	1477	16.12.2015 1:14 JanoF

Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra

problem s windows update

Podobné témy