ComboFix 08-02-25.3 - Acer 2008-02-26 8:34:36.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1250.1.1045.18.183 [GMT 1:00]
Running from: C:\Users\Acer\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Windows\system32\AutoRun.inf
----- BITS: Possible infected sites -----
hxxp://vzccestwwspro.cce.hp.com
.
((((((((((((((((((((((((( Files Created from 2008-01-26 to 2008-02-26 )))))))))))))))))))))))))))))))
.
2008-02-25 14:33 . 2008-02-25 12:36 153,407 --------- C:\Windows\hpoins14.dat.temp
2008-02-25 14:33 . 2007-06-06 00:07 2,000 --------- C:\Windows\hpomdl14.dat.temp
2008-02-25 12:34 . 2008-02-25 12:34 <DIR> d-------- C:\Users\All Users\HPSSUPPLY
2008-02-25 12:34 . 2008-02-25 12:34 <DIR> d-------- C:\Users\Acer\AppData\Roaming\HPAppData
2008-02-25 12:34 . 2008-02-25 12:34 <DIR> d-------- C:\ProgramData\HPSSUPPLY
2008-02-25 12:30 . 2008-02-25 12:30 <DIR> d-------- C:\Users\All Users\HP Product Assistant
2008-02-25 12:30 . 2008-02-25 12:30 <DIR> d-------- C:\ProgramData\HP Product Assistant
2008-02-25 12:29 . 2008-02-25 12:29 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-02-25 12:20 . 2008-02-25 14:57 153,282 --a------ C:\Windows\hpoins14.dat
2008-02-25 12:20 . 2007-09-20 17:22 2,000 --------- C:\Windows\hpomdl14.dat
2008-02-25 10:31 . 2008-02-25 10:55 91,700 --a------ C:\Windows\System32\drivers\klin.dat
2008-02-25 10:31 . 2008-02-25 10:31 85,860 --a------ C:\Windows\System32\drivers\klick.dat
2008-02-25 10:30 . 2008-02-26 07:41 <DIR> d-------- C:\Users\All Users\Kaspersky Lab
2008-02-25 10:30 . 2008-02-26 07:41 <DIR> d-------- C:\ProgramData\Kaspersky Lab
2008-02-25 10:30 . 2008-02-25 10:30 <DIR> d-------- C:\Program Files\Kaspersky Lab
2008-02-25 10:30 . 2008-02-26 08:39 24,297,760 --ahs---- C:\Windows\System32\drivers\fidbox.dat
2008-02-25 10:30 . 2008-02-26 07:29 323,528 --ahs---- C:\Windows\System32\drivers\fidbox.idx
2008-02-25 10:27 . 2008-02-25 10:27 <DIR> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-02-25 10:27 . 2008-02-25 10:27 <DIR> d-------- C:\ProgramData\Kaspersky Lab Setup Files
2008-02-25 09:31 . 2008-02-25 09:31 <DIR> d-------- C:\Program Files\SkanerOnline
2008-02-25 09:20 . 2008-02-23 23:03 <DIR> d-------- C:\SDFix
2008-02-22 12:52 . 2008-02-25 08:39 <DIR> d-------- C:\Users\Acer\AppData\Roaming\AVG7
2008-02-22 12:51 . 2008-02-22 12:51 9,216 --a------ C:\Windows\System32\avgwlntf.dll
2008-02-22 12:50 . 2008-02-22 12:50 <DIR> d-------- C:\Users\All Users\Grisoft
2008-02-22 12:50 . 2008-02-25 10:43 <DIR> d-------- C:\Users\All Users\avg7
2008-02-22 12:50 . 2008-02-22 12:50 <DIR> d-------- C:\ProgramData\Grisoft
2008-02-22 12:50 . 2008-02-25 10:43 <DIR> d-------- C:\ProgramData\avg7
2008-02-14 08:45 . 2008-02-14 08:45 194,560 --a------ C:\Windows\System32\WebClnt.dll
2008-02-14 08:45 . 2008-02-14 08:45 110,080 --a------ C:\Windows\System32\drivers\mrxdav.sys
2008-02-14 08:38 . 2008-02-14 08:38 3,504,696 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-02-14 08:38 . 2008-02-14 08:38 3,470,392 --a------ C:\Windows\System32\ntoskrnl.exe
2008-02-14 08:38 . 2008-02-14 08:38 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-02-14 08:38 . 2008-02-14 08:38 110,136 --a------ C:\Windows\System32\drivers\ataport.sys
2008-02-14 08:38 . 2008-02-14 08:38 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-02-14 08:38 . 2008-02-14 08:38 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-02-14 08:38 . 2008-02-14 08:38 17,976 --a------ C:\Windows\System32\drivers\intelide.sys
2008-02-14 08:37 . 2008-02-14 08:37 803,328 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-02-14 08:37 . 2008-02-14 08:37 216,632 --a------ C:\Windows\System32\drivers\netio.sys
2008-02-14 08:37 . 2008-02-14 08:37 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-02-14 08:37 . 2008-02-14 08:37 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-02-14 08:37 . 2008-02-14 08:37 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-02-14 08:36 . 2008-02-14 08:36 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 08:36 . 2008-02-14 08:36 1,686,528 --a------ C:\Windows\System32\gameux.dll
2008-02-11 13:25 . 2008-02-25 10:24 262,144 --a------ C:\ProgramData\ntuser.dat
2008-02-11 10:47 . 2004-02-04 07:19 57,372 --a------ C:\Windows\System32\drivers\ftser2k.sys
2008-02-11 10:47 . 2003-06-11 04:48 48,625 --a------ C:\Windows\System32\ftserui2.dll
2008-02-11 10:28 . 2003-04-10 07:00 414,208 --a------ C:\Windows\System32\ftdiunin.exe
2008-02-11 10:28 . 2004-02-04 07:19 24,177 --a------ C:\Windows\System32\drivers\ftdibus.sys
2008-02-11 10:28 . 2004-05-27 23:32 196 --a------ C:\Windows\System32\ftdiun2k.ini
2008-02-11 09:39 . 2008-02-11 09:39 <DIR> d-------- C:\Program Files\IrfanView
2008-02-09 16:20 . 2008-02-09 16:41 <DIR> d-------- C:\Program Files\PhotoScape
2008-02-08 14:13 . 2008-02-08 14:13 <DIR> d-------- C:\Users\All Users\Ahead
2008-02-08 14:13 . 2008-02-08 14:13 <DIR> d-------- C:\ProgramData\Ahead
2008-02-08 12:44 . 2008-02-24 21:13 <DIR> d-------- C:\Users\Acer\AppData\Roaming\Ahead
2008-02-08 12:44 . 2003-03-29 16:45 89,184 --a------ C:\Windows\System32\drivers\imagedrv.sys
2008-02-08 12:43 . 2008-02-08 14:13 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-02-08 12:43 . 2008-02-08 13:58 <DIR> d-------- C:\Program Files\Ahead
2008-02-08 12:43 . 2001-07-06 14:41 569,344 --a------ C:\Windows\System32\imagr5.dll
2008-02-08 12:43 . 2001-07-06 12:44 544,768 --a------ C:\Windows\System32\imagx5.dll
2008-02-08 12:43 . 2001-07-06 18:24 283,920 --a------ C:\Windows\System32\ImagXpr5.dll
2008-02-08 12:43 . 2001-07-09 11:50 155,648 --a------ C:\Windows\System32\NeroCheck.exe
2008-02-08 12:43 . 2001-06-26 08:15 38,912 --a------ C:\Windows\System32\picn20.dll
2008-02-06 18:57 . 2008-02-06 18:57 <DIR> d-------- C:\Program Files\podatki.pl
2008-02-03 15:34 . 2008-02-03 15:34 0 --a------ C:\Windows\Irremote.ini
2008-01-28 18:02 . 2008-01-28 18:02 <DIR> d-------- C:\Users\Acer\AppData\Roaming\ACD Systems
2008-01-28 17:59 . 2008-01-28 17:59 <DIR> d-------- C:\Users\All Users\ACD Systems
2008-01-28 17:59 . 2008-01-28 17:59 <DIR> d-------- C:\ProgramData\ACD Systems
2008-01-28 17:59 . 2008-01-28 17:59 <DIR> d-------- C:\Program Files\Common Files\ACD Systems
2008-01-28 17:59 . 2008-01-28 17:59 <DIR> d-------- C:\Program Files\ACD Systems
2008-01-28 17:25 . 2008-01-29 16:51 <DIR> d-------- C:\Users\Acer\AppData\Roaming\HP
2008-01-28 17:02 . 2008-01-28 17:02 <DIR> d-------- C:\ADAKO
2008-01-28 16:46 . 2008-02-11 10:49 <DIR> d-------- C:\Program Files\VAG-COM
2008-01-28 16:41 . 2008-01-28 16:41 <DIR> d-------- C:\Users\All Users\WEBREG
2008-01-28 16:41 . 2008-01-28 16:41 <DIR> d-------- C:\ProgramData\WEBREG
2008-01-28 16:39 . 2008-01-28 16:39 <DIR> d-------- C:\Users\All Users\Hewlett-Packard
2008-01-28 16:39 . 2008-01-28 16:39 <DIR> d-------- C:\ProgramData\Hewlett-Packard
2008-01-28 16:35 . 2008-01-28 16:35 <DIR> d-------- C:\Program Files\Common Files\HP
2008-01-28 16:34 . 2008-01-28 16:34 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-28 16:32 . 2007-03-17 17:11 675,840 --a------ C:\Windows\System32\hpowiax3.dll
2008-01-28 16:32 . 2007-03-17 17:11 569,344 --a------ C:\Windows\System32\hpotscl3.dll
2008-01-28 16:32 . 2007-03-08 05:20 364,544 --a------ C:\Windows\System32\hppldcoi.dll
2008-01-28 16:32 . 2007-03-17 17:11 303,104 --a------ C:\Windows\System32\hpovst10.dll
2008-01-28 16:32 . 2007-03-30 16:07 267,864 --a------ C:\Windows\System32\hpzids01.dll
2008-01-28 16:32 . 2007-03-28 14:01 117,760 --a------ C:\Windows\System32\hpzll5ha.dll
2008-01-28 16:31 . 2008-02-25 12:34 <DIR> d-------- C:\Program Files\HP
2008-01-28 16:30 . 2008-02-25 12:30 <DIR> d-------- C:\Users\All Users\HP
2008-01-28 16:30 . 2008-02-25 12:30 <DIR> d-------- C:\ProgramData\HP
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-25 09:36 --------- d-----w C:\Program Files\Google
2008-02-25 09:27 --------- d-----w C:\Program Files\Yahoo!
2008-02-24 19:44 --------- d-----w C:\ProgramData\CyberLink
2008-02-14 07:36 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 07:36 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 07:36 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 07:36 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 07:33 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 07:33 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 07:33 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 07:33 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-08 13:10 --------- d-----w C:\ProgramData\Nero
2008-02-08 13:10 --------- d-----w C:\Program Files\Nero
2008-02-03 14:36 --------- d-----w C:\Program Files\Common Files\Nero
2008-01-13 17:48 --------- d-----w C:\Program Files\PITy
2008-01-12 09:31 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-10 16:51 --------- d-----w C:\ProgramData\LightScribe
2008-01-10 16:42 --------- d-----w C:\Users\Acer\AppData\Roaming\Nero
2008-01-10 07:52 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-10 07:52 --------- d-----w C:\Program Files\Windows Mail
2008-01-10 07:08 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-10 07:08 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-10 07:07 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-02 13:01 --------- d-----w C:\Program Files\Ares
2007-12-31 12:12 --------- d-----w C:\Program Files\Real Alternative
2007-12-29 13:31 --------- d-----w C:\ProgramData\OrbNetworks
2007-12-29 13:31 --------- d-----w C:\Program Files\Winamp Remote
2007-12-29 13:31 --------- d-----w C:\Program Files\Winamp
2007-12-27 12:23 --------- d-----w C:\Program Files\ffdshow
2007-12-27 12:17 --------- d-----w C:\Users\Acer\AppData\Roaming\Media Player Classic
2007-12-27 12:17 --------- d-----w C:\Program Files\Media Player Classic
2007-12-27 11:49 --------- d-----w C:\Program Files\MarBit
2007-12-20 07:04 174 --sha-w C:\Program Files\desktop.ini
2007-12-20 06:39 8,192 ----a-w C:\Windows\System32\riched32.dll
2007-12-20 06:39 77,824 ----a-w C:\Windows\System32\rascfg.dll
2007-12-20 06:39 52,736 ----a-w C:\Windows\System32\rasdiag.dll
2007-12-20 06:39 22,016 ----a-w C:\Windows\System32\rasser.dll
2007-12-20 06:36 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-20 06:36 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-20 06:36 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-20 06:36 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-20 06:27 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2007-12-20 06:26 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-20 06:26 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-20 06:26 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-20 06:25 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2007-12-20 06:23 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-12-20 06:23 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-12-20 06:20 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2007-12-20 06:19 750,080 ----a-w C:\Windows\System32\qmgr.dll
2007-12-17 23:44 219,664 ----a-w C:\Windows\System32\klogon.dll
2007-12-05 08:55 80,896 ----a-w C:\Windows\System32\wudriver.dll
2007-12-05 08:55 549,720 ----a-w C:\Windows\System32\wuapi.dll
2007-12-05 08:55 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2007-12-05 08:55 43,352 ----a-w C:\Windows\System32\wups2.dll
2007-12-05 08:55 33,624 ----a-w C:\Windows\System32\wups.dll
2007-12-05 08:55 31,232 ----a-w C:\Windows\System32\wuapp.exe
2007-12-05 08:55 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2007-12-05 08:55 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2007-12-05 08:55 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
2007-03-02 16:52 177768 -ra------ C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 08:07 1232896]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 14:49 151552]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2007-12-18 02:02 471040]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:34 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-16 09:43 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-29 01:29 4472832 C:\Windows\RtHDVCpl.exe]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 20:00 815104]
"Acer Tour"="" []
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-04-05 00:26 138008]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-04-05 00:26 154392]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-04-05 00:26 133912]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 16:36 178712]
"Adobe Reader Speed Launcher"="c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 04:38 40048]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01 71216]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 16:21 54832]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 16:33 457216]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2007-06-15 06:45 850704]
"eRecoveryService"="" []
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-12-20 16:16 37376]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
"NeroCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-02-22 12:50 579072]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-12-18 00:43 227856]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-22 12:50 219136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-02-22 12:51 9216 C:\Windows\System32\avgwlntf.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0B79140C-1CDD-4643-826E-C5234DC9E284}"= C:\Program Files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD|Desc=CyberLink PowerDVD
"{FF3E4622-2573-42A6-98C6-AFBF0131A576}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{C2DC0A29-4B3A-4299-8A2C-3EC18FA7DD35}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{A900BFAE-75C5-4ADC-A38D-3CACFC32FA8D}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{1B9E1734-1BC8-4B9B-B093-A2E412CA449B}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{50EBACCE-B44E-4D45-BF45-D4F3A75220A0}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{26285F13-72AE-4583-A0DD-5B57BA34417A}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{8506C864-C590-44C3-B4FB-F441C249CCBB}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{6D7735DC-A8FE-434D-AD68-E5B88F87D566}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 16:34]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16:34]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 16:34]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys [2007-10-16 11:05]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 16:51]
R2 BcmSqlStartupSvc;Usługa startowa serwera SQL dodatku Business Contact Manager;"C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe" [2008-01-16 12:04]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-04-25 16:34]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 16:54]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 18:50]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57]
R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 11:23]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 01:44]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 23:03]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-30 20:57]
S3 BCM43XV;Sterownik karty sieciowej Broadcom Extensible 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 21:18]
S3 DM9USB;DM9601 USB To Fast Ethernet Adapter;C:\Windows\system32\DRIVERS\dm9usb.sys [2006-12-29 05:41]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" [2007-02-10 05:29]
S3 NETw3v32;Sterownik karty Intel(R) PRO/Wireless 3945ABG dla 32-bitowej wersji systemu Windows Vista;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 08:30]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-26 08:39:52
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-26 8:41:33
ComboFix-quarantined-files.txt 2008-02-26 07:41:26
.
2008-02-22 06:11:34 --- E O F ---