Preventivni kontrola logu, pls

[enyml]

Dobry den, krasny novy rok.

Chystam se provest kazdorocni debordelizaci PC a chtel jsem se ujistit, jestli mi nekde neciha nejaka skryta hrozba. Predem moc diky za kontrolu logu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by user at 2010-01-10 16:28:50
Microsoft Windows XP Professional Service Pack 3
System drive C: has 14 GB (19%) free of 76 GB
Total RAM: 1013 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:07, on 10.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Documents and Settings\user\My Documents\downloadz\RSIT\RSIT.exe
C:\Documents and Settings\user\My Documents\downloadz\hijack this\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Program Files\ScanSoft\PDF Professional 3.0\\RegistryController.exe"
O4 - HKLM\..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9789474469
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8059 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-10-15 308832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-11-04 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-11-04 262144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"D-Link AirPlus G"=C:\Program Files\D-Link\AirPlus G\AirGCFG.exe [2005-07-22 1519616]
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2004-12-16 49152]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2006-02-08 278528]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-04-04 282624]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-07-11 131072]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-07-11 155648]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-07-11 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-11 16132608]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-07-11 1826816]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
"PDF3 Registry Controller"=C:\Program Files\ScanSoft\PDF Professional 3.0\\RegistryController.exe [2005-04-29 106496]
"OCAudioIni"=C:\Program Files\One-click Audio Converter\OCAudioIni.exe [2007-03-12 57344]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-07-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\NubaStream\nuba.exe"="C:\Program Files\NubaStream\nuba.exe:*:Enabled:nuba"
"C:\Program Files\Vircas\vircas.exe"="C:\Program Files\Vircas\vircas.exe:*:Enabled:vircas"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ABC\abc.exe"="C:\Program Files\ABC\abc.exe:*:Enabled:abc"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{170e251c-7b52-11de-977c-001cc010b8ca}]
shell\AutoRun\command - E:\setuppls.exe /AUTORUN
shell\configure\command - E:\setuppls.exe
shell\install\command - E:\setuppls.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20dd4034-4c17-11dd-8c2e-001cc010b8ca}]
shell\AutoRun\command - E:\LaunchU3.exe -a


======List of files/folders created in the last 3 months======

2010-01-05 18:00:14 ----D---- C:\Program Files\Audacity
2009-11-30 12:24:47 ----D---- C:\Program Files\Lame for Audacity
2009-11-30 11:39:39 ----A---- C:\WINDOWS\netdet.ini
2009-11-30 11:38:56 ----D---- C:\Program Files\Dexster

======List of files/folders modified in the last 3 months======

2010-01-10 16:35:08 ----D---- C:\WINDOWS\Prefetch
2010-01-10 16:35:05 ----D---- C:\WINDOWS\Temp
2010-01-10 16:28:00 ----D---- C:\Program Files\Mozilla Firefox
2010-01-10 16:20:27 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-10 16:20:25 ----SD---- C:\WINDOWS\Tasks
2010-01-10 16:16:25 ----D---- C:\WINDOWS
2010-01-10 16:14:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-10 01:14:16 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-05 18:00:14 ----RD---- C:\Program Files
2010-01-05 17:01:17 ----D---- C:\WINDOWS\system32
2009-11-30 11:39:39 ----A---- C:\WINDOWS\win.ini
2009-11-30 10:04:04 ----D---- C:\Documents and Settings\user\Application Data\Vso
2009-11-27 12:58:32 ----A---- C:\WINDOWS\wincmd.ini
2009-11-23 19:30:18 ----D---- C:\Documents and Settings\user\Application Data\Skype
2009-11-23 19:18:58 ----D---- C:\Documents and Settings\user\Application Data\skypePM
2009-10-25 11:12:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-09-18 148496]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-11-13 353680]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\system32\drivers\gearaspiwdm.sys [2006-09-19 15664]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-07-11 5700096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-11 4424192]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NaiFiltr;NaiFiltr; \??\C:\Program Files\Common Files\Network Associates\McShield\NaiFiltr.sys []
R3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-05-06 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-07-11 90880]
R3 SMBios;Intel (R) System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2004-06-07 36484]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-06-22 154112]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RT61;D-Link Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2005-06-04 319104]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-29 587096]
R2 AvSynMgr;AVSync Manager; C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe [2001-11-26 155665]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-02-08 323584]
R3 McShield;McShield; C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe [2001-11-26 225403]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2004-10-22 49152]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-11-13 2405776]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[enyml]

Díky za odpověď,
Log z Combofixu zde:

ComboFix 10-01-12.04 - user 13.01.2010 9:54.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1013.607 [GMT 1:00]
Spuštěný z: c:\documents and settings\user\Desktop\ComboFix.exe
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-13 do 2010-01-13 )))))))))))))))))))))))))))))))
.

2010-01-13 08:48 . 2010-01-13 08:48 389120 ----a-w- c:\windows\system32\CF20809.exe
2010-01-05 17:00 . 2010-01-05 17:00 -------- d-----w- c:\program files\Audacity

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 09:02 . 2008-11-04 12:10 481038368 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-01-12 23:18 . 2008-11-04 12:10 5634740 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-01-05 16:10 . 2009-11-11 09:30 79488 ----a-w- c:\documents and settings\user\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-30 11:24 . 2009-11-30 11:24 -------- d-----w- c:\program files\Lame for Audacity
2009-11-30 10:45 . 2009-11-30 10:38 -------- d-----w- c:\program files\Dexster
2009-11-30 09:04 . 2008-05-06 13:03 -------- d-----w- c:\documents and settings\user\Application Data\Vso
2009-11-23 18:30 . 2008-03-15 15:38 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2009-11-23 18:18 . 2008-03-15 15:39 -------- d-----w- c:\documents and settings\user\Application Data\skypePM
2000-07-14 23:00 . 2007-01-28 19:14 508928 ----a-w- c:\program files\Common Files\MSDE.DLL
2000-07-14 23:00 . 2007-01-28 19:14 136192 ----a-w- c:\program files\Common Files\MSDERUN.DLL
1998-06-17 23:00 . 2007-01-28 19:14 32768 ----a-w- c:\program files\Common Files\REGTOOL5.DLL
.

((((((((((((((((((((((((((((( SnapShot_2009-08-24_16.20.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-13 08:36 . 2010-01-13 08:36 16384 c:\windows\Temp\Perflib_Perfdata_218.dat
- 2001-08-23 14:00 . 2009-08-23 03:43 71060 c:\windows\system32\perfc009.dat
+ 2001-08-23 14:00 . 2009-10-25 10:12 71060 c:\windows\system32\perfc009.dat
- 2009-01-30 09:28 . 2009-01-30 09:28 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-01-30 09:28 . 2009-08-28 07:14 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-08-18 19:36 . 2008-10-16 13:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-08-18 19:37 . 2008-04-14 00:12 13824 c:\windows\system32\dllcache\cache\wscntfy.exe
+ 2009-08-18 19:36 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-08-18 19:36 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-08-18 19:36 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-08-18 19:37 . 2008-04-14 00:12 88576 c:\windows\system32\dllcache\cache\rasauto.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-08-18 19:37 . 2008-04-14 00:11 33792 c:\windows\system32\dllcache\cache\msgsvc.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-08-18 19:36 . 2008-04-14 00:11 22016 c:\windows\system32\dllcache\cache\lpk.dll
+ 2009-08-18 19:36 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-08-18 19:36 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-08-18 19:36 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2009-08-18 19:37 . 2008-04-13 18:57 14336 c:\windows\system32\dllcache\cache\asyncmac.sys
+ 2009-08-18 19:37 . 2001-08-23 14:00 11648 c:\windows\system32\dllcache\cache\acpiec.sys
+ 2009-09-07 07:41 . 2009-09-07 07:41 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2003-12-22 07:20 . 2003-12-22 07:20 4608 c:\windows\system32\W95INF32.DLL
+ 2003-12-22 07:20 . 2003-12-22 07:20 2272 c:\windows\system32\W95INF16.DLL
+ 2009-08-18 19:37 . 2008-04-14 00:12 5120 c:\windows\system32\dllcache\cache\sfc.dll
+ 2009-08-18 19:36 . 2001-08-23 14:00 2944 c:\windows\system32\dllcache\cache\null.sys
+ 2009-08-18 19:36 . 2001-08-23 14:00 4224 c:\windows\system32\dllcache\cache\beep.sys
+ 2001-08-23 14:00 . 2009-10-25 10:12 441124 c:\windows\system32\perfh009.dat
- 2001-08-23 14:00 . 2009-08-23 03:43 441124 c:\windows\system32\perfh009.dat
+ 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2006-01-23 12:34 . 2009-09-08 08:35 172280 c:\windows\system32\FNTCACHE.DAT
+ 2009-08-18 19:36 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-08-18 19:36 . 2009-06-29 16:12 827392 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-08-18 19:36 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-08-18 19:37 . 2008-04-14 00:12 171008 c:\windows\system32\dllcache\cache\srsvc.dll
+ 2009-08-18 19:36 . 2009-02-06 11:11 110592 c:\windows\system32\dllcache\cache\services.exe
+ 2009-08-18 19:37 . 2008-04-14 00:12 181248 c:\windows\system32\dllcache\cache\scecli.dll
+ 2009-08-18 19:36 . 2009-02-09 12:10 401408 c:\windows\system32\dllcache\cache\rpcss.dll
+ 2009-08-18 19:37 . 2008-04-14 00:12 409088 c:\windows\system32\dllcache\cache\qmgr.dll
+ 2009-08-18 19:37 . 2008-04-14 00:12 435200 c:\windows\system32\dllcache\cache\ntmssvc.dll
+ 2009-08-18 19:37 . 2008-04-13 19:15 574976 c:\windows\system32\dllcache\cache\ntfs.sys
+ 2009-08-18 19:37 . 2008-04-14 00:12 407040 c:\windows\system32\dllcache\cache\netlogon.dll
+ 2009-08-18 19:36 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-08-18 19:36 . 2008-04-14 00:11 927504 c:\windows\system32\dllcache\cache\mfc40u.dll
+ 2009-08-18 19:36 . 2009-03-21 14:06 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-08-18 19:36 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-08-18 19:36 . 2008-04-14 00:11 792064 c:\windows\system32\dllcache\cache\comres.dll
+ 2009-08-18 19:37 . 2008-04-14 00:11 617472 c:\windows\system32\dllcache\cache\comctl32.dll
+ 2009-08-18 19:36 . 2008-04-14 00:11 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-08-18 19:36 . 2008-04-13 16:39 142592 c:\windows\system32\dllcache\cache\aec.sys
+ 2009-09-07 07:41 . 2009-09-07 07:41 355328 c:\windows\Installer\9fd93.msi
+ 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-08-18 19:37 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-08-18 19:36 . 2009-02-06 11:08 2189056 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-08-18 19:36 . 2009-02-07 17:02 2066048 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-08-18 19:36 . 2009-07-19 13:33 3597824 c:\windows\system32\dllcache\cache\mshtml.dll
+ 2009-08-18 19:36 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2005-07-22 1519616]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-02-08 278528]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-04 282624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-07-11 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-11 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-11 131072]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-11 16132608]
"SkyTel"="SkyTel.EXE" [2007-07-11 1826816]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"PDF3 Registry Controller"="c:\program files\ScanSoft\PDF Professional 3.0\\RegistryController.exe" [2005-04-29 106496]
"OCAudioIni"="c:\program files\One-click Audio Converter\OCAudioIni.exe" [2007-03-12 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-8-6 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\NubaStream\\nuba.exe"=
"c:\\Program Files\\Vircas\\vircas.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ABC\\abc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 NaiFsRec;NaiFsRec;c:\windows\system32\drivers\naifsrec.sys [30.4.2001 4:51 4512]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 NaiFiltr;NaiFiltr;c:\program files\Common Files\Network Associates\McShield\naifiltr.sys [26.11.2001 16:51 23856]
R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 9:46 162176]
S2 AvSynMgr;AVSync Manager;c:\program files\Network Associates\VirusScan\Avsynmgr.exe [26.11.2001 16:51 155665]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2010-01-13 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Open with Scansoft PDF Converter 3.0 - c:\program files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\99juy0dc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-13 10:01
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3080)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-01-13 10:04:26
ComboFix-quarantined-files.txt 2010-01-13 09:04
ComboFix2.txt 2009-08-24 16:26
ComboFix3.txt 2009-08-18 19:38

Před spuštěním: 14 799 323 136 bytes free
Po spuštění: 15 777 271 808 bytes free

- - End Of File - - 796053F5310441C1BF1650C6F786084E

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20dd4034-4c17-11dd-8c2e-001cc010b8ca}]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[enyml]

Provedeno: Zde vysledny log (tento + nasledujici post)

ComboFix 10-01-12.04 - user 15.01.2010 12:29:42.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1013.577 [GMT 1:00]
Spuštěný z: c:\documents and settings\user\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\user\Desktop\CFScript.txt.txt
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-15 do 2010-01-15 )))))))))))))))))))))))))))))))
.

2010-01-14 08:39 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-01-14 08:38 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-14 08:36 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 08:48 . 2010-01-13 08:48 389120 ----a-w- c:\windows\system32\CF20809.exe
2010-01-05 17:00 . 2010-01-05 17:00 -------- d-----w- c:\program files\Audacity

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 11:36 . 2008-11-04 12:10 483412000 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-01-15 03:31 . 2008-11-04 12:10 5664020 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-01-05 16:10 . 2009-11-11 09:30 79488 ----a-w- c:\documents and settings\user\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-11-30 11:24 . 2009-11-30 11:24 -------- d-----w- c:\program files\Lame for Audacity
2009-11-30 10:45 . 2009-11-30 10:38 -------- d-----w- c:\program files\Dexster
2009-11-30 09:04 . 2008-05-06 13:03 -------- d-----w- c:\documents and settings\user\Application Data\Vso
2009-11-23 18:30 . 2008-03-15 15:38 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2009-11-23 18:18 . 2008-03-15 15:39 -------- d-----w- c:\documents and settings\user\Application Data\skypePM
2009-11-21 15:51 . 2001-08-23 14:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:46 . 2001-08-23 14:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:46 . 2006-01-23 12:29 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:46 . 2001-08-23 14:00 17408 ------w- c:\windows\system32\corpol.dll
2000-07-14 23:00 . 2007-01-28 19:14 508928 ----a-w- c:\program files\Common Files\MSDE.DLL
2000-07-14 23:00 . 2007-01-28 19:14 136192 ----a-w- c:\program files\Common Files\MSDERUN.DLL
1998-06-17 23:00 . 2007-01-28 19:14 32768 ----a-w- c:\program files\Common Files\REGTOOL5.DLL
.

((((((((((((((((((((((((((((( SnapShot_2010-01-13_09.01.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-15 10:44 . 2010-01-15 10:44 16384 c:\windows\Temp\Perflib_Perfdata_10c.dat
+ 2005-05-26 03:16 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
+ 2006-01-23 12:28 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
+ 2006-01-23 11:39 . 2009-08-06 18:24 53472 c:\windows\system32\wuauclt.exe
+ 2001-08-23 14:00 . 2009-06-25 08:25 54272 c:\windows\system32\wdigest.dll
+ 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe
- 2009-02-24 23:05 . 2007-11-30 11:18 17272 c:\windows\system32\spmsg.dll
+ 2009-02-24 23:05 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2010-01-14 08:27 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2010-01-14 08:27 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
- 2001-08-23 14:00 . 2009-02-03 19:59 56832 c:\windows\system32\secur32.dll
+ 2001-08-23 14:00 . 2009-06-25 08:25 56832 c:\windows\system32\secur32.dll
- 2001-08-23 14:00 . 2008-04-14 00:12 79872 c:\windows\system32\raschap.dll
+ 2001-08-23 14:00 . 2009-10-12 13:38 79872 c:\windows\system32\raschap.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 44544 c:\windows\system32\pngfilt.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 44544 c:\windows\system32\pngfilt.dll
- 2001-08-23 14:00 . 2009-10-25 10:12 71060 c:\windows\system32\perfc009.dat
+ 2001-08-23 14:00 . 2010-01-15 03:30 71060 c:\windows\system32\perfc009.dat
+ 2007-08-13 17:54 . 2009-10-29 07:46 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 17:54 . 2009-06-29 16:12 52224 c:\windows\system32\msfeedsbs.dll
+ 2001-08-23 14:00 . 2009-09-04 21:03 58880 c:\windows\system32\msasn1.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 27648 c:\windows\system32\jsproxy.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 27648 c:\windows\system32\jsproxy.dll
- 2007-08-13 17:39 . 2009-06-29 11:07 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 17:39 . 2009-10-28 14:36 13824 c:\windows\system32\ieudinit.exe
+ 2001-08-23 14:00 . 2009-10-29 07:46 44544 c:\windows\system32\iernonce.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 44544 c:\windows\system32\iernonce.dll
+ 2001-08-23 14:00 . 2009-10-28 14:36 70656 c:\windows\system32\ie4uinit.exe
- 2001-08-23 14:00 . 2009-06-29 11:07 70656 c:\windows\system32\ie4uinit.exe
- 2007-08-13 17:36 . 2009-06-29 16:12 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 17:36 . 2009-10-29 07:46 63488 c:\windows\system32\icardie.dll
+ 2001-08-23 14:00 . 2009-10-15 16:28 81920 c:\windows\system32\fontsub.dll
- 2001-08-23 14:00 . 2009-06-16 14:36 81920 c:\windows\system32\fontsub.dll
+ 2001-08-23 14:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2006-01-23 12:28 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2006-01-23 11:39 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2009-06-25 08:25 . 2009-06-25 08:25 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-02-03 19:59 . 2009-06-25 08:25 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:59 . 2009-02-03 19:59 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 79872 c:\windows\system32\dllcache\raschap.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-01-08 13:56 . 2009-10-29 07:46 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-01-08 13:56 . 2009-06-29 16:12 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:03 . 2009-09-04 21:03 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2006-05-10 05:22 . 2009-10-29 07:46 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-01-08 13:56 . 2009-06-29 11:07 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-01-08 13:56 . 2009-10-28 14:36 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2007-08-13 17:39 . 2009-06-29 16:12 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2007-08-13 17:39 . 2009-10-29 07:46 44544 c:\windows\system32\dllcache\iernonce.dll
- 2009-02-20 18:09 . 2009-06-29 16:12 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 18:09 . 2009-10-29 07:46 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 17:39 . 2009-10-28 14:36 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 17:39 . 2009-06-29 11:07 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-01-08 13:56 . 2009-10-29 07:46 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-01-08 13:56 . 2009-06-29 16:12 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 81920 c:\windows\system32\dllcache\fontsub.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\system32\dllcache\fontsub.dll
- 2009-06-29 16:12 . 2009-06-29 16:12 17408 c:\windows\system32\dllcache\corpol.dll
+ 2009-06-29 16:12 . 2009-10-29 07:46 17408 c:\windows\system32\dllcache\corpol.dll
+ 2001-08-23 14:00 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2001-08-23 14:00 . 2009-08-06 18:24 96480 c:\windows\system32\cdm.dll
+ 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-01-15 02:56 . 2010-01-15 02:56 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 90112 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 45056 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 22528 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 30720 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\pptico.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 16384 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 34304 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 81920 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2010-01-15 03:24 . 2010-01-15 03:24 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2009-09-07 07:41 . 2009-09-07 07:41 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2007-03-21 16:58 . 2007-03-21 16:58 24416 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12EXE.EXE
+ 2007-03-21 17:00 . 2007-03-21 17:00 72096 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2010-01-15 03:05 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB976325-IE7\pngfilt.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 52224 c:\windows\ie7updates\KB976325-IE7\msfeedsbs.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 27648 c:\windows\ie7updates\KB976325-IE7\jsproxy.dll
+ 2010-01-15 03:05 . 2009-06-29 11:07 13824 c:\windows\ie7updates\KB976325-IE7\ieudinit.exe
+ 2010-01-15 03:05 . 2009-06-29 16:12 44544 c:\windows\ie7updates\KB976325-IE7\iernonce.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 78336 c:\windows\ie7updates\KB976325-IE7\ieencode.dll
+ 2010-01-15 03:05 . 2009-06-29 11:07 70656 c:\windows\ie7updates\KB976325-IE7\ie4uinit.exe
+ 2010-01-15 03:05 . 2009-06-29 16:12 63488 c:\windows\ie7updates\KB976325-IE7\icardie.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 17408 c:\windows\ie7updates\KB976325-IE7\corpol.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_a1e78418\System.Drawing.Design.dll
+ 2010-01-15 03:00 . 2010-01-15 03:00 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_81096ecb\CustomMarshalers.dll
+ 2010-01-15 10:50 . 2010-01-15 10:50 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2010-01-15 10:47 . 2010-01-15 10:47 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2010-01-15 10:46 . 2010-01-15 10:46 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2010-01-15 11:35 . 2010-01-15 11:35 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2006-01-23 14:29 . 2010-01-15 03:23 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 3584 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 8192 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 2560 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2009-08-23 03:42 . 2009-08-23 03:42 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-08-23 03:42 . 2009-08-23 03:42 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2006-01-23 12:28 . 2009-08-06 18:24 209632 c:\windows\system32\wuweb.dll
+ 2006-01-23 12:28 . 2009-08-06 18:24 327896 c:\windows\system32\wucltui.dll
+ 2006-01-23 12:29 . 2009-08-06 18:23 575704 c:\windows\system32\wuapi.dll
+ 2006-01-23 12:29 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 233472 c:\windows\system32\webcheck.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 233472 c:\windows\system32\webcheck.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 105984 c:\windows\system32\url.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 105984 c:\windows\system32\url.dll
+ 2001-08-23 14:00 . 2009-10-15 16:28 119808 c:\windows\system32\t2embed.dll
- 2001-08-23 14:00 . 2009-06-16 14:36 119808 c:\windows\system32\t2embed.dll
+ 2001-08-23 14:00 . 2009-08-26 08:00 247326 c:\windows\system32\strmdll.dll
- 2001-08-23 14:00 . 2008-10-03 10:02 247326 c:\windows\system32\strmdll.dll
+ 2001-08-23 14:00 . 2009-06-25 08:25 147456 c:\windows\system32\schannel.dll
+ 2001-08-23 14:00 . 2009-10-12 13:38 149504 c:\windows\system32\rastls.dll
- 2001-08-23 14:00 . 2009-10-25 10:12 441124 c:\windows\system32\perfh009.dat
+ 2001-08-23 14:00 . 2010-01-15 03:30 441124 c:\windows\system32\perfh009.dat
- 2001-08-23 14:00 . 2009-06-29 16:12 102912 c:\windows\system32\occache.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 102912 c:\windows\system32\occache.dll
+ 2001-08-23 14:00 . 2009-10-13 10:30 270336 c:\windows\system32\oakley.dll
- 2001-08-23 14:00 . 2008-04-14 00:12 270336 c:\windows\system32\oakley.dll
+ 2007-07-30 18:18 . 2009-08-06 18:23 215920 c:\windows\system32\muweb.dll
+ 2008-01-09 08:02 . 2009-08-06 18:23 274288 c:\windows\system32\mucltui.dll
+ 2001-08-23 14:00 . 2009-09-11 14:18 136192 c:\windows\system32\msv1_0.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 671232 c:\windows\system32\mstime.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 671232 c:\windows\system32\mstime.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 193024 c:\windows\system32\msrating.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 193024 c:\windows\system32\msrating.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 477696 c:\windows\system32\mshtmled.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-13 17:54 . 2009-10-29 07:46 459264 c:\windows\system32\msfeeds.dll
- 2007-08-13 17:54 . 2009-06-29 16:12 459264 c:\windows\system32\msfeeds.dll
+ 2001-08-23 14:00 . 2009-06-25 08:25 730112 c:\windows\system32\lsasrv.dll
+ 2001-08-23 14:00 . 2009-06-25 08:25 301568 c:\windows\system32\kerberos.dll
- 2001-08-23 14:00 . 2008-05-09 10:53 512000 c:\windows\system32\jscript.dll
+ 2001-08-23 14:00 . 2009-08-13 15:16 512000 c:\windows\system32\jscript.dll
+ 2007-08-13 17:34 . 2009-10-29 07:46 268288 c:\windows\system32\iertutil.dll
- 2007-08-13 17:34 . 2009-06-29 16:12 268288 c:\windows\system32\iertutil.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 385024 c:\windows\system32\iedkcs32.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 11:27 . 2009-06-29 16:12 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 11:27 . 2009-10-29 07:46 380928 c:\windows\system32\ieapfltr.dll
+ 2001-08-23 14:00 . 2009-10-28 06:52 161792 c:\windows\system32\ieakui.dll
- 2001-08-23 14:00 . 2009-06-29 08:33 161792 c:\windows\system32\ieakui.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 230400 c:\windows\system32\ieaksie.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 230400 c:\windows\system32\ieaksie.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 153088 c:\windows\system32\ieakeng.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 153088 c:\windows\system32\ieakeng.dll
+ 2006-01-23 12:34 . 2010-01-15 10:43 172280 c:\windows\system32\FNTCACHE.DAT
- 2006-01-23 12:34 . 2009-09-08 08:35 172280 c:\windows\system32\FNTCACHE.DAT
+ 2006-01-23 12:29 . 2009-10-29 07:46 133120 c:\windows\system32\extmgr.dll
- 2006-01-23 12:29 . 2009-06-29 16:12 133120 c:\windows\system32\extmgr.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 214528 c:\windows\system32\dxtrans.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 214528 c:\windows\system32\dxtrans.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 347136 c:\windows\system32\dxtmsft.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 347136 c:\windows\system32\dxtmsft.dll
+ 2006-01-23 12:28 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2006-01-23 12:28 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2006-01-23 12:29 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2006-01-23 12:29 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 17:54 . 2009-06-29 16:12 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 17:54 . 2009-10-29 07:46 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 17:44 . 2009-10-29 07:46 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-13 17:44 . 2009-06-29 16:12 105984 c:\windows\system32\dllcache\url.dll
+ 2009-06-16 14:36 . 2009-10-15 16:28 119808 c:\windows\system32\dllcache\t2embed.dll
- 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2006-08-21 08:52 . 2009-08-26 08:00 247326 c:\windows\system32\dllcache\strmdll.dll
- 2006-08-21 08:52 . 2008-10-03 10:02 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-12-05 06:54 . 2009-06-25 08:25 147456 c:\windows\system32\dllcache\schannel.dll
+ 2009-10-12 13:38 . 2009-10-12 13:38 149504 c:\windows\system32\dllcache\rastls.dll
+ 2007-08-13 17:44 . 2009-10-29 07:46 102912 c:\windows\system32\dllcache\occache.dll
- 2007-08-13 17:44 . 2009-06-29 16:12 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:30 . 2009-10-13 10:30 270336 c:\windows\system32\dllcache\oakley.dll
+ 2009-06-25 08:25 . 2009-09-11 14:18 136192 c:\windows\system32\dllcache\msv1_0.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 671232 c:\windows\system32\dllcache\mstime.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 671232 c:\windows\system32\dllcache\mstime.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 193024 c:\windows\system32\dllcache\msrating.dll
- 2006-05-10 05:23 . 2009-06-29 16:12 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2006-05-10 05:23 . 2009-10-29 07:46 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-01-08 13:56 . 2009-06-29 16:12 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-01-08 13:56 . 2009-10-29 07:46 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-04-16 21:14 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-05-09 10:53 . 2009-08-13 15:16 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-05-09 10:53 . 2008-05-09 10:53 512000 c:\windows\system32\dllcache\jscript.dll
- 2007-08-13 17:43 . 2009-06-29 08:35 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2007-08-13 17:43 . 2009-10-28 06:54 634632 c:\windows\system32\dllcache\iexplore.exe
+ 2008-01-08 13:56 . 2009-10-29 07:46 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-01-08 13:56 . 2009-06-29 16:12 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 17:39 . 2009-06-29 16:12 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 17:39 . 2009-10-29 07:46 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-01-08 13:56 . 2009-06-29 16:12 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-01-08 13:56 . 2009-10-29 07:46 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2001-08-23 14:00 . 2009-10-28 06:52 161792 c:\windows\system32\dllcache\ieakui.dll
- 2001-08-23 14:00 . 2009-06-29 08:33 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-13 17:39 . 2009-10-29 07:46 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 17:39 . 2009-06-29 16:12 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 17:39 . 2009-06-29 16:12 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 17:39 . 2009-10-29 07:46 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-05-10 05:22 . 2009-10-29 07:46 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2006-05-10 05:22 . 2009-10-29 07:46 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2006-05-10 05:22 . 2009-06-29 16:12 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2006-05-10 05:22 . 2009-10-29 07:46 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2007-08-13 17:39 . 2009-06-29 16:12 124928 c:\windows\system32\dllcache\advpack.dll
+ 2007-08-13 17:39 . 2009-10-29 07:46 124928 c:\windows\system32\dllcache\advpack.dll
- 2001-08-23 14:00 . 2009-06-29 16:12 124928 c:\windows\system32\advpack.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 124928 c:\windows\system32\advpack.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\3f8219f.msp
+ 2009-11-05 13:21 . 2009-11-05 13:21 537600 c:\windows\Installer\3f82194.msp
+ 2010-01-15 02:56 . 2010-01-15 02:56 429568 c:\windows\Installer\3f82131.msi
+ 2006-01-23 14:29 . 2010-01-15 03:23 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 114688 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2006-01-23 14:29 . 2009-08-16 21:52 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2006-01-23 14:29 . 2010-01-15 03:23 167936 c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2010-01-15 03:05 . 2009-06-29 16:12 827392 c:\windows\ie7updates\KB976325-IE7\wininet.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 233472 c:\windows\ie7updates\KB976325-IE7\webcheck.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 105984 c:\windows\ie7updates\KB976325-IE7\url.dll
+ 2010-01-15 03:05 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976325-IE7\spuninst\updspapi.dll
+ 2010-01-15 03:05 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe
+ 2010-01-15 03:05 . 2009-06-29 16:12 102912 c:\windows\ie7updates\KB976325-IE7\occache.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 671232 c:\windows\ie7updates\KB976325-IE7\mstime.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 193024 c:\windows\ie7updates\KB976325-IE7\msrating.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 477696 c:\windows\ie7updates\KB976325-IE7\mshtmled.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 459264 c:\windows\ie7updates\KB976325-IE7\msfeeds.dll
+ 2010-01-15 03:05 . 2009-06-29 08:35 634632 c:\windows\ie7updates\KB976325-IE7\iexplore.exe
+ 2010-01-15 03:05 . 2009-06-29 16:12 268288 c:\windows\ie7updates\KB976325-IE7\iertutil.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 385024 c:\windows\ie7updates\KB976325-IE7\iedkcs32.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 380928 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dll
+ 2010-01-15 03:05 . 2009-06-29 08:33 161792 c:\windows\ie7updates\KB976325-IE7\ieakui.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 230400 c:\windows\ie7updates\KB976325-IE7\ieaksie.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 153088 c:\windows\ie7updates\KB976325-IE7\ieakeng.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 133120 c:\windows\ie7updates\KB976325-IE7\extmgr.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 214528 c:\windows\ie7updates\KB976325-IE7\dxtrans.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 347136 c:\windows\ie7updates\KB976325-IE7\dxtmsft.dll
+ 2010-01-15 03:05 . 2009-06-29 16:12 124928 c:\windows\ie7updates\KB976325-IE7\advpack.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_9f765b02\System.Drawing.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_923f38d5\System.Drawing.Design.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_cd7cf31a\CustomMarshalers.dll
+ 2010-01-15 10:50 . 2010-01-15 10:50 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2010-01-15 10:50 . 2010-01-15 10:50 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2010-01-15 11:35 . 2010-01-15 11:35 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2010-01-14 08:39 . 2009-08-13 13:55 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2006-01-23 11:39 . 2009-08-06 18:23 1929952 c:\windows\system32\wuaueng.dll
- 2001-08-23 14:00 . 2008-06-18 04:03 2458112 c:\windows\system32\WMVCore.dll
+ 2001-08-23 14:00 . 2009-05-20 03:56 2458112 c:\windows\system32\WMVCore.dll
+ 2001-08-23 14:00 . 2009-08-14 13:21 1850624 c:\windows\system32\win32k.sys
+ 2001-08-23 14:00 . 2009-10-29 07:46 1168384 c:\windows\system32\urlmon.dll
- 2001-08-23 14:00 . 2008-04-14 00:12 1435648 c:\windows\system32\query.dll
+ 2001-08-23 14:00 . 2009-07-17 16:22 1435648 c:\windows\system32\query.dll
+ 2001-08-23 14:00 . 2009-08-04 19:44 2189184 c:\windows\system32\ntoskrnl.exe
+ 2001-08-17 13:48 . 2009-08-04 14:20 2066048 c:\windows\system32\ntkrnlpa.exe
- 2001-08-17 13:48 . 2009-02-07 17:02 2066048 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-19 07:10 . 2009-07-31 09:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll
+ 2001-08-23 14:00 . 2009-07-31 04:35 1172480 c:\windows\system32\msxml3.dll
+ 2001-08-23 14:00 . 2009-10-29 07:46 3598336 c:\windows\system32\mshtml.dll
+ 2007-08-13 17:54 . 2009-10-29 07:46 6067200 c:\windows\system32\ieframe.dll
- 2007-08-13 17:54 . 2009-07-19 13:32 6067200 c:\windows\system32\ieframe.dll
+ 2009-08-20 14:09 . 2009-08-20 14:09 1193832 c:\windows\system32\FM20.DLL
+ 2006-01-23 11:39 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2001-08-23 14:00 . 2009-05-20 03:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
- 2001-08-23 14:00 . 2008-06-18 04:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-15 06:59 . 2009-08-14 13:21 1850624 c:\windows\system32\dllcache\win32k.sys
+ 2006-05-10 05:23 . 2009-10-29 07:46 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2009-07-17 16:22 . 2009-07-17 16:22 1435648 c:\windows\system32\dllcache\query.dll
+ 2008-10-15 06:59 . 2009-08-04 19:44 2189184 c:\windows\system32\dllcache\ntoskrnl.exe
- 2008-10-15 06:59 . 2009-02-06 10:32 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 06:59 . 2009-08-04 14:20 2023936 c:\windows\system32\dllcache\ntkrpamp.exe
- 2008-10-15 06:59 . 2009-02-07 17:02 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 06:59 . 2009-08-04 14:20 2066048 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 06:59 . 2009-08-04 15:13 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2008-10-15 06:59 . 2009-02-06 11:06 2145280 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-08-19 07:10 . 2009-07-31 09:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2006-09-13 05:01 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2006-05-19 15:08 . 2009-10-29 07:46 3598336 c:\windows\system32\dllcache\mshtml.dll
+ 2008-01-08 13:56 . 2009-10-29 07:46 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2008-01-08 13:56 . 2009-07-19 13:32 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-11-25 02:59 . 2008-11-25 02:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-09-30 14:11 . 2009-09-30 14:11 8409088 c:\windows\Installer\3f821fa.msp
+ 2009-09-04 14:31 . 2009-09-04 14:31 7972864 c:\windows\Installer\3f821dc.msp
+ 2008-06-19 17:28 . 2008-06-19 17:28 1573376 c:\windows\Installer\3f821c7.msp
+ 2009-08-20 14:27 . 2009-08-20 14:27 3622400 c:\windows\Installer\3f82168.msp
+ 2009-09-10 21:44 . 2009-09-10 21:44 6704640 c:\windows\Installer\3f8214a.msp
+ 2007-07-21 12:26 . 2007-07-21 12:26 7574016 c:\windows\Installer\3f82127.msp
+ 2008-10-20 09:18 . 2008-10-20 09:18 6474240 c:\windows\Installer\3f8211e.msp
+ 2007-03-21 16:58 . 2007-03-21 16:58 4145520 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\WRD12CNV.DLL
+ 2007-05-10 08:11 . 2007-05-10 08:11 1767256 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2006-10-27 13:18 . 2006-10-27 13:18 1658152 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OGL.DLL
+ 2010-01-15 03:05 . 2009-06-29 16:12 1159680 c:\windows\ie7updates\KB976325-IE7\urlmon.dll
+ 2010-01-15 03:05 . 2009-07-19 13:33 3597824 c:\windows\ie7updates\KB976325-IE7\mshtml.dll
+ 2010-01-15 03:05 . 2009-07-19 13:32 6067200 c:\windows\ie7updates\KB976325-IE7\ieframe.dll
+ 2008-10-15 06:59 . 2009-08-04 19:44 2189184 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2008-10-15 06:59 . 2009-02-06 10:32 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 06:59 . 2009-08-04 14:20 2023936 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2008-10-15 06:59 . 2009-02-07 17:02 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 06:59 . 2009-08-04 14:20 2066048 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2008-10-15 06:59 . 2009-02-06 11:06 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-10-15 06:59 . 2009-08-04 15:13 2145280 c:\windows\Driver Cache\i386\ntkrnlmp.exe

[enyml]

+ 2010-01-15 03:02 . 2010-01-15 03:02 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_e55cda87\System.dll
+ 2010-01-15 03:00 . 2010-01-15 03:00 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ce46b537\System.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8652d7da\System.Xml.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_788e28b0\System.Xml.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b95f55d8\System.Windows.Forms.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_874382a3\System.Windows.Forms.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_09da781f\System.Drawing.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f6316b7a\System.Design.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_569de0f3\System.Design.dll
+ 2010-01-15 03:01 . 2010-01-15 03:01 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_847038d2\mscorlib.dll
+ 2010-01-15 03:02 . 2010-01-15 03:02 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_0227240a\mscorlib.dll
+ 2010-01-15 10:46 . 2010-01-15 10:46 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2010-01-15 10:50 . 2010-01-15 10:50 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2010-01-15 10:45 . 2010-01-15 10:45 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2010-01-15 11:36 . 2010-01-15 11:36 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2010-01-15 10:46 . 2010-01-15 10:46 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-08-23 03:42 . 2009-08-23 03:42 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-01-15 03:29 . 2010-01-15 03:29 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-01-15 03:00 . 2010-01-15 03:00 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-01-08 14:09 . 2008-01-08 14:09 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-01-08 14:09 . 2008-01-08 14:09 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-01-15 03:00 . 2010-01-15 03:00 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2006-01-26 11:52 . 2010-01-04 15:17 29634504 c:\windows\system32\MRT.exe
+ 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2009-08-14 19:32 . 2009-08-14 19:32 11110912 c:\windows\Installer\4148623.msp
+ 2008-09-24 11:05 . 2008-09-24 11:05 16381440 c:\windows\Installer\4148619.msp
+ 2008-08-11 10:51 . 2008-08-11 10:51 15916544 c:\windows\Installer\3f821e5.msp
+ 2009-10-08 17:04 . 2009-10-08 17:04 17510400 c:\windows\Installer\3f821bd.msp
+ 2008-08-11 10:49 . 2008-08-11 10:49 22457344 c:\windows\Installer\3f821a8.msp
+ 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\3f82180.msp
+ 2009-02-25 18:07 . 2009-02-25 18:07 11646464 c:\windows\Installer\3f82153.msp
+ 2007-05-10 08:25 . 2007-05-10 08:25 14677368 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\XL12CNV.EXE
+ 2007-05-08 09:10 . 2007-05-08 09:10 16874376 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL
+ 2010-01-15 10:49 . 2010-01-15 10:49 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2010-01-15 10:49 . 2010-01-15 10:49 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2010-01-15 10:48 . 2010-01-15 10:48 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2010-01-15 10:47 . 2010-01-15 10:47 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2010-01-15 03:30 . 2010-01-15 03:30 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"D-Link AirPlus G"="c:\program files\D-Link\AirPlus G\AirGCFG.exe" [2005-07-22 1519616]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-02-08 278528]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-04-04 282624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-07-11 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-11 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-11 131072]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-11 16132608]
"SkyTel"="SkyTel.EXE" [2007-07-11 1826816]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"PDF3 Registry Controller"="c:\program files\ScanSoft\PDF Professional 3.0\\RegistryController.exe" [2005-04-29 106496]
"OCAudioIni"="c:\program files\One-click Audio Converter\OCAudioIni.exe" [2007-03-12 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-8-6 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\NubaStream\\nuba.exe"=
"c:\\Program Files\\Vircas\\vircas.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ABC\\abc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 NaiFsRec;NaiFsRec;c:\windows\system32\drivers\naifsrec.sys [30.4.2001 4:51 4512]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 NaiFiltr;NaiFiltr;c:\program files\Common Files\Network Associates\McShield\naifiltr.sys [26.11.2001 16:51 23856]
R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 9:46 162176]
S2 AvSynMgr;AVSync Manager;c:\program files\Network Associates\VirusScan\Avsynmgr.exe [26.11.2001 16:51 155665]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2010-01-15 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-23 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Open with Scansoft PDF Converter 3.0 - c:\program files\ScanSoft\PDF Professional 3.0\IEShellExt.dll /100
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\99juy0dc.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-15 12:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3696)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-01-15 12:39:05
ComboFix-quarantined-files.txt 2010-01-15 11:39
ComboFix2.txt 2010-01-13 17:31
ComboFix3.txt 2010-01-13 09:04
ComboFix4.txt 2009-08-24 16:26
ComboFix5.txt 2010-01-15 11:28

Před spuštěním: 14 735 486 976 bytes free
Po spuštění: 14 696 574 976 bytes free

- - End Of File - - 7699454B10499150BEAB0D11361FF964

Diky moc..

[Rudy]

Log již vypadá čistý.

[enyml]

Mod díky, posílám SMS

[Rudy]

Nemáte zač a za příspěvek děkujeme!