Dobrý den, bohůžel mě taky postihl FB vir a tak jsem se to rozhodl řešit sám...otevřel jsem si správce úloh->procesy a ukončil asi 5x schvost.exe a potom jsem je odstranil ve složce windows. Stačí to na odstranění tohoto viru?
*********************************************************************
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tuf at 2011-07-25 21:06:23
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (11%) free of 76 GB
Total RAM: 1023 MB (32% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:32, on 25.7.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\l1rezerv.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tuf\Plocha\utorrent.exe
C:\Program Files\Programs\MFIndexer.exe
C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tuf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-3-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\WINDOWS\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico2] C:\WINDOWS\update.tray-14-0\svchost.exe
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Tuf\Plocha\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Program Files\Programs\MFIndexer.exe
O4 - Global Startup: EdgeCLS11.00.lnk = C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://skyonline.oberon-media.com/Games ... meHost.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.163.182,93.188.166.182
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.163.182,93.188.166.182
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.163.182,93.188.166.182
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe (file missing)
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe (file missing)
--
End of file - 10877 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Driver Fetch.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firefox@red-cog.com:2.8, {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3, {c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}:0.8, webmaster@keep-tube.com:1.2, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, vshare@toolbar:1.0.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, engine@conduit.com:3.2.5.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\extensions\
engine@conduit.com
firefox@red-cog.com
plugin2@gameplaylabs.com
toolbar@ask.com
vshare@toolbar
webmaster@keep-tube.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{84b24861-62f6-364b-eba5-2e5e2061d7e6}
{c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F85D76C-0569-466F-A488-493E6BD0E955}]
dsWebAllowBHO Class - C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 265432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-14 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2006-07-07 348160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
""= []
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2010-11-29 421888]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-3-0\svchost.exe []
"tray_ico1"=C:\WINDOWS\update.tray-2-0\svchost.exe []
"tray_ico2"=C:\WINDOWS\update.tray-14-0\svchost.exe []
"tray_ico3"= []
"tray_ico4"= []
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe [2011-07-23 232960]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2005-10-28 94208]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-08 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"uTorrent"=C:\Documents and Settings\Tuf\Plocha\utorrent.exe [2011-03-29 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Corel MEDIA FOLDERS INDEXER 8.LNK - C:\Program Files\Programs\MFIndexer.exe
EdgeCLS11.00.lnk - C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Documents and Settings\Tuf\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe"="C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Documents and Settings\Tuf\Plocha\utorrent.exe"="C:\Documents and Settings\Tuf\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game"="C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"c:\windows\explorer.exe"="c:\windows\explorer.exe:*:Enabled:ENABLE"
"c:\windows\system32\userinit.exe"="c:\windows\system32\userinit.exe:*:Enabled:ENABLE"
"C:\WINDOWS\Temp\wpv561253178221.exe"="C:\WINDOWS\Temp\wpv561253178221.exe:*:Enabled:services"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sega\Vancouver 2010\Vancouver.exe"="C:\Program Files\Sega\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"SENTINEL"=snti386.dll
"vidc.tscc"=tsccvid.dll
"vidc.yv12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.wmv3"=wmv9vcm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.XVID"=xvidvfw.dll
"vidc.SVLC"=svlcvid.dll
======File associations======
.inf - install -
.reg - open - "regedit.exe" "%1"
======List of files/folders created in the last 1 month======
2011-07-25 21:06:24 ----D---- C:\Program Files\trend micro
2011-07-25 21:06:23 ----D---- C:\rsit
2011-07-24 13:41:55 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-23 15:47:24 ----A---- C:\WINDOWS\system32\drivers\INTELPPM.SYS
2011-07-23 15:20:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-07-23 14:55:53 ----D---- C:\WINDOWS\Prefetch
2011-07-22 19:43:10 ----D---- C:\WINDOWS\rpcminer
2011-07-22 19:43:10 ----D---- C:\WINDOWS\phoenix
2011-07-22 19:40:32 ----D---- C:\Program Files\Microsoft Security Client
2011-07-22 19:40:14 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-07-22 19:40:07 ----A---- C:\WINDOWS\l1rezerv.exe
2011-07-22 19:39:47 ----D---- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 19:39:32 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-22 19:37:17 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-22 19:36:51 ----A---- C:\WINDOWS\unrar.exe
2011-07-22 19:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$
2011-07-22 19:35:28 ----A---- C:\WINDOWS\iplist.txt
2011-07-22 19:35:11 ----D---- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 19:32:55 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-22 18:23:34 ----D---- C:\WINDOWS\av_ico
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-dirs.txt
======List of files/folders modified in the last 1 month======
2011-07-25 21:06:24 ----D---- C:\Program Files
2011-07-25 21:05:18 ----D---- C:\Documents and Settings\Tuf\Data aplikací\uTorrent
2011-07-25 21:04:36 ----D---- C:\WINDOWS\Temp
2011-07-25 21:03:11 ----D---- C:\WINDOWS
2011-07-25 20:33:21 ----SD---- C:\WINDOWS\Tasks
2011-07-25 19:05:52 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-25 19:05:39 ----D---- C:\Documents and Settings\Tuf\Data aplikací\OpenOffice.org2
2011-07-25 19:05:32 ----D---- C:\TEMP
2011-07-25 14:56:49 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-07-23 21:25:08 ----D---- C:\Documents and Settings\Tuf\Data aplikací\dvdcss
2011-07-23 15:48:52 ----D---- C:\WINDOWS\system32\drivers
2011-07-23 15:48:52 ----D---- C:\WINDOWS\system32
2011-07-23 15:47:41 ----D---- C:\WINDOWS\system32\config
2011-07-23 15:47:26 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-23 15:16:02 ----SHD---- C:\WINDOWS\Installer
2011-07-23 15:16:02 ----HD---- C:\Config.Msi
2011-07-23 15:15:45 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-22 19:45:30 ----A---- C:\boot.ini
2011-07-22 19:44:50 ----SHD---- C:\System Volume Information
2011-07-22 19:41:54 ----HD---- C:\WINDOWS\inf
2011-07-22 19:36:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-22 19:36:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-16 22:05:57 ----D---- C:\Documents and Settings\Tuf\Data aplikací\ICQ
2011-07-10 17:13:39 ----D---- C:\Documents and Settings\Tuf\Data aplikací\PriceGong
2011-06-30 11:42:17 ----D---- C:\Program Files\ICQ7.5
2011-06-26 20:44:31 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2006-08-25 36528]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-31 717296]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2007-06-16 2944]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS [2011-07-23 39936]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKsl8000deab;MpKsl8000deab; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl8000deab.sys []
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 CX23880;WinFast CX2388x WDM Video Capture.; C:\WINDOWS\system32\drivers\cx88vid.sys [2005-06-28 163584]
R2 CXTUNE;WinFast CX2388x WDM TVTuner.; C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-06-28 30976]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-06-12 76288]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 CXAVXBAR;WinFast CX2388x WDM Crossbar.; C:\WINDOWS\system32\drivers\cxavxbar.sys [2005-06-28 9728]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S1 amphkgqz;amphkgqz; \??\C:\WINDOWS\system32\drivers\amphkgqz.sys []
S1 bcde;bcde; \??\C:\WINDOWS\system32\bcde.sys []
S1 dc59b889;dc59b889; C:\WINDOWS\System32\drivers\dc59b889.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 awd47q66;awd47q66; C:\WINDOWS\system32\drivers\awd47q66.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-23 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-18 12416]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-27 75136]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 190448]
S2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe srv []
S2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe srv []
S2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe srv []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-07-28 79360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getplushelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-02-17 72704]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
FB vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
kontrola probíhá už hodinu a pul, je možné aby to trvalo tak dlouho?
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
Záleží na rychlosti systému a velikosti disku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
takze
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
26.7.2011 0:00:10
mbam-log-2011-07-26 (00-00-09).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 263675
Uplynulý čas: 2 hodin, 31 minut, 53 sekund
Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 7
Infikované složky: 0
Infikované soubory: 17
Infikované procesy v paměti:
c:\WINDOWS\l1rezerv.exe (Trojan.Agent) -> 1728 -> Unloaded process successfully.
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WXPDRIVERS (Trojan.Agent) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.163.182,93.188.166.182) Good: () -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\documents and settings\Tuf\dokumenty\downloads\call of duty 4 modern warfare full-rip skullptura\call of duty\call of duty 4 - modern warfare\#readme#\rzr-cod4-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000001.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000002.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000003.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000004.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000160.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000162.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000163.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000164.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000193.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000158.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000194.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000195.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000197.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000246.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\local settings\Temp\GKAK0.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\l1rezerv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
26.7.2011 0:00:10
mbam-log-2011-07-26 (00-00-09).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 263675
Uplynulý čas: 2 hodin, 31 minut, 53 sekund
Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 7
Infikované složky: 0
Infikované soubory: 17
Infikované procesy v paměti:
c:\WINDOWS\l1rezerv.exe (Trojan.Agent) -> 1728 -> Unloaded process successfully.
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WXPDRIVERS (Trojan.Agent) -> Quarantined and deleted successfully.
Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Bad: (93.188.163.182,93.188.166.182) Good: () -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\documents and settings\Tuf\dokumenty\downloads\call of duty 4 modern warfare full-rip skullptura\call of duty\call of duty 4 - modern warfare\#readme#\rzr-cod4-keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000001.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000002.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000003.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP0\A0000004.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000160.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000162.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000163.exe (Backdoor.Delf) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000164.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000193.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000158.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000194.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000195.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000197.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5dcbad06-276a-463b-a87d-984b999f9185}\RP1\A0000246.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\config\systemprofile\local settings\Temp\GKAK0.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\l1rezerv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
Vše smazáno. Nyní restartujte a dejte nový log z RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
Logfile of random's system information tool 1.09 (written by random/random)
Run by Tuf at 2011-07-26 14:04:46
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (10%) free of 76 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:04, on 26.7.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tuf\Plocha\utorrent.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Programs\MFIndexer.exe
C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tuf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Tuf\Plocha\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Program Files\Programs\MFIndexer.exe
O4 - Global Startup: EdgeCLS11.00.lnk = C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://skyonline.oberon-media.com/Games ... meHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 10021 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Driver Fetch.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firefox@red-cog.com:2.8, {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3, {c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}:0.8, webmaster@keep-tube.com:1.2, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, vshare@toolbar:1.0.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, engine@conduit.com:3.2.5.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\extensions\
engine@conduit.com
firefox@red-cog.com
plugin2@gameplaylabs.com
toolbar@ask.com
vshare@toolbar
webmaster@keep-tube.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{84b24861-62f6-364b-eba5-2e5e2061d7e6}
{c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F85D76C-0569-466F-A488-493E6BD0E955}]
dsWebAllowBHO Class - C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 265432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-14 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2006-07-07 348160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
""= []
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2010-11-29 421888]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"tray_ico"= []
"tray_ico3"= []
"tray_ico4"= []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2005-10-28 94208]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-08 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"uTorrent"=C:\Documents and Settings\Tuf\Plocha\utorrent.exe [2011-03-29 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Corel MEDIA FOLDERS INDEXER 8.LNK - C:\Program Files\Programs\MFIndexer.exe
EdgeCLS11.00.lnk - C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Documents and Settings\Tuf\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe"="C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Documents and Settings\Tuf\Plocha\utorrent.exe"="C:\Documents and Settings\Tuf\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game"="C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"c:\windows\explorer.exe"="c:\windows\explorer.exe:*:Enabled:ENABLE"
"c:\windows\system32\userinit.exe"="c:\windows\system32\userinit.exe:*:Enabled:ENABLE"
"C:\WINDOWS\Temp\wpv561253178221.exe"="C:\WINDOWS\Temp\wpv561253178221.exe:*:Enabled:services"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sega\Vancouver 2010\Vancouver.exe"="C:\Program Files\Sega\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"SENTINEL"=snti386.dll
"vidc.tscc"=tsccvid.dll
"vidc.yv12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.wmv3"=wmv9vcm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.XVID"=xvidvfw.dll
"vidc.SVLC"=svlcvid.dll
======File associations======
.inf - install -
======List of files/folders created in the last 1 month======
2011-07-25 21:25:50 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-25 21:25:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-25 21:06:24 ----D---- C:\Program Files\trend micro
2011-07-25 21:06:23 ----D---- C:\rsit
2011-07-24 13:41:55 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-23 15:47:24 ----A---- C:\WINDOWS\system32\drivers\INTELPPM.SYS
2011-07-23 15:20:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-07-23 14:55:53 ----D---- C:\WINDOWS\Prefetch
2011-07-22 19:43:10 ----D---- C:\WINDOWS\rpcminer
2011-07-22 19:43:10 ----D---- C:\WINDOWS\phoenix
2011-07-22 19:40:32 ----D---- C:\Program Files\Microsoft Security Client
2011-07-22 19:40:14 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-07-22 19:39:47 ----D---- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 19:39:32 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-22 19:37:17 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-22 19:36:51 ----A---- C:\WINDOWS\unrar.exe
2011-07-22 19:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$
2011-07-22 19:35:28 ----A---- C:\WINDOWS\iplist.txt
2011-07-22 19:35:11 ----D---- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 19:32:55 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-22 18:23:34 ----D---- C:\WINDOWS\av_ico
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-dirs.txt
======List of files/folders modified in the last 1 month======
2011-07-26 14:04:47 ----D---- C:\Documents and Settings\Tuf\Data aplikací\uTorrent
2011-07-26 14:04:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 14:03:54 ----D---- C:\WINDOWS\Temp
2011-07-26 14:03:31 ----SD---- C:\WINDOWS\Tasks
2011-07-26 14:03:29 ----D---- C:\Documents and Settings\Tuf\Data aplikací\OpenOffice.org2
2011-07-26 14:02:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 12:02:12 ----D---- C:\TEMP
2011-07-26 12:01:48 ----D---- C:\WINDOWS
2011-07-26 12:00:58 ----D---- C:\WINDOWS\msagent
2011-07-26 12:00:57 ----D---- C:\WINDOWS\system32\drivers
2011-07-25 21:25:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-25 21:06:24 ----D---- C:\Program Files
2011-07-23 21:25:08 ----D---- C:\Documents and Settings\Tuf\Data aplikací\dvdcss
2011-07-23 15:48:52 ----D---- C:\WINDOWS\system32
2011-07-23 15:47:41 ----D---- C:\WINDOWS\system32\config
2011-07-23 15:47:26 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-23 15:16:02 ----SHD---- C:\WINDOWS\Installer
2011-07-23 15:16:02 ----HD---- C:\Config.Msi
2011-07-23 15:15:45 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-22 19:45:30 ----A---- C:\boot.ini
2011-07-22 19:44:50 ----SHD---- C:\System Volume Information
2011-07-22 19:41:54 ----HD---- C:\WINDOWS\inf
2011-07-22 19:36:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-22 19:36:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-16 22:05:57 ----D---- C:\Documents and Settings\Tuf\Data aplikací\ICQ
2011-07-10 17:13:39 ----D---- C:\Documents and Settings\Tuf\Data aplikací\PriceGong
2011-06-30 11:42:17 ----D---- C:\Program Files\ICQ7.5
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2006-08-25 36528]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-31 717296]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2007-06-16 2944]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS [2011-07-23 39936]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslf6ae8042;MpKslf6ae8042; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKslf6ae8042.sys []
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 CX23880;WinFast CX2388x WDM Video Capture.; C:\WINDOWS\system32\drivers\cx88vid.sys [2005-06-28 163584]
R2 CXTUNE;WinFast CX2388x WDM TVTuner.; C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-06-28 30976]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-06-12 76288]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 CXAVXBAR;WinFast CX2388x WDM Crossbar.; C:\WINDOWS\system32\drivers\cxavxbar.sys [2005-06-28 9728]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S1 amphkgqz;amphkgqz; \??\C:\WINDOWS\system32\drivers\amphkgqz.sys []
S1 bcde;bcde; \??\C:\WINDOWS\system32\bcde.sys []
S1 dc59b889;dc59b889; C:\WINDOWS\System32\drivers\dc59b889.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 apebjsdx;apebjsdx; C:\WINDOWS\system32\drivers\apebjsdx.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-23 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-18 12416]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-27 75136]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 190448]
S2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe srv []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-07-28 79360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getplushelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-02-17 72704]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Tuf at 2011-07-26 14:04:46
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (10%) free of 76 GB
Total RAM: 1023 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:05:04, on 26.7.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Tuf\Plocha\utorrent.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Programs\MFIndexer.exe
C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Tuf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: (no name) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Tuf\Plocha\utorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Program Files\Programs\MFIndexer.exe
O4 - Global Startup: EdgeCLS11.00.lnk = C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://skyonline.oberon-media.com/Games ... meHost.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\
--
End of file - 10021 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Driver Fetch.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firefox@red-cog.com:2.8, {84b24861-62f6-364b-eba5-2e5e2061d7e6}:0.9.3, {c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}:0.8, webmaster@keep-tube.com:1.2, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, vshare@toolbar:1.0.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, engine@conduit.com:3.2.5.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://www.google.com/search?ie=UTF-8&o ... &gfns=1&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX® Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=13]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\extensions\
engine@conduit.com
firefox@red-cog.com
plugin2@gameplaylabs.com
toolbar@ask.com
vshare@toolbar
webmaster@keep-tube.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{84b24861-62f6-364b-eba5-2e5e2061d7e6}
{c82bcf0e-ebff-486f-bc3e-58ab0ba5286a}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F85D76C-0569-466F-A488-493E6BD0E955}]
dsWebAllowBHO Class - C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 265432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-14 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-14 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-05-17 1490312]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-06-20 77824]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2006-07-07 348160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-01-12 49208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
""= []
"QuickTime Task"=C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe [2010-11-29 421888]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"tray_ico"= []
"tray_ico3"= []
"tray_ico4"= []
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2005-10-28 94208]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-08 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"uTorrent"=C:\Documents and Settings\Tuf\Plocha\utorrent.exe [2011-03-29 399736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Corel MEDIA FOLDERS INDEXER 8.LNK - C:\Program Files\Programs\MFIndexer.exe
EdgeCLS11.00.lnk - C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe
C:\Documents and Settings\Tuf\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe"="C:\Program Files\Sony\Vegas 7.0\VegSrv70.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Documents and Settings\Tuf\Plocha\utorrent.exe"="C:\Documents and Settings\Tuf\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game"="C:\Program Files\Electronic Arts\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"c:\windows\explorer.exe"="c:\windows\explorer.exe:*:Enabled:ENABLE"
"c:\windows\system32\userinit.exe"="c:\windows\system32\userinit.exe:*:Enabled:ENABLE"
"C:\WINDOWS\Temp\wpv561253178221.exe"="C:\WINDOWS\Temp\wpv561253178221.exe:*:Enabled:services"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call.of.Duty.4.Modern.Warfare.Full-Rip.Skullptura\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Documents and Settings\Tuf\Dokumenty\Downloads\Call of Duty 4 Modern Warfare Full-Rip Skullptura\Call of duty\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Sega\Vancouver 2010\Vancouver.exe"="C:\Program Files\Sega\Vancouver 2010\Vancouver.exe:*:Enabled:Vancouver 2010™"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"="C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe:*:Enabled:C:\Documents and Settings\Tuf\Dokumenty\Stažené soubory\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
"C:\WINDOWS\update.tray-3-0\svchost.exe"="C:\WINDOWS\update.tray-3-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-3-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"SENTINEL"=snti386.dll
"vidc.tscc"=tsccvid.dll
"vidc.yv12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.wmv3"=wmv9vcm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.XVID"=xvidvfw.dll
"vidc.SVLC"=svlcvid.dll
======File associations======
.inf - install -
======List of files/folders created in the last 1 month======
2011-07-25 21:25:50 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-25 21:25:40 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-25 21:06:24 ----D---- C:\Program Files\trend micro
2011-07-25 21:06:23 ----D---- C:\rsit
2011-07-24 13:41:55 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-23 15:47:24 ----A---- C:\WINDOWS\system32\drivers\INTELPPM.SYS
2011-07-23 15:20:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-07-23 14:55:53 ----D---- C:\WINDOWS\Prefetch
2011-07-22 19:43:10 ----D---- C:\WINDOWS\rpcminer
2011-07-22 19:43:10 ----D---- C:\WINDOWS\phoenix
2011-07-22 19:40:32 ----D---- C:\Program Files\Microsoft Security Client
2011-07-22 19:40:14 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-07-22 19:39:47 ----D---- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 19:39:32 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-22 19:37:17 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-22 19:36:51 ----A---- C:\WINDOWS\unrar.exe
2011-07-22 19:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$
2011-07-22 19:35:28 ----A---- C:\WINDOWS\iplist.txt
2011-07-22 19:35:11 ----D---- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 19:32:55 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-22 18:23:34 ----D---- C:\WINDOWS\av_ico
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-22 18:09:21 ----A---- C:\WINDOWS\winlog-dirs.txt
======List of files/folders modified in the last 1 month======
2011-07-26 14:04:47 ----D---- C:\Documents and Settings\Tuf\Data aplikací\uTorrent
2011-07-26 14:04:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 14:03:54 ----D---- C:\WINDOWS\Temp
2011-07-26 14:03:31 ----SD---- C:\WINDOWS\Tasks
2011-07-26 14:03:29 ----D---- C:\Documents and Settings\Tuf\Data aplikací\OpenOffice.org2
2011-07-26 14:02:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-26 12:02:12 ----D---- C:\TEMP
2011-07-26 12:01:48 ----D---- C:\WINDOWS
2011-07-26 12:00:58 ----D---- C:\WINDOWS\msagent
2011-07-26 12:00:57 ----D---- C:\WINDOWS\system32\drivers
2011-07-25 21:25:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-25 21:06:24 ----D---- C:\Program Files
2011-07-23 21:25:08 ----D---- C:\Documents and Settings\Tuf\Data aplikací\dvdcss
2011-07-23 15:48:52 ----D---- C:\WINDOWS\system32
2011-07-23 15:47:41 ----D---- C:\WINDOWS\system32\config
2011-07-23 15:47:26 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-23 15:16:02 ----SHD---- C:\WINDOWS\Installer
2011-07-23 15:16:02 ----HD---- C:\Config.Msi
2011-07-23 15:15:45 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-22 19:45:30 ----A---- C:\boot.ini
2011-07-22 19:44:50 ----SHD---- C:\System Volume Information
2011-07-22 19:41:54 ----HD---- C:\WINDOWS\inf
2011-07-22 19:36:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-22 19:36:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-16 22:05:57 ----D---- C:\Documents and Settings\Tuf\Data aplikací\ICQ
2011-07-10 17:13:39 ----D---- C:\Documents and Settings\Tuf\Data aplikací\PriceGong
2011-06-30 11:42:17 ----D---- C:\Program Files\ICQ7.5
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2006-08-25 36528]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-31 717296]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2004-08-04 44672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2007-06-16 2944]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS [2011-07-23 39936]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslf6ae8042;MpKslf6ae8042; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKslf6ae8042.sys []
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 CX23880;WinFast CX2388x WDM Video Capture.; C:\WINDOWS\system32\drivers\cx88vid.sys [2005-06-28 163584]
R2 CXTUNE;WinFast CX2388x WDM TVTuner.; C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-06-28 30976]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-06-12 76288]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-20 2324480]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 CXAVXBAR;WinFast CX2388x WDM Crossbar.; C:\WINDOWS\system32\drivers\cxavxbar.sys [2005-06-28 9728]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51; C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [2004-11-05 32768]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S1 amphkgqz;amphkgqz; \??\C:\WINDOWS\system32\drivers\amphkgqz.sys []
S1 bcde;bcde; \??\C:\WINDOWS\system32\bcde.sys []
S1 dc59b889;dc59b889; C:\WINDOWS\System32\drivers\dc59b889.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 apebjsdx;apebjsdx; C:\WINDOWS\system32\drivers\apebjsdx.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-23 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2004-08-04 32768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-18 12416]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-11-27 75136]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 190448]
S2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe srv []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2007-07-28 79360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 fontcache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getplushelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-18 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2008-02-17 72704]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
1. Odinstalujte AskToolbar.
2. Dejte ještě log z ComboFix.
2. Dejte ještě log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
ComboFix 11-07-26.03 - Tuf 26.07.2011 22:14:46.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.330 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tuf\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Tuf\WINDOWS
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\IsUn0405.exe
c:\windows\phoenix.rar
c:\windows\rpcminer.rar
c:\windows\system32\drivers\atmapi.sys
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
-------\Service_srviecheck
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-22 17:43 . 2011-07-23 12:51 -------- d-----w- c:\windows\rpcminer
2011-07-22 17:43 . 2011-07-23 12:51 -------- d-----w- c:\windows\phoenix
2011-07-22 17:39 . 2011-07-22 17:42 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:36 . 2011-07-23 12:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-22 17:35 . 2011-07-22 17:37 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:23 . 2011-07-22 17:46 -------- d-----w- c:\windows\av_ico
2011-07-22 16:09 . 2011-07-22 16:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-25 21:35 . 2011-05-17 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2010-04-30 10:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2010-04-30 10:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2003-08-04 00:15 . 2007-02-05 21:48 40960 ----a-w- c:\program files\AuxSetup.exe
2003-04-25 23:29 . 2007-02-05 21:48 146944 ----a-w- c:\program files\SciLexer.dll
2002-11-14 18:55 . 2007-02-05 21:48 56832 ----a-w- c:\program files\AviSynthLexer.lexer
2011-06-26 18:44 . 2011-03-24 19:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408]
"uTorrent"="c:\documents and settings\Tuf\Plocha\utorrent.exe" [2011-03-29 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 348160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\documents and settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\program files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - c:\program files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2007 13:30 717296]
R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [16.6.2007 9:19 2944]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 18:56 35168]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19 21992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06 247608]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29 9446]
S1 amphkgqz;amphkgqz;\??\c:\windows\system32\drivers\amphkgqz.sys --> c:\windows\system32\drivers\amphkgqz.sys [?]
S1 bcde;bcde;\??\c:\windows\system32\bcde.sys --> c:\windows\system32\bcde.sys [?]
S1 dc59b889;dc59b889;c:\windows\system32\drivers\dc59b889.sys --> c:\windows\system32\drivers\dc59b889.sys [?]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2010-03-26 c:\windows\Tasks\Driver Fetch.job
- c:\program files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 09:51]
.
2011-07-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
2010-05-18 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 22:24
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\system32\wuapi.dll.mui.wusetup.188203.bak 25800 bytes executable
c:\windows\system32\wuapi.dll.wusetup.187000.bak 563912 bytes executable
c:\windows\system32\wuauclt.exe.wusetup.188609.bak 53448 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.194187.bak 1811656 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 4
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3344)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\programs\CMFFld80.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\program files\OpenOffice.org 2.0\program\soffice.exe
c:\program files\OpenOffice.org 2.0\program\soffice.BIN
.
**************************************************************************
.
Celkový čas: 2011-07-26 22:30:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 20:30
.
Před spuštěním: 8 093 310 976
Po spuštění: 8 052 854 784
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=AlwaysOff
.
- - End Of File - - 2ED4FECE871ECCE5DE3C88CBD812271F
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.330 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tuf\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Tuf\WINDOWS
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\IsUn0405.exe
c:\windows\phoenix.rar
c:\windows\rpcminer.rar
c:\windows\system32\drivers\atmapi.sys
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\ufa.rar
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
-------\Service_srviecheck
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-22 17:43 . 2011-07-23 12:51 -------- d-----w- c:\windows\rpcminer
2011-07-22 17:43 . 2011-07-23 12:51 -------- d-----w- c:\windows\phoenix
2011-07-22 17:39 . 2011-07-22 17:42 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:36 . 2011-07-23 12:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-22 17:35 . 2011-07-22 17:37 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:23 . 2011-07-22 17:46 -------- d-----w- c:\windows\av_ico
2011-07-22 16:09 . 2011-07-22 16:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-25 21:35 . 2011-05-17 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2010-04-30 10:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2010-04-30 10:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2003-08-04 00:15 . 2007-02-05 21:48 40960 ----a-w- c:\program files\AuxSetup.exe
2003-04-25 23:29 . 2007-02-05 21:48 146944 ----a-w- c:\program files\SciLexer.dll
2002-11-14 18:55 . 2007-02-05 21:48 56832 ----a-w- c:\program files\AviSynthLexer.lexer
2011-06-26 18:44 . 2011-03-24 19:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408]
"uTorrent"="c:\documents and settings\Tuf\Plocha\utorrent.exe" [2011-03-29 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 348160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\documents and settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\program files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - c:\program files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2007 13:30 717296]
R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [16.6.2007 9:19 2944]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 18:56 35168]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19 21992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06 247608]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29 9446]
S1 amphkgqz;amphkgqz;\??\c:\windows\system32\drivers\amphkgqz.sys --> c:\windows\system32\drivers\amphkgqz.sys [?]
S1 bcde;bcde;\??\c:\windows\system32\bcde.sys --> c:\windows\system32\bcde.sys [?]
S1 dc59b889;dc59b889;c:\windows\system32\drivers\dc59b889.sys --> c:\windows\system32\drivers\dc59b889.sys [?]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2010-03-26 c:\windows\Tasks\Driver Fetch.job
- c:\program files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 09:51]
.
2011-07-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
2010-05-18 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 22:24
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\system32\wuapi.dll.mui.wusetup.188203.bak 25800 bytes executable
c:\windows\system32\wuapi.dll.wusetup.187000.bak 563912 bytes executable
c:\windows\system32\wuauclt.exe.wusetup.188609.bak 53448 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.194187.bak 1811656 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 4
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3344)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\programs\CMFFld80.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\program files\OpenOffice.org 2.0\program\soffice.exe
c:\program files\OpenOffice.org 2.0\program\soffice.BIN
.
**************************************************************************
.
Celkový čas: 2011-07-26 22:30:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 20:30
.
Před spuštěním: 8 093 310 976
Po spuštění: 8 052 854 784
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=AlwaysOff
.
- - End Of File - - 2ED4FECE871ECCE5DE3C88CBD812271F
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\unrar.exe
c:\windows\system32\wuapi.dll.mui.wusetup.188203.bak
c:\windows\system32\wuapi.dll.wusetup.187000.bak
c:\windows\system32\wuauclt.exe.wusetup.188609.bak
c:\windows\system32\wuaueng.dll.wusetup.194187.bak
Folder::
c:\windows\rpcminer
c:\windows\phoenix
c:\windows\av_ico
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
ComboFix 11-07-26.03 - Tuf 26.07.2011 22:59:09.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.580 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tuf\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tuf\Plocha\CFScript.txt
.
file zipped: c:\windows\system32\wuauclt.exe.wusetup.188609.bak
file zipped: c:\windows\system32\wuaueng.dll.wusetup.194187.bak
file zipped: c:\windows\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\wuauclt.exe.wusetup.188609.bak
c:\windows\system32\wuaueng.dll.wusetup.194187.bak
c:\windows\unrar.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-25 19:25 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 19:25 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-25 19:06 . 2011-07-26 12:04 -------- d-----w- c:\program files\trend micro
2011-07-25 19:06 . 2011-07-25 19:06 -------- d-----w- C:\rsit
2011-07-23 13:47 . 2011-07-23 13:47 39936 ----a-w- c:\windows\system32\drivers\INTELPPM.SYS
2011-07-23 13:20 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-07-22 17:39 . 2011-07-22 17:42 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:35 . 2011-07-22 17:37 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:09 . 2011-07-22 16:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-25 21:35 . 2011-05-17 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2010-04-30 10:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2010-04-30 10:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2003-08-04 00:15 . 2007-02-05 21:48 40960 ----a-w- c:\program files\AuxSetup.exe
2003-04-25 23:29 . 2007-02-05 21:48 146944 ----a-w- c:\program files\SciLexer.dll
2002-11-14 18:55 . 2007-02-05 21:48 56832 ----a-w- c:\program files\AviSynthLexer.lexer
2011-06-26 18:44 . 2011-03-24 19:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-26_20.24.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-26 21:08 . 2011-07-26 21:08 16384 c:\windows\Temp\Perflib_Perfdata_62c.dat
+ 2007-07-30 17:19 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2006-12-21 17:43 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2006-12-21 17:43 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408]
"uTorrent"="c:\documents and settings\Tuf\Plocha\utorrent.exe" [2011-03-29 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 348160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\documents and settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\program files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - c:\program files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2007 13:30 717296]
R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [16.6.2007 9:19 2944]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 18:56 35168]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19 21992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06 247608]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29 9446]
S1 amphkgqz;amphkgqz;\??\c:\windows\system32\drivers\amphkgqz.sys --> c:\windows\system32\drivers\amphkgqz.sys [?]
S1 bcde;bcde;\??\c:\windows\system32\bcde.sys --> c:\windows\system32\bcde.sys [?]
S1 dc59b889;dc59b889;c:\windows\system32\drivers\dc59b889.sys --> c:\windows\system32\drivers\dc59b889.sys [?]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2010-03-26 c:\windows\Tasks\Driver Fetch.job
- c:\program files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 09:51]
.
2011-07-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
2010-05-18 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 23:09
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2068)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\programs\CMFFld80.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\SOUNDMAN.EXE
c:\program files\OpenOffice.org 2.0\program\soffice.exe
c:\program files\OpenOffice.org 2.0\program\soffice.BIN
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 23:13:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 21:13
ComboFix2.txt 2011-07-26 20:30
.
Před spuštěním: 8 380 571 648
Po spuštění: 8 354 164 736
.
- - End Of File - - F95A84BCF40A707A91AF2DFC44C4E361
Nahr nˇ probŘhlo ŁspŘçnŘ
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.580 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tuf\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tuf\Plocha\CFScript.txt
.
file zipped: c:\windows\system32\wuauclt.exe.wusetup.188609.bak
file zipped: c:\windows\system32\wuaueng.dll.wusetup.194187.bak
file zipped: c:\windows\unrar.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\av_ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\rpcminer
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\wuauclt.exe.wusetup.188609.bak
c:\windows\system32\wuaueng.dll.wusetup.194187.bak
c:\windows\unrar.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-25 19:25 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 19:25 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-25 19:06 . 2011-07-26 12:04 -------- d-----w- c:\program files\trend micro
2011-07-25 19:06 . 2011-07-25 19:06 -------- d-----w- C:\rsit
2011-07-23 13:47 . 2011-07-23 13:47 39936 ----a-w- c:\windows\system32\drivers\INTELPPM.SYS
2011-07-23 13:20 . 2011-05-24 17:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-07-22 17:39 . 2011-07-22 17:42 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:35 . 2011-07-22 17:37 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:09 . 2011-07-22 16:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-25 21:35 . 2011-05-17 09:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52 . 2010-04-30 10:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2010-04-30 10:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2003-08-04 00:15 . 2007-02-05 21:48 40960 ----a-w- c:\program files\AuxSetup.exe
2003-04-25 23:29 . 2007-02-05 21:48 146944 ----a-w- c:\program files\SciLexer.dll
2002-11-14 18:55 . 2007-02-05 21:48 56832 ----a-w- c:\program files\AviSynthLexer.lexer
2011-06-26 18:44 . 2011-03-24 19:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-26_20.24.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-26 21:08 . 2011-07-26 21:08 16384 c:\windows\Temp\Perflib_Perfdata_62c.dat
+ 2007-07-30 17:19 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2006-12-21 17:43 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2006-12-21 17:43 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 94208]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 39408]
"uTorrent"="c:\documents and settings\Tuf\Plocha\utorrent.exe" [2011-03-29 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 77824]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 348160]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\documents and settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - c:\program files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - c:\program files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2007 13:30 717296]
R1 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [16.6.2007 9:19 2944]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [10.6.2008 18:56 35168]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19 21992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06 247608]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29 9446]
S1 amphkgqz;amphkgqz;\??\c:\windows\system32\drivers\amphkgqz.sys --> c:\windows\system32\drivers\amphkgqz.sys [?]
S1 bcde;bcde;\??\c:\windows\system32\bcde.sys --> c:\windows\system32\bcde.sys [?]
S1 dc59b889;dc59b889;c:\windows\system32\drivers\dc59b889.sys --> c:\windows\system32\drivers\dc59b889.sys [?]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> c:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2010-03-26 c:\windows\Tasks\Driver Fetch.job
- c:\program files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 09:51]
.
2011-07-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05]
.
2011-07-26 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
2010-05-18 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-02-23 19:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 23:09
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
.
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2068)
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\programs\CMFFld80.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\SOUNDMAN.EXE
c:\program files\OpenOffice.org 2.0\program\soffice.exe
c:\program files\OpenOffice.org 2.0\program\soffice.BIN
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 23:13:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 21:13
ComboFix2.txt 2011-07-26 20:30
.
Před spuštěním: 8 380 571 648
Po spuštění: 8 354 164 736
.
- - End Of File - - F95A84BCF40A707A91AF2DFC44C4E361
Nahr nˇ probŘhlo ŁspŘçnŘ
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: FB vir
Bohužel není. Spusťte CF ještě jednou tímto skriptem:Deny7 píše:je to Ok?
Collect::
c:\windows\system32\drivers\amphkgqz.sys
c:\windows\system32\bcde.sys
c:\windows\system32\drivers\dc59b889.sys
Driver::
amphkgqz
bcde
dc59b889
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: FB vir
ComboFix 11-07-28.01 - Tuf 28.07.2011 15:27:35.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.437 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Tuf\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Tuf\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000012_.tmp.dll
C:\WINDOWS\system32\_000020_.tmp.dll
C:\WINDOWS\system32\_000021_.tmp.dll
C:\WINDOWS\system32\_000022_.tmp.dll
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BCDE
-------\Service_amphkgqz
-------\Service_bcde
-------\Service_dc59b889
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
2011-07-28 11:52:06 . 2011-07-28 11:52:06 -------- d-----w- C:\WINDOWS\system32\KB905474
2011-07-28 11:25:14 . 2011-07-28 11:57:32 -------- d-----w- C:\WINDOWS\ie8updates
2011-07-27 10:19:48 . 2011-07-27 10:19:48 -------- d-----w- C:\Program Files\ESET
2011-07-27 10:19:48 . 2011-07-27 10:19:48 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-07-27 10:03:06 . 2010-05-06 10:35:31 55296 -c----w- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2011-07-27 10:03:05 . 2010-05-06 10:35:31 599040 -c----w- C:\WINDOWS\system32\dllcache\msfeeds.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:35 12800 -c----w- C:\WINDOWS\system32\dllcache\xpshims.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:30 247808 -c----w- C:\WINDOWS\system32\dllcache\ieproxy.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:27 743424 -c----w- C:\WINDOWS\system32\dllcache\iedvtool.dll
2011-07-27 10:03:00 . 2010-05-06 10:35:30 1985536 -c----w- C:\WINDOWS\system32\dllcache\iertutil.dll
2011-07-27 10:02:56 . 2010-05-06 10:35:29 11076096 -c----w- C:\WINDOWS\system32\dllcache\ieframe.dll
2011-07-27 10:02:44 . 2010-02-12 10:03:03 293376 ------w- C:\WINDOWS\system32\browserchoice.exe
2011-07-27 10:02:38 . 2010-02-24 12:31:30 454016 -c----w- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2011-07-25 19:25:50 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-25 19:25:40 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-25 19:06:24 . 2011-07-26 12:04:54 -------- d-----w- C:\Program Files\trend micro
2011-07-25 19:06:23 . 2011-07-25 19:06:35 -------- d-----w- C:\rsit
2011-07-23 13:47:24 . 2011-07-23 13:47:24 39936 ----a-w- C:\WINDOWS\system32\drivers\INTELPPM.SYS
2011-07-23 13:20:02 . 2011-05-24 17:14:10 222080 ------w- C:\WINDOWS\system32\MpSigStub.exe
2011-07-22 17:39:47 . 2011-07-22 17:42:38 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:35:11 . 2011-07-22 17:37:11 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:09:21 . 2011-07-22 16:09:21 -------- d-----w- C:\Documents and Settings\LocalService\Nabídka Start
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-06-25 21:35:35 . 2011-05-17 09:06:32 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52:22 . 2010-04-30 10:30:11 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2011-05-04 00:25:49 . 2010-04-30 10:30:11 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2003-08-04 00:15:42 . 2007-02-05 21:48:02 40960 ----a-w- C:\Program Files\AuxSetup.exe
2003-04-25 23:29:02 . 2007-02-05 21:48:02 146944 ----a-w- C:\Program Files\SciLexer.dll
2002-11-14 18:55:16 . 2007-02-05 21:48:03 56832 ----a-w- C:\Program Files\AviSynthLexer.lexer
2011-06-26 18:44:11 . 2011-03-24 19:34:50 142296 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((( SnapShot@2011-07-26_20.24.35 )))))))))))))))))))))))))))))))))))))))))
+ 2009-06-28 21:42:42 . 2009-06-28 21:42:42 91656 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2011-07-28 13:41:33 . 2011-07-28 13:41:33 16384 C:\WINDOWS\Temp\Perflib_Perfdata_798.dat
+ 2007-07-30 17:19:12 . 2009-08-06 17:24:10 44768 C:\WINDOWS\system32\wups2.dll
+ 2006-12-21 17:43:41 . 2009-08-06 17:24:10 35552 C:\WINDOWS\system32\wups.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 59392 C:\WINDOWS\system32\wdigest.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:42 50176 C:\WINDOWS\system32\utilman.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 50176 C:\WINDOWS\system32\utilman.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:39:21 36352 C:\WINDOWS\system32\umandlg.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 36352 C:\WINDOWS\system32\umandlg.dll
+ 2008-07-14 11:09:18 . 2010-04-21 13:28:50 46080 C:\WINDOWS\system32\tzchange.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:48 81408 C:\WINDOWS\system32\tlntsess.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:50 78336 C:\WINDOWS\system32\telnet.exe
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 56320 C:\WINDOWS\system32\secur32.dll
+ 2004-08-18 12:00:00 . 2009-02-06 16:54:36 35328 C:\WINDOWS\system32\sc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 69632 C:\WINDOWS\system32\raschap.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 69632 C:\WINDOWS\system32\raschap.dll
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 87282 C:\WINDOWS\system32\perfc009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 87282 C:\WINDOWS\system32\perfc009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 99088 C:\WINDOWS\system32\perfc005.dat
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 99088 C:\WINDOWS\system32\perfc005.dat
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:41 54784 C:\WINDOWS\system32\narrator.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 54784 C:\WINDOWS\system32\narrator.exe
+ 2009-11-05 20:17:22 . 2009-11-05 20:17:22 11600 C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 91648 C:\WINDOWS\system32\mtxoci.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 66560 C:\WINDOWS\system32\mtxclu.dll
+ 2004-08-18 12:00:00 . 2008-06-12 14:19:27 66560 C:\WINDOWS\system32\mtxclu.dll
+ 2004-08-17 15:49:14 . 2009-11-27 17:35:52 17920 C:\WINDOWS\system32\msyuv.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 28672 C:\WINDOWS\system32\msvidc32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 11264 C:\WINDOWS\system32\msrle32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 11264 C:\WINDOWS\system32\msrle32.dll
- 2009-03-08 02:31:52 . 2009-03-08 02:31:52 55296 C:\WINDOWS\system32\msfeedsbs.dll
+ 2009-03-08 02:31:52 . 2010-05-06 10:35:31 55296 C:\WINDOWS\system32\msfeedsbs.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 58880 C:\WINDOWS\system32\msdtclog.dll
- 2006-12-21 17:41:39 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\msdtclog.dll
+ 2004-08-18 12:00:00 . 2009-09-04 20:47:46 58880 C:\WINDOWS\system32\msasn1.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 48640 C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 48640 C:\WINDOWS\system32\mqupgrd.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 95744 C:\WINDOWS\system32\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 95744 C:\WINDOWS\system32\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 16896 C:\WINDOWS\system32\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 16896 C:\WINDOWS\system32\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 47104 C:\WINDOWS\system32\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 47104 C:\WINDOWS\system32\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 19968 C:\WINDOWS\system32\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 19968 C:\WINDOWS\system32\mqbkup.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 72704 C:\WINDOWS\system32\magnify.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 72704 C:\WINDOWS\system32\magnify.exe
- 2004-08-18 12:00:00 . 2009-03-08 02:33:26 25600 C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:31 25600 C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-17 15:49:10 . 2009-11-27 16:40:13 48128 C:\WINDOWS\system32\iyuv_32.dll
+ 2004-08-18 12:00:00 . 2009-10-15 17:22:45 82432 C:\WINDOWS\system32\fontsub.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:48:44 91776 C:\WINDOWS\system32\drivers\mqac.sys
+ 2004-08-18 12:00:00 . 2009-06-22 11:34:52 92544 C:\WINDOWS\system32\drivers\ksecdd.sys
+ 2008-06-10 16:56:10 . 2010-12-21 11:47:38 94872 C:\WINDOWS\system32\drivers\epfwtdir.sys
+ 2006-12-21 17:43:41 . 2009-08-06 17:24:10 35552 C:\WINDOWS\system32\dllcache\wups.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 59392 C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:42 50176 C:\WINDOWS\system32\dllcache\utilman.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 50176 C:\WINDOWS\system32\dllcache\utilman.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:39:21 36352 C:\WINDOWS\system32\dllcache\umandlg.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 36352 C:\WINDOWS\system32\dllcache\umandlg.dll
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:48 81408 C:\WINDOWS\system32\dllcache\tlntsess.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:50 78336 C:\WINDOWS\system32\dllcache\telnet.exe
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 56320 C:\WINDOWS\system32\dllcache\secur32.dll
+ 2004-08-18 12:00:00 . 2009-02-06 16:54:36 35328 C:\WINDOWS\system32\dllcache\sc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 69632 C:\WINDOWS\system32\dllcache\raschap.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 69632 C:\WINDOWS\system32\dllcache\raschap.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:41 54784 C:\WINDOWS\system32\dllcache\narrator.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 54784 C:\WINDOWS\system32\dllcache\narrator.exe
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 91648 C:\WINDOWS\system32\dllcache\mtxoci.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 66560 C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2004-08-18 12:00:00 . 2008-06-12 14:19:27 66560 C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2004-08-17 15:49:14 . 2009-11-27 17:35:52 17920 C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 28672 C:\WINDOWS\system32\dllcache\msvidc32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 11264 C:\WINDOWS\system32\dllcache\msrle32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 11264 C:\WINDOWS\system32\dllcache\msrle32.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 58880 C:\WINDOWS\system32\dllcache\msdtclog.dll
- 2006-12-21 17:41:39 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\dllcache\msdtclog.dll
+ 2004-08-18 12:00:00 . 2009-09-04 20:47:46 58880 C:\WINDOWS\system32\dllcache\msasn1.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 48640 C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 48640 C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 95744 C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 95744 C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 16896 C:\WINDOWS\system32\dllcache\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 16896 C:\WINDOWS\system32\dllcache\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 47104 C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 47104 C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 19968 C:\WINDOWS\system32\dllcache\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 19968 C:\WINDOWS\system32\dllcache\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:48:44 91776 C:\WINDOWS\system32\dllcache\mqac.sys
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 72704 C:\WINDOWS\system32\dllcache\magnify.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 72704 C:\WINDOWS\system32\dllcache\magnify.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:34:52 92544 C:\WINDOWS\system32\dllcache\ksecdd.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:31 25600 C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:26 25600 C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-17 15:49:10 . 2009-11-27 16:40:13 48128 C:\WINDOWS\system32\dllcache\iyuv_32.dll
+ 2004-08-18 12:00:00 . 2009-10-15 17:22:45 82432 C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2004-08-18 12:00:00 . 2009-12-14 07:37:45 33280 C:\WINDOWS\system32\dllcache\csrsrv.dll
+ 2006-12-21 17:41:38 . 2005-07-26 04:42:50 60416 C:\WINDOWS\system32\dllcache\colbact.dll
+ 2004-08-18 12:00:00 . 2010-01-13 14:10:55 85504 C:\WINDOWS\system32\dllcache\cabview.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 84992 C:\WINDOWS\system32\dllcache\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 84992 C:\WINDOWS\system32\dllcache\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-07-17 18:57:54 58880 C:\WINDOWS\system32\dllcache\atl.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\dllcache\atl.dll
+ 2004-08-18 12:00:00 . 2010-03-05 14:57:11 65536 C:\WINDOWS\system32\dllcache\asycfilt.dll
+ 2004-08-18 12:00:00 . 2009-12-14 07:37:45 33280 C:\WINDOWS\system32\csrsrv.dll
+ 2006-12-21 17:41:38 . 2005-07-26 04:42:50 60416 C:\WINDOWS\system32\colbact.dll
+ 2004-08-18 12:00:00 . 2010-01-13 14:10:55 85504 C:\WINDOWS\system32\cabview.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 84992 C:\WINDOWS\system32\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 84992 C:\WINDOWS\system32\avifil32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\atl.dll
+ 2004-08-18 12:00:00 . 2009-07-17 18:57:54 58880 C:\WINDOWS\system32\atl.dll
+ 2004-08-18 12:00:00 . 2010-03-05 14:57:11 65536 C:\WINDOWS\system32\asycfilt.dll
+ 2009-06-24 17:56:06 . 2009-06-24 17:56:06 73728 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-04-01 09:42:58 . 2010-04-01 09:42:58 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 12:51:24 . 2010-03-31 12:51:24 77824 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:58:02 . 2007-04-13 18:58:02 77824 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:57:58 . 2007-04-13 18:57:58 86016 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51:20 . 2010-03-31 12:51:20 86016 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51:14 . 2010-03-31 12:51:14 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 18:57:52 . 2007-04-13 18:57:52 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 13:32:08 . 2010-03-31 13:32:08 32768 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 19:30:52 . 2007-04-13 19:30:52 32768 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:19:42 . 2003-02-20 18:19:42 24576 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32:10 . 2010-03-31 13:32:10 24576 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-28 11:18:01 . 2011-07-28 11:18:01 32768 C:\WINDOWS\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-07-28 11:18:12 . 2011-07-28 11:18:12 32768 C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2011-07-27 10:21:27 . 2011-07-27 10:21:27 10134 C:\WINDOWS\Installer\{204BB4EF-68AC-454B-857E-431336B4188A}\callmsi.exe
+ 2011-07-28 11:31:24 . 2009-03-08 02:33:18 12288 C:\WINDOWS\ie8updates\KB982381-IE8\xpshims.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:31:52 55296 C:\WINDOWS\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:33:26 25600 C:\WINDOWS\ie8updates\KB982381-IE8\jsproxy.dll
+ 2009-11-27 17:35:52 . 2009-11-27 17:35:52 17920 C:\WINDOWS\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:40:13 . 2009-11-27 16:40:13 48128 C:\WINDOWS\Driver Cache\i386\iyuv_32.dll
+ 2011-07-28 11:55:09 . 2011-07-28 11:55:09 90112 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_887aa983\System.Drawing.Design.dll
+ 2011-07-28 11:55:07 . 2011-07-28 11:55:07 61440 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_59e29662\CustomMarshalers.dll
+ 2011-07-28 12:08:27 . 2011-07-28 12:08:27 94208 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\3f3ff3edbe8ba918c7b91c5c6dd0c37a\System.ComponentModel.DataAnnotations.ni.dll
- 2010-02-19 13:08:58 . 2010-02-19 13:08:58 77824 C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-28 11:23:07 . 2011-07-28 11:23:07 77824 C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-28 11:23:10 . 2011-07-28 11:23:10 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-02-19 13:09:01 . 2010-02-19 13:09:01 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-02-19 13:10:03 . 2010-02-19 13:10:03 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:30 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 32768 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-02-19 13:09:06 . 2010-02-19 13:09:06 32768 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 12800 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-07-28 11:23:17 . 2011-07-28 11:23:17 12800 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-07-28 11:23:17 . 2011-07-28 11:23:17 28672 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 28672 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-02-19 13:10:00 . 2010-02-19 13:10:00 77824 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-28 11:23:26 . 2011-07-28 11:23:26 77824 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-28 11:23:22 . 2011-07-28 11:23:22 36864 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-02-19 13:09:23 . 2010-02-19 13:09:23 36864 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 77824 C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 77824 C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 13312 C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 13312 C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 10752 C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-19 13:09:03 . 2010-02-19 13:09:03 10752 C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-19 13:09:08 . 2010-02-19 13:09:08 72192 C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 72192 C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 69120 C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 69120 C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-28 11:54:15 . 2011-07-28 11:54:15 81920 C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 8192 C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 8192 C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2001-10-24 12:25:04 . 2009-11-27 16:40:13 8704 C:\WINDOWS\system32\tsbyuv.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 4608 C:\WINDOWS\system32\mqsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:04 4608 C:\WINDOWS\system32\mqsvc.exe
+ 2001-10-24 12:25:04 . 2009-11-27 16:40:13 8704 C:\WINDOWS\system32\dllcache\tsbyuv.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 4608 C:\WINDOWS\system32\dllcache\mqsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:04 4608 C:\WINDOWS\system32\dllcache\mqsvc.exe
+ 2009-11-27 16:40:13 . 2009-11-27 16:40:13 8704 C:\WINDOWS\Driver Cache\i386\tsbyuv.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 7168 C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 7168 C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-02-19 13:10:21 . 2010-02-19 13:10:21 5632 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:29 5632 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 6656 C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 6656 C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 8192 C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 8192 C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 113664 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 113664 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 258048 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 258048 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-07-03 09:42:26 . 2008-08-19 09:51:28 358912 C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:42:26 . 2009-04-15 09:55:59 358912 C:\WINDOWS\system32\xpsp3res.dll
+ 2004-08-18 12:00:00 . 2009-04-01 21:02:22 604160 C:\WINDOWS\system32\wmspdmod.dll
+ 2006-10-18 20:47:20 . 2008-06-24 16:12:58 295936 C:\WINDOWS\system32\wmpeffects.dll
- 2006-10-18 20:47:20 . 2006-10-18 20:47:20 295936 C:\WINDOWS\system32\wmpeffects.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 286208 C:\WINDOWS\system32\wmpdxm.dll
+ 2004-08-18 12:00:00 . 2008-06-18 03:03:08 938496 C:\WINDOWS\system32\WMNetmgr.dll
+ 2004-08-18 12:00:00 . 2007-10-25 07:28:30 222720 C:\WINDOWS\system32\wmasf.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 132096 C:\WINDOWS\system32\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-06-10 06:31:43 132096 C:\WINDOWS\system32\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-12-24 07:07:42 177664 C:\WINDOWS\system32\wintrust.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 916480 C:\WINDOWS\system32\wininet.dll
+ 2004-08-18 12:00:00 . 2008-12-16 12:50:55 351232 C:\WINDOWS\system32\winhttp.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 351232 C:\WINDOWS\system32\winhttp.dll
+ 2006-12-21 17:41:35 . 2009-02-06 16:39:29 227840 C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2006-12-21 17:41:35 . 2009-02-09 10:22:07 453120 C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2006-12-21 17:41:31 . 2009-02-09 10:22:07 473088 C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:06 420352 C:\WINDOWS\system32\vbscript.dll
+ 2004-08-18 12:00:00 . 2010-03-10 06:17:40 420352 C:\WINDOWS\system32\vbscript.dll
+ 2004-08-18 12:00:00 . 2009-10-15 20:52:46 119808 C:\WINDOWS\system32\t2embed.dll
+ 2004-08-18 12:00:00 . 2009-08-26 08:16:32 247326 C:\WINDOWS\system32\strmdll.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 168448 C:\WINDOWS\system32\schannel.dll
- 2004-08-18 12:00:00 . 2008-08-20 05:38:45 474112 C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-12-08 09:13:23 474112 C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 169472 C:\WINDOWS\system32\Setup\msmqocm.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:11:38 111104 C:\WINDOWS\system32\services.exe
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:08 399360 C:\WINDOWS\system32\rpcss.dll
+ 2004-08-18 12:00:00 . 2009-04-15 15:18:21 584192 C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 112640 C:\WINDOWS\system32\rastls.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 112640 C:\WINDOWS\system32\rastls.dll
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 479248 C:\WINDOWS\system32\perfh009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 479248 C:\WINDOWS\system32\perfh009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 475976 C:\WINDOWS\system32\perfh005.dat
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 475976 C:\WINDOWS\system32\perfh005.dat
+ 2004-08-18 12:00:00 . 2009-03-06 14:47:43 283648 C:\WINDOWS\system32\pdh.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 283648 C:\WINDOWS\system32\pdh.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 216064 C:\WINDOWS\system32\osk.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 216064 C:\WINDOWS\system32\osk.exe
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 206848 C:\WINDOWS\system32\occache.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 267776 C:\WINDOWS\system32\oakley.dll
+ 2004-08-18 12:00:00 . 2009-10-13 10:53:28 267776 C:\WINDOWS\system32\oakley.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 709632 C:\WINDOWS\system32\ntdll.dll
+ 2004-08-18 12:00:00 . 2009-08-05 09:07:44 205312 C:\WINDOWS\system32\mswebdvd.dll
+ 2004-08-18 12:00:00 . 2009-09-11 14:35:41 133632 C:\WINDOWS\system32\msv1_0.dll
+ 2006-12-21 17:41:42 . 2009-06-05 07:46:32 655872 C:\WINDOWS\system32\mstscax.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:04 611840 C:\WINDOWS\system32\mstime.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 611840 C:\WINDOWS\system32\mstime.dll
+ 2004-08-18 12:00:00 . 2006-12-04 14:21:50 414720 C:\WINDOWS\system32\msscp.dll
- 2006-12-21 17:41:43 . 2004-08-18 12:00:00 343552 C:\WINDOWS\system32\mspaint.exe
+ 2006-12-21 17:41:43 . 2009-12-17 08:00:39 343552 C:\WINDOWS\system32\mspaint.exe
+ 2009-03-08 02:32:26 . 2010-05-06 10:35:31 599040 C:\WINDOWS\system32\msfeeds.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 161792 C:\WINDOWS\system32\msdtcuiu.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 956928 C:\WINDOWS\system32\msdtctm.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 428032 C:\WINDOWS\system32\msdtcprx.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 489472 C:\WINDOWS\system32\mqutil.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 489472 C:\WINDOWS\system32\mqutil.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 186880 C:\WINDOWS\system32\mqtrig.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 186880 C:\WINDOWS\system32\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 117248 C:\WINDOWS\system32\mqtgsvc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 117248 C:\WINDOWS\system32\mqtgsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 517120 C:\WINDOWS\system32\mqsnap.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 123392 C:\WINDOWS\system32\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 123392 C:\WINDOWS\system32\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 177152 C:\WINDOWS\system32\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 177152 C:\WINDOWS\system32\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 661504 C:\WINDOWS\system32\mqqm.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 225280 C:\WINDOWS\system32\mqoa.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 225280 C:\WINDOWS\system32\mqoa.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 138240 C:\WINDOWS\system32\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 138240 C:\WINDOWS\system32\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 723456 C:\WINDOWS\system32\lsasrv.dll
- 2004-08-18 12:00:00 . 2006-10-18 19:03:58 100864 C:\WINDOWS\system32\logagent.exe
+ 2004-08-18 12:00:00 . 2008-06-17 23:09:22 100864 C:\WINDOWS\system32\logagent.exe
+ 2004-08-18 12:00:00 . 2009-05-07 15:44:45 345088 C:\WINDOWS\system32\localspl.dll
+ 2004-08-18 12:00:00 . 2009-03-21 14:21:21 984576 C:\WINDOWS\system32\kernel32.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 298496 C:\WINDOWS\system32\kerberos.dll
+ 2011-07-28 11:52:06 . 2009-03-10 20:18:08 454024 C:\WINDOWS\system32\KB905474\wgasetup.exe
- 2004-08-18 12:00:00 . 2009-03-08 02:33:16 726528 C:\WINDOWS\system32\jscript.dll
+ 2004-08-18 12:00:00 . 2009-12-09 05:55:34 726528 C:\WINDOWS\system32\jscript.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 683520 C:\WINDOWS\system32\inetcomm.dll
- 2006-12-21 17:43:22 . 2008-04-11 18:51:55 683520 C:\WINDOWS\system32\inetcomm.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:29 184320 C:\WINDOWS\system32\iepeers.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:26 387584 C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:54 173056 C:\WINDOWS\system32\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2010-05-05 13:30:57 173056 C:\WINDOWS\system32\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2008-10-23 13:01:53 283648 C:\WINDOWS\system32\gdi32.dll
+ 2006-12-21 18:34:23 . 2011-07-28 13:41:14 269392 C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-12-21 18:34:23 . 2011-05-06 10:45:33 269392 C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-18 12:00:00 . 2010-02-11 12:01:43 226880 C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2004-08-18 12:00:00 . 2009-12-31 16:14:12 352640 C:\WINDOWS\system32\drivers\srv.sys
+ 2004-08-18 12:00:00 . 2010-02-24 12:31:30 454016 C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2010-12-21 13:04:06 . 2010-12-21 13:04:06 115008 C:\WINDOWS\system32\drivers\ehdrv.sys
+ 2008-06-10 16:47:42 . 2010-12-21 13:04:06 141264 C:\WINDOWS\system32\drivers\eamon.sys
+ 2006-12-21 17:41:44 . 2008-04-21 21:28:17 216576 C:\WINDOWS\system32\dllcache\wordpad.exe
+ 2004-08-18 12:00:00 . 2009-04-01 21:02:22 604160 C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 286208 C:\WINDOWS\system32\dllcache\wmpdxm.dll
+ 2004-08-18 12:00:00 . 2008-06-18 03:03:08 938496 C:\WINDOWS\system32\dllcache\WMNetmgr.dll
+ 2006-12-21 17:41:35 . 2009-02-06 16:39:29 227840 C:\WINDOWS\system32\dllcache\wmiprvse.exe
+ 2006-12-21 17:41:35 . 2009-02-09 10:22:07 453120 C:\WINDOWS\system32\dllcache\wmiprvsd.dll
+ 2004-08-18 12:00:00 . 2007-10-25 07:28:30 222720 C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 132096 C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-06-10 06:31:43 132096 C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-12-24 07:07:42 177664 C:\WINDOWS\system32\dllcache\wintrust.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 916480 C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-18 12:00:00 . 2008-12-16 12:50:55 351232 C:\WINDOWS\system32\dllcache\winhttp.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 351232 C:\WINDOWS\system32\dllcache\winhttp.dll
+ 2004-08-18 12:00:00 . 2010-03-10 06:17:40 420352 C:\WINDOWS\system32\dllcache\vbscript.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:06 420352 C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2004-08-18 12:00:00 . 2007-06-27 13:31:34 317952 C:\WINDOWS\system32\dllcache\unregmp2.exe
- 2006-12-21 17:43:13 . 2004-08-18 12:00:00 153088 C:\WINDOWS\system32\dllcache\triedit.dll
+ 2006-12-21 17:43:13 . 2009-06-21 22:07:51 153088 C:\WINDOWS\system32\dllcache\triedit.dll
+ 2004-08-18 12:00:00 . 2010-02-11 12:01:43 226880 C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2004-08-18 12:00:00 . 2009-10-15 20:52:46 119808 C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2004-08-18 12:00:00 . 2009-08-26 08:16:32 247326 C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2004-08-18 12:00:00 . 2009-12-31 16:14:12 352640 C:\WINDOWS\system32\dllcache\srv.sys
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 168448 C:\WINDOWS\system32\dllcache\schannel.dll
+ 2004-08-18 12:00:00 . 2009-12-08 09:13:23 474112 C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-18 12:00:00 . 2008-08-20 05:38:45 474112 C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:11:38 111104 C:\WINDOWS\system32\dllcache\services.exe
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:08 399360 C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2004-08-18 12:00:00 . 2009-04-15 15:18:21 584192 C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 112640 C:\WINDOWS\system32\dllcache\rastls.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 112640 C:\WINDOWS\system32\dllcache\rastls.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 283648 C:\WINDOWS\system32\dllcache\pdh.dll
+ 2004-08-18 12:00:00 . 2009-03-06 14:47:43 283648 C:\WINDOWS\system32\dllcache\pdh.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 216064 C:\WINDOWS\system32\dllcache\osk.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 216064 C:\WINDOWS\system32\dllcache\osk.exe
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 206848 C:\WINDOWS\system32\dllcache\occache.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 267776 C:\WINDOWS\system32\dllcache\oakley.dll
+ 2004-08-18 12:00:00 . 2009-10-13 10:53:28 267776 C:\WINDOWS\system32\dllcache\oakley.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 709632 C:\WINDOWS\system32\dllcache\ntdll.dll
+ 2004-08-18 12:00:00 . 2009-08-05 09:07:44 205312 C:\WINDOWS\system32\dllcache\mswebdvd.dll
+ 2004-08-18 12:00:00 . 2009-09-11 14:35:41 133632 C:\WINDOWS\system32\dllcache\msv1_0.dll
+ 2006-12-21 17:41:42 . 2009-06-05 07:46:32 655872 C:\WINDOWS\system32\dllcache\mstscax.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 611840 C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:04 611840 C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-18 12:00:00 . 2006-12-04 14:21:50 414720 C:\WINDOWS\system32\dllcache\msscp.dll
- 2006-12-21 17:41:43 . 2004-08-18 12:00:00 343552 C:\WINDOWS\system32\dllcache\mspaint.exe
+ 2006-12-21 17:41:43 . 2009-12-17 08:00:39 343552 C:\WINDOWS\system32\dllcache\mspaint.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 169472 C:\WINDOWS\system32\dllcache\msmqocm.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 161792 C:\WINDOWS\system32\dllcache\msdtcuiu.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 956928 C:\WINDOWS\system32\dllcache\msdtctm.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 428032 C:\WINDOWS\system32\dllcache\msdtcprx.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 489472 C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 489472 C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 186880 C:\WINDOWS\system32\dllcache\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 186880 C:\WINDOWS\system32\dllcache\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 117248 C:\WINDOWS\system32\dllcache\mqtgsvc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 117248 C:\WINDOWS\system32\dllcache\mqtgsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 517120 C:\WINDOWS\system32\dllcache\mqsnap.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 123392 C:\WINDOWS\system32\dllcache\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 123392 C:\WINDOWS\system32\dllcache\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 177152 C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 177152 C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 661504 C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 225280 C:\WINDOWS\system32\dllcache\mqoa.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 225280 C:\WINDOWS\system32\dllcache\mqoa.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 138240 C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 138240 C:\WINDOWS\system32\dllcache\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 723456 C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-18 12:00:00 . 2006-10-18 19:03:58 100864 C:\WINDOWS\system32\dllcache\logagent.exe
+ 2004-08-18 12:00:00 . 2008-06-17 23:09:22 100864 C:\WINDOWS\system32\dllcache\logagent.exe
+ 2004-08-18 12:00:00 . 2009-05-07 15:44:45 345088 C:\WINDOWS\system32\dllcache\localspl.dll
+ 2004-08-18 12:00:00 . 2009-03-21 14:21:21 984576 C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 298496 C:\WINDOWS\system32\dllcache\kerberos.dll
+ 2004-08-18 12:00:00 . 2009-12-09 05:55:34 726528 C:\WINDOWS\system32\dllcache\jscript.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:16 726528 C:\WINDOWS\system32\dllcache\jscript.dll
- 2006-12-21 17:43:22 . 2008-04-11 18:51:55 683520 C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 683520 C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:29 184320 C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:26 387584 C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:54 173056 C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2010-05-05 13:30:57 173056 C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2006-12-21 17:43:30 . 2004-08-18 12:00:00 743936 C:\WINDOWS\system32\dllcache\helpsvc.exe
+ 2006-12-21 17:43:30 . 2010-06-14 14:30:28 743936 C:\WINDOWS\system32\dllcache\helpsvc.exe
+ 2004-08-18 12:00:00 . 2008-10-23 13:01:53 283648 C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2006-12-21 17:41:31 . 2009-02-09 10:22:07 473088 C:\WINDOWS\system32\dllcache\fastprox.dll
+ 2004-08-18 12:00:00 . 2010-04-20 05:48:33 285696 C:\WINDOWS\system32\dllcache\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 285696 C:\WINDOWS\system32\dllcache\atmfd.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 683520 C:\WINDOWS\system32\dllcache\advapi32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 683520 C:\WINDOWS\system32\dllcache\advapi32.dll
+ 2004-08-18 12:00:00 . 2009-11-21 16:46:21 470528 C:\WINDOWS\system32\dllcache\aclayers.dll
+ 2004-08-18 12:00:00 . 2010-02-12 04:47:01 100864 C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2004-08-18 12:00:00 . 2010-04-20 05:48:33 285696 C:\WINDOWS\system32\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 285696 C:\WINDOWS\system32\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 683520 C:\WINDOWS\system32\advapi32.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 683520 C:\WINDOWS\system32\advapi32.dll
+ 2004-08-18 12:00:00 . 2010-02-12 04:47:01 100864 C:\WINDOWS\system32\6to4svc.dll
+ 2006-12-21 17:43:30 . 2010-06-14 14:30:28 743936 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2006-12-21 17:43:30 . 2004-08-18 12:00:00 743936 C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
- 2008-07-25 10:17:00 . 2008-07-25 10:17:00 258048 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 10:22:48 . 2010-02-09 10:22:48 258048 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-04-13 18:58:00 . 2007-04-13 18:58:00 102400 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:51:22 . 2010-03-31 12:51:22 102400 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:49:54 . 2010-03-31 12:49:54 315392 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 18:56:30 . 2007-04-13 18:56:30 315392 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 19:30:52 . 2007-04-13 19:30:52 258048 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 13:32:06 . 2010-03-31 13:32:06 258048 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-02-24 22:14:38 . 2010-02-24 22:14:38 543232 C:\WINDOWS\Installer\61bba.msp
+ 2011-07-28 11:18:11 . 2011-07-28 11:18:12 432640 C:\WINDOWS\Installer\61bb4.msi
+ 2011-07-28 11:18:01 . 2011-07-28 11:18:01 429568 C:\WINDOWS\Installer\61bad.msi
+ 2011-07-27 10:21:26 . 2011-07-27 10:21:27 975872 C:\WINDOWS\Installer\208ae2.msi
+ 2011-07-28 11:56:30 . 2011-07-28 11:56:30 969728 C:\WINDOWS\Installer\1be667.msi
+ 2009-03-20 09:48:56 . 2009-03-20 09:48:56 183808 C:\WINDOWS\Installer\1be63e.msp
+ 2011-07-27 10:21:27 . 2011-07-27 10:21:27 101504 C:\WINDOWS\Installer\{204BB4EF-68AC-454B-857E-431336B4188A}\egui.exe
+ 2004-08-18 12:00:00 . 2007-06-27 13:31:34 317952 C:\WINDOWS\inf\unregmp2.exe
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:58 914944 C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll
+ 2011-07-28 11:31:24 . 2010-02-22 14:21:10 391032 C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:31:24 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:18 109568 C:\WINDOWS\ie8updates\KB982381-IE8\occache.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:04 611840 C:\WINDOWS\ie8updates\KB982381-IE8\mstime.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:26 594432 C:\WINDOWS\ie8updates\KB982381-IE8\msfeeds.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:33:50 246784 C:\WINDOWS\ie8updates\KB982381-IE8\ieproxy.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:31:56 183808 C:\WINDOWS\ie8updates\KB982381-IE8\iepeers.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:35:32 742912 C:\WINDOWS\ie8updates\KB982381-IE8\iedvtool.dll
+ 2011-07-28 11:31:24 . 2009-03-08 12:09:26 391536 C:\WINDOWS\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:32:54 173056 C:\WINDOWS\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2011-07-28 11:28:18 . 2009-03-08 02:33:06 420352 C:\WINDOWS\ie8updates\KB981332-IE8\vbscript.dll
+ 2011-07-28 11:28:18 . 2009-05-26 11:40:44 391032 C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:28:18 . 2009-05-26 11:40:44 233848 C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:57:33 . 2008-07-08 12:59:53 391032 C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:57:33 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:57:33 . 2009-06-22 06:48:54 726528 C:\WINDOWS\ie8updates\KB976662-IE8\jscript.dll
+ 2011-07-28 11:25:15 . 2008-07-08 12:59:53 391032 C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:25:15 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:25:15 . 2009-03-08 02:33:16 726528 C:\WINDOWS\ie8updates\KB971961-IE8\jscript.dll
+ 2011-07-27 10:02:38 . 2010-02-24 12:31:30 454016 C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2011-07-28 11:55:40 . 2011-07-28 11:55:40 835584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_08995fd7\System.Drawing.dll
+ 2011-07-28 11:55:55 . 2011-07-28 11:55:55 192512 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_24c89221\System.Drawing.Design.dll
+ 2011-07-28 11:55:54 . 2011-07-28 11:55:54 118784 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3e59447e\CustomMarshalers.dll
+ 2011-07-28 13:36:14 . 2011-07-28 13:36:14 400896 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3dbc664afb90cc3809c05a6b5af5dfdb\System.Xml.Linq.ni.dll
+ 2011-07-28 13:08:07 . 2011-07-28 13:08:07 129536 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d0965d4e9baa17b7f6cc80e9506439c0\System.Web.Routing.ni.dll
+ 2011-07-28 13:08:21 . 2011-07-28 13:08:21 328192 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\317fd466272ef495ec4c2938e41a2ee0\System.Web.Entity.ni.dll
+ 2011-07-28 13:08:24 . 2011-07-28 13:08:24 301056 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\9c387957965fc3b2394e787b6c56d6b3\System.Web.Entity.Design.ni.dll
+ 2011-07-28 13:08:18 . 2011-07-28 13:08:18 542720 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\0092b0a0ccef46490213cd94fd158ab9\System.Web.DynamicData.ni.dll
+ 2011-07-28 12:08:06 . 2011-07-28 12:08:06 679936 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\6a74fbf28403feb768f2b0a323a4ac04\System.Security.ni.dll
+ 2011-07-28 13:07:58 . 2011-07-28 13:07:58 330752 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5ec6f124bed991ca55e5b43d1a90f654\System.Management.Instrumentation.ni.dll
+ 2011-07-28 13:07:43 . 2011-07-28 13:07:43 354816 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\abd07da71b9a0e02c9f207cf59e3fb2f\System.Data.Services.Design.ni.dll
+ 2011-07-28 13:07:41 . 2011-07-28 13:07:41 939520 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\aab7aaa9b2cce53e3cd2534ae2f1b689\System.Data.Services.Client.ni.dll
+ 2011-07-28 13:07:27 . 2011-07-28 13:07:27 755200 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4690f2f7d6d2a5cb2420702b6019ffbf\System.Data.Entity.Design.ni.dll
+ 2011-07-28 12:08:30 . 2011-07-28 12:08:30 135680 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\336a6cf524e01270ef4b9e907287d00d\System.Data.DataSetExtensions.ni.dll
+ 2011-07-28 12:08:03 . 2011-07-28 12:08:03 970752 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\8ecc7122ea648279a4af7247279b2d2b\System.Configuration.ni.dll
+ 2011-07-28 11:23:06 . 2011-07-28 11:23:06 839680 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-02-19 13:08:59 . 2010-02-19 13:08:59 839680 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-07-28 11:23:06 . 2011-07-28 11:23:06 835584 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-02-19 13:08:59 . 2010-02-19 13:08:59 835584 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-07-28 11:23:15 . 2011-07-28 11:23:15 114688 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 114688 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-07-28 11:23:18 . 2011-07-28 11:23:18 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:09:14 . 2010-02-19 13:09:14 131072 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-07-28 11:23:20 . 2011-07-28 11:23:20 131072 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-07-28 11:23:21 . 2011-07-28 11:23:21 303104 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-19 13:09:17 . 2010-02-19 13:09:17 303104 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-19 13:09:28 . 2010-02-19 13:09:28 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-07-28 11:23:23 . 2011-07-28 11:23:23 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-02-19 13:10:00 . 2010-02-19 13:10:00 372736 C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-07-28 11:23:25 . 2011-07-28 11:23:25 372736 C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 626688 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-07-28 11:23:22 . 2011-07-28 11:23:22 626688 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-02-19 13:09:13 . 2010-02-19 13:09:13 401408 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 401408 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 188416 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-07-28 11:23:11 . 2011-07-28 11:23:11 188416 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-02-19 13:09:15 . 2010-02-19 13:09:15 970752 C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-07-28 11:23:32 . 2011-07-28 11:23:32 970752 C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-07-28 11:23:32 . 2011-07-28 11:23:32 745472 C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-02-19 13:09:58 . 2010-02-19 13:09:58 745472 C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 425984 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-07-28 11:23:30 . 2011-07-28 11:23:30 425984 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-02-19 13:10:02 . 2010-02-19 13:10:02 110592 C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:29 110592 C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-02-19 13:09:06 . 2010-02-19 13:09:06 659456 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 659456 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-28 11:23:15 . 2011-07-28 11:23:15 372736 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-19 13:09:07 . 2010-02-19 13:09:07 372736 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-19 13:09:07 . 2010-02-19 13:09:07 110592 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 110592 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-02-19 13:09:09 . 2010-02-19 13:09:09 749568 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 749568 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-07-28 11:23:24 . 2011-07-28 11:23:24 655360 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-02-19 13:09:58 . 2010-02-19 13:09:58 655360 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-02-19 13:09:15 . 2010-02-19 13:09:15 348160 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-07-28 11:23:21 . 2011-07-28 11:23:21 348160 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-07-28 11:23:05 . 2011-07-28 11:23:05 507904 C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-02-19 13:08:57 . 2010-02-19 13:08:57 507904 C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-02-19 13:09:13 . 2010-02-19 13:09:13 261632 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-28 11:23:18 . 2011-07-28 11:23:18 261632 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 113664 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 113664 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 258048 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 258048 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-02-19 13:10:04 . 2010-02-19 13:10:04 486400 C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-07-28 11:23:30 . 2011-07-28 11:23:30 486400 C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-18 12:00:00 . 2009-11-21 16:46:21 470528 C:\WINDOWS\AppPatch\aclayers.dll
+ 2011-07-27 10:03:15 . 2009-08-13 13:56:20 1748992 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-20 22:03:48 . 2009-07-20 22:03:48 1348432 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-09-30 14:42:08 . 2008-09-30 14:42:08 1286152 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2004-08-18 12:00:00 . 2010-04-06 02:52:46 2462720 C:\WINDOWS\system32\WMVCore.dll
+ 2004-08-18 12:00:00 . 2010-05-02 08:27:25 1850880 C:\WINDOWS\system32\win32k.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 1209344 C:\WINDOWS\system32\urlmon.dll
+ 2004-08-18 12:00:00 . 2008-07-03 13:15:50 8458752 C:\WINDOWS\system32\shell32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 1437696 C:\WINDOWS\system32\query.dll
+ 2004-08-18 12:00:00 . 2009-07-17 16:27:44 1437696 C:\WINDOWS\system32\query.dll
+ 2004-08-18 12:00:00 . 2010-02-05 18:40:44 1293824 C:\WINDOWS\system32\quartz.dll
+ 2004-08-18 12:00:00 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\system32\ntoskrnl.exe
+ 2004-08-17 15:45:30 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\system32\ntkrnlpa.exe
+ 2009-08-19 15:07:18 . 2009-08-19 15:07:18 1415000 C:\WINDOWS\system32\msxml6.dll
+ 2009-07-20 22:05:40 . 2009-07-20 22:05:40 1348432 C:\WINDOWS\system32\msxml4.dll
+ 2004-08-18 12:00:00 . 2009-07-31 04:59:48 1172480 C:\WINDOWS\system32\msxml3.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 5950976 C:\WINDOWS\system32\mshtml.dll
+ 2011-07-28 11:52:06 . 2009-03-10 20:26:34 1435008 C:\WINDOWS\system32\KB905474\wganotifypackageinner.exe
+ 2009-03-08 02:32:22 . 2010-05-06 10:35:30 1985536 C:\WINDOWS\system32\iertutil.dll
+ 2004-08-18 12:00:00 . 2010-04-06 02:52:46 2462720 C:\WINDOWS\system32\dllcache\WMVCore.dll
+ 2004-08-18 12:00:00 . 2010-05-02 08:27:25 1850880 C:\WINDOWS\system32\dllcache\win32k.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 1209344 C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00:00 . 2008-07-03 13:15:50 8458752 C:\WINDOWS\system32\dllcache\shell32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 1437696 C:\WINDOWS\system32\dllcache\query.dll
+ 2004-08-18 12:00:00 . 2009-07-17 16:27:44 1437696 C:\WINDOWS\system32\dllcache\query.dll
+ 2004-08-18 12:00:00 . 2010-02-05 18:40:44 1293824 C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 10:13:53 . 2010-02-16 19:34:37 2018816 C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 10:13:58 . 2010-02-16 19:34:37 2139136 C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2004-08-18 12:00:00 . 2009-07-31 04:59:48 1172480 C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 1315840 C:\WINDOWS\system32\dllcache\msoe.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 5950976 C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2006-12-21 17:43:37 . 2009-10-23 14:27:15 3555328 C:\WINDOWS\system32\dllcache\moviemk.exe
- 2006-12-21 17:43:37 . 2004-08-18 12:00:00 3555328 C:\WINDOWS\system32\dllcache\moviemk.exe
+ 2010-04-01 09:42:12 . 2010-04-01 09:42:12 1265664 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 19:35:46 . 2007-04-13 19:35:46 1265664 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42:18 . 2010-04-01 09:42:18 1232896 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 19:35:38 . 2007-04-13 19:35:38 1232896 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50:56 . 2010-03-31 12:50:56 2514944 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 18:57:28 . 2007-04-13 18:57:28 2514944 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50:26 . 2010-03-31 12:50:26 2527232 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 18:50:46 . 2007-04-13 18:50:46 2142208 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-01 09:42:16 . 2010-04-01 09:42:16 2142208 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:56 1206784 C:\WINDOWS\ie8updates\KB982381-IE8\urlmon.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:41:16 5937152 C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:22 1985024 C:\WINDOWS\ie8updates\KB982381-IE8\iertutil.dll
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 10:13:53 . 2010-02-16 19:34:37 2018816 C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 10:13:58 . 2010-02-16 19:34:37 2139136 C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2011-07-28 11:55:52 . 2011-07-28 11:55:52 4792320 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_6f16632b\System.dll
+ 2011-07-28 11:55:05 . 2011-07-28 11:55:06 1966080 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1e782ef8\System.dll
+ 2011-07-28 11:55:29 . 2011-07-28 11:55:29 2088960 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_c1e97461\System.Xml.dll
+ 2011-07-28 11:56:10 . 2011-07-28 11:56:10 5513216 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_360913bf\System.Xml.dll
+ 2011-07-28 11:56:02 . 2011-07-28 11:56:03 7884800 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d9189bbd\System.Windows.Forms.dll
+ 2011-07-28 11:55:18 . 2011-07-28 11:55:18 3018752 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_2d40806b\System.Windows.Forms.dll
+ 2011-07-28 11:56:16 . 2011-07-28 11:56:16 2244608 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3ee24f13\System.Drawing.dll
+ 2011-07-28 11:56:14 . 2011-07-28 11:56:14 3395584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f1474cd0\System.Design.dll
+ 2011-07-28 11:55:35 . 2011-07-28 11:55:35 1470464 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_020c3c81\System.Design.dll
+ 2011-07-28 11:56:22 . 2011-07-28 11:56:23 8908800 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bf35bee9\mscorlib.dll
+ 2011-07-28 11:55:44 . 2011-07-28 11:55:44 3391488 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b2f0c9af\mscorlib.dll
+ 2011-07-28 11:25:01 . 2011-07-28 11:25:02 3311104 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\a359b7de2c93bf3e302b8fbe81185474\WindowsBase.ni.dll
+ 2011-07-28 13:08:15 . 2011-07-28 13:08:15 2400256 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\2701397cec6cd59c0328fa5f42fc26c5\System.Web.Extensions.ni.dll
+ 2011-07-28 12:06:12 . 2011-07-28 12:06:12 1056768 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a52d4a11f7f6e4fe7c77ad1fc5e6e963\System.IdentityModel.ni.dll
+ 2011-07-28 13:07:49 . 2011-07-28 13:07:49 1800704 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\f6c99ab69d318c8439598023a83767e3\System.Deployment.ni.dll
+ 2011-07-28 13:07:36 . 2011-07-28 13:07:36 1326080 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Services\dbc30839b578eba6c6987cf85aec5f4f\System.Data.Services.ni.dll
+ 2011-07-28 11:43:24 . 2011-07-28 11:43:24 2510848 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\046873c6da8b022506cf8d8103d4de96\System.Data.Linq.ni.dll
+ 2011-07-28 13:07:20 . 2011-07-28 13:07:20 9903104 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\5675feea93c0fe533ff0ada333199f3c\System.Data.Entity.ni.dll
+ 2011-07-28 11:38:06 . 2011-07-28 11:38:07 2294784 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\9d8a1e3add264f3cc1a968d79748b1ed\System.Core.ni.dll
+ 2011-07-28 11:35:57 . 2011-07-28 11:36:02 2125824 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\fee686ce428b5ce11e9dd18348e8830d\ReachFramework.ni.dll
+ 2011-07-28 11:33:47 . 2011-07-28 11:33:49 1656832 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\ea00e1303f5b3bc4cc8d8c7812241089\PresentationUI.ni.dll
+ 2011-07-28 12:08:17 . 2011-07-28 12:08:17 1620480 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\8b9ad7b7128a8101b1158a2e1acbeb63\Microsoft.Build.Tasks.ni.dll
+ 2011-07-28 12:08:23 . 2011-07-28 12:08:23 1965568 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\224bcc5357c017e02c01aa21ce3c544e\Microsoft.Build.Tasks.v3.5.ni.dll
- 2010-02-19 13:09:10 . 2010-02-19 13:09:10 3149824 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:23:33 . 2011-07-28 11:23:34 3149824 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:23:35 . 2011-07-28 11:23:35 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-07-28 11:23:07 . 2011-07-28 11:23:09 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-02-19 13:09:00 . 2010-02-19 13:09:00 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-07-28 11:23:10 . 2011-07-28 11:23:11 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-02-19 13:09:02 . 2010-02-19 13:09:02 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-02-19 13:08:55 . 2010-02-19 13:08:55 5238784 C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-28 11:23:02 . 2011-07-28 11:23:04 5238784 C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-07-28 11:23:31 . 2011-07-28 11:23:31 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-07-28 11:23:26 . 2011-07-28 11:23:27 4546560 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-02-19 13:10:10 . 2010-02-19 13:10:13 4546560 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-08-23 09:38:43 . 2008-08-23 09:38:43 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:54:19 . 2011-07-28 11:54:19 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-08-23 09:38:43 . 2008-08-23 09:38:43 1265664 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-28 11:54:18 . 2011-07-28 11:54:18 1265664 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 10841088 C:\WINDOWS\system32\wmp.dll
+ 2009-03-08 02:39:48 . 2010-05-06 10:35:29 11076096 C:\WINDOWS\system32\ieframe.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 10841088 C:\WINDOWS\system32\dllcache\wmp.dll
+ 2010-04-02 17:29:26 . 2010-04-02 17:29:26 11413504 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-04-02 10:30:02 . 2010-04-02 10:30:02 17456640 C:\WINDOWS\Installer\1be661.msp
+ 2011-07-28 11:31:23 . 2009-03-08 02:39:48 11063808 C:\WINDOWS\ie8updates\KB982381-IE8\ieframe.dll
+ 2011-07-28 11:44:34 . 2011-07-28 11:44:35 12428800 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\418f50cb29904548eabc0e4f6e788516\System.Windows.Forms.ni.dll
+ 2011-07-28 12:07:39 . 2011-07-28 12:07:40 17313792 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ca6c0d233f69cd333d9ffb83e0737e23\System.ServiceModel.ni.dll
+ 2011-07-28 11:31:06 . 2011-07-28 11:31:09 14320128 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\372a084465556a94e586908cebe7aee8\PresentationFramework.ni.dll
+ 2011-07-28 11:27:15 . 2011-07-28 11:27:17 12213248 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9b4747b29182ad8ffc638b9578ee5283\PresentationCore.ni.dll
-- Snímek resetován k současnému datu --
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.437 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Tuf\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Tuf\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000012_.tmp.dll
C:\WINDOWS\system32\_000020_.tmp.dll
C:\WINDOWS\system32\_000021_.tmp.dll
C:\WINDOWS\system32\_000022_.tmp.dll
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_BCDE
-------\Service_amphkgqz
-------\Service_bcde
-------\Service_dc59b889
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
2011-07-28 11:52:06 . 2011-07-28 11:52:06 -------- d-----w- C:\WINDOWS\system32\KB905474
2011-07-28 11:25:14 . 2011-07-28 11:57:32 -------- d-----w- C:\WINDOWS\ie8updates
2011-07-27 10:19:48 . 2011-07-27 10:19:48 -------- d-----w- C:\Program Files\ESET
2011-07-27 10:19:48 . 2011-07-27 10:19:48 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-07-27 10:03:06 . 2010-05-06 10:35:31 55296 -c----w- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2011-07-27 10:03:05 . 2010-05-06 10:35:31 599040 -c----w- C:\WINDOWS\system32\dllcache\msfeeds.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:35 12800 -c----w- C:\WINDOWS\system32\dllcache\xpshims.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:30 247808 -c----w- C:\WINDOWS\system32\dllcache\ieproxy.dll
2011-07-27 10:03:03 . 2010-05-06 10:35:27 743424 -c----w- C:\WINDOWS\system32\dllcache\iedvtool.dll
2011-07-27 10:03:00 . 2010-05-06 10:35:30 1985536 -c----w- C:\WINDOWS\system32\dllcache\iertutil.dll
2011-07-27 10:02:56 . 2010-05-06 10:35:29 11076096 -c----w- C:\WINDOWS\system32\dllcache\ieframe.dll
2011-07-27 10:02:44 . 2010-02-12 10:03:03 293376 ------w- C:\WINDOWS\system32\browserchoice.exe
2011-07-27 10:02:38 . 2010-02-24 12:31:30 454016 -c----w- C:\WINDOWS\system32\dllcache\mrxsmb.sys
2011-07-25 19:25:50 . 2011-07-06 17:52:42 41272 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-25 19:25:40 . 2011-07-06 17:52:42 22712 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-25 19:06:24 . 2011-07-26 12:04:54 -------- d-----w- C:\Program Files\trend micro
2011-07-25 19:06:23 . 2011-07-25 19:06:35 -------- d-----w- C:\rsit
2011-07-23 13:47:24 . 2011-07-23 13:47:24 39936 ----a-w- C:\WINDOWS\system32\drivers\INTELPPM.SYS
2011-07-23 13:20:02 . 2011-05-24 17:14:10 222080 ------w- C:\WINDOWS\system32\MpSigStub.exe
2011-07-22 17:39:47 . 2011-07-22 17:42:38 -------- d-----w- C:\577d341c6557cd5a6a2c46b3dfaea9e3
2011-07-22 17:35:11 . 2011-07-22 17:37:11 -------- d-----w- C:\d795b700f4cea981d799e10e2b3ec7d9
2011-07-22 16:09:21 . 2011-07-22 16:09:21 -------- d-----w- C:\Documents and Settings\LocalService\Nabídka Start
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-06-25 21:35:35 . 2011-05-17 09:06:32 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-05-04 02:52:22 . 2010-04-30 10:30:11 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2011-05-04 00:25:49 . 2010-04-30 10:30:11 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2003-08-04 00:15:42 . 2007-02-05 21:48:02 40960 ----a-w- C:\Program Files\AuxSetup.exe
2003-04-25 23:29:02 . 2007-02-05 21:48:02 146944 ----a-w- C:\Program Files\SciLexer.dll
2002-11-14 18:55:16 . 2007-02-05 21:48:03 56832 ----a-w- C:\Program Files\AviSynthLexer.lexer
2011-06-26 18:44:11 . 2011-03-24 19:34:50 142296 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((( SnapShot@2011-07-26_20.24.35 )))))))))))))))))))))))))))))))))))))))))
+ 2009-06-28 21:42:42 . 2009-06-28 21:42:42 91656 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2011-07-28 13:41:33 . 2011-07-28 13:41:33 16384 C:\WINDOWS\Temp\Perflib_Perfdata_798.dat
+ 2007-07-30 17:19:12 . 2009-08-06 17:24:10 44768 C:\WINDOWS\system32\wups2.dll
+ 2006-12-21 17:43:41 . 2009-08-06 17:24:10 35552 C:\WINDOWS\system32\wups.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 59392 C:\WINDOWS\system32\wdigest.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:42 50176 C:\WINDOWS\system32\utilman.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 50176 C:\WINDOWS\system32\utilman.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:39:21 36352 C:\WINDOWS\system32\umandlg.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 36352 C:\WINDOWS\system32\umandlg.dll
+ 2008-07-14 11:09:18 . 2010-04-21 13:28:50 46080 C:\WINDOWS\system32\tzchange.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:48 81408 C:\WINDOWS\system32\tlntsess.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:50 78336 C:\WINDOWS\system32\telnet.exe
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 56320 C:\WINDOWS\system32\secur32.dll
+ 2004-08-18 12:00:00 . 2009-02-06 16:54:36 35328 C:\WINDOWS\system32\sc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 69632 C:\WINDOWS\system32\raschap.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 69632 C:\WINDOWS\system32\raschap.dll
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 87282 C:\WINDOWS\system32\perfc009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 87282 C:\WINDOWS\system32\perfc009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 99088 C:\WINDOWS\system32\perfc005.dat
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 99088 C:\WINDOWS\system32\perfc005.dat
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:41 54784 C:\WINDOWS\system32\narrator.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 54784 C:\WINDOWS\system32\narrator.exe
+ 2009-11-05 20:17:22 . 2009-11-05 20:17:22 11600 C:\WINDOWS\system32\mui\0409\mscorees.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 91648 C:\WINDOWS\system32\mtxoci.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 66560 C:\WINDOWS\system32\mtxclu.dll
+ 2004-08-18 12:00:00 . 2008-06-12 14:19:27 66560 C:\WINDOWS\system32\mtxclu.dll
+ 2004-08-17 15:49:14 . 2009-11-27 17:35:52 17920 C:\WINDOWS\system32\msyuv.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 28672 C:\WINDOWS\system32\msvidc32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 11264 C:\WINDOWS\system32\msrle32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 11264 C:\WINDOWS\system32\msrle32.dll
- 2009-03-08 02:31:52 . 2009-03-08 02:31:52 55296 C:\WINDOWS\system32\msfeedsbs.dll
+ 2009-03-08 02:31:52 . 2010-05-06 10:35:31 55296 C:\WINDOWS\system32\msfeedsbs.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 58880 C:\WINDOWS\system32\msdtclog.dll
- 2006-12-21 17:41:39 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\msdtclog.dll
+ 2004-08-18 12:00:00 . 2009-09-04 20:47:46 58880 C:\WINDOWS\system32\msasn1.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 48640 C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 48640 C:\WINDOWS\system32\mqupgrd.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 95744 C:\WINDOWS\system32\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 95744 C:\WINDOWS\system32\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 16896 C:\WINDOWS\system32\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 16896 C:\WINDOWS\system32\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 47104 C:\WINDOWS\system32\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 47104 C:\WINDOWS\system32\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 19968 C:\WINDOWS\system32\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 19968 C:\WINDOWS\system32\mqbkup.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 72704 C:\WINDOWS\system32\magnify.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 72704 C:\WINDOWS\system32\magnify.exe
- 2004-08-18 12:00:00 . 2009-03-08 02:33:26 25600 C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:31 25600 C:\WINDOWS\system32\jsproxy.dll
+ 2004-08-17 15:49:10 . 2009-11-27 16:40:13 48128 C:\WINDOWS\system32\iyuv_32.dll
+ 2004-08-18 12:00:00 . 2009-10-15 17:22:45 82432 C:\WINDOWS\system32\fontsub.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:48:44 91776 C:\WINDOWS\system32\drivers\mqac.sys
+ 2004-08-18 12:00:00 . 2009-06-22 11:34:52 92544 C:\WINDOWS\system32\drivers\ksecdd.sys
+ 2008-06-10 16:56:10 . 2010-12-21 11:47:38 94872 C:\WINDOWS\system32\drivers\epfwtdir.sys
+ 2006-12-21 17:43:41 . 2009-08-06 17:24:10 35552 C:\WINDOWS\system32\dllcache\wups.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 59392 C:\WINDOWS\system32\dllcache\wdigest.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:42 50176 C:\WINDOWS\system32\dllcache\utilman.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 50176 C:\WINDOWS\system32\dllcache\utilman.exe
+ 2004-08-18 12:00:00 . 2006-10-04 13:39:21 36352 C:\WINDOWS\system32\dllcache\umandlg.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 36352 C:\WINDOWS\system32\dllcache\umandlg.dll
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:48 81408 C:\WINDOWS\system32\dllcache\tlntsess.exe
+ 2004-08-18 12:00:00 . 2009-06-15 11:33:50 78336 C:\WINDOWS\system32\dllcache\telnet.exe
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 56320 C:\WINDOWS\system32\dllcache\secur32.dll
+ 2004-08-18 12:00:00 . 2009-02-06 16:54:36 35328 C:\WINDOWS\system32\dllcache\sc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 69632 C:\WINDOWS\system32\dllcache\raschap.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 69632 C:\WINDOWS\system32\dllcache\raschap.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:41 54784 C:\WINDOWS\system32\dllcache\narrator.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 54784 C:\WINDOWS\system32\dllcache\narrator.exe
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 91648 C:\WINDOWS\system32\dllcache\mtxoci.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 66560 C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2004-08-18 12:00:00 . 2008-06-12 14:19:27 66560 C:\WINDOWS\system32\dllcache\mtxclu.dll
+ 2004-08-17 15:49:14 . 2009-11-27 17:35:52 17920 C:\WINDOWS\system32\dllcache\msyuv.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 28672 C:\WINDOWS\system32\dllcache\msvidc32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 11264 C:\WINDOWS\system32\dllcache\msrle32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 11264 C:\WINDOWS\system32\dllcache\msrle32.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 58880 C:\WINDOWS\system32\dllcache\msdtclog.dll
- 2006-12-21 17:41:39 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\dllcache\msdtclog.dll
+ 2004-08-18 12:00:00 . 2009-09-04 20:47:46 58880 C:\WINDOWS\system32\dllcache\msasn1.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 48640 C:\WINDOWS\system32\dllcache\mqupgrd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 48640 C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 95744 C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 95744 C:\WINDOWS\system32\dllcache\mqsec.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 16896 C:\WINDOWS\system32\dllcache\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 16896 C:\WINDOWS\system32\dllcache\mqise.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 47104 C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 47104 C:\WINDOWS\system32\dllcache\mqdscli.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 19968 C:\WINDOWS\system32\dllcache\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 19968 C:\WINDOWS\system32\dllcache\mqbkup.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:48:44 91776 C:\WINDOWS\system32\dllcache\mqac.sys
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 72704 C:\WINDOWS\system32\dllcache\magnify.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 72704 C:\WINDOWS\system32\dllcache\magnify.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:34:52 92544 C:\WINDOWS\system32\dllcache\ksecdd.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:31 25600 C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:26 25600 C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2004-08-17 15:49:10 . 2009-11-27 16:40:13 48128 C:\WINDOWS\system32\dllcache\iyuv_32.dll
+ 2004-08-18 12:00:00 . 2009-10-15 17:22:45 82432 C:\WINDOWS\system32\dllcache\fontsub.dll
+ 2004-08-18 12:00:00 . 2009-12-14 07:37:45 33280 C:\WINDOWS\system32\dllcache\csrsrv.dll
+ 2006-12-21 17:41:38 . 2005-07-26 04:42:50 60416 C:\WINDOWS\system32\dllcache\colbact.dll
+ 2004-08-18 12:00:00 . 2010-01-13 14:10:55 85504 C:\WINDOWS\system32\dllcache\cabview.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 84992 C:\WINDOWS\system32\dllcache\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 84992 C:\WINDOWS\system32\dllcache\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-07-17 18:57:54 58880 C:\WINDOWS\system32\dllcache\atl.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\dllcache\atl.dll
+ 2004-08-18 12:00:00 . 2010-03-05 14:57:11 65536 C:\WINDOWS\system32\dllcache\asycfilt.dll
+ 2004-08-18 12:00:00 . 2009-12-14 07:37:45 33280 C:\WINDOWS\system32\csrsrv.dll
+ 2006-12-21 17:41:38 . 2005-07-26 04:42:50 60416 C:\WINDOWS\system32\colbact.dll
+ 2004-08-18 12:00:00 . 2010-01-13 14:10:55 85504 C:\WINDOWS\system32\cabview.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 84992 C:\WINDOWS\system32\avifil32.dll
+ 2004-08-18 12:00:00 . 2009-11-27 16:40:13 84992 C:\WINDOWS\system32\avifil32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 58880 C:\WINDOWS\system32\atl.dll
+ 2004-08-18 12:00:00 . 2009-07-17 18:57:54 58880 C:\WINDOWS\system32\atl.dll
+ 2004-08-18 12:00:00 . 2010-03-05 14:57:11 65536 C:\WINDOWS\system32\asycfilt.dll
+ 2009-06-24 17:56:06 . 2009-06-24 17:56:06 73728 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-04-01 09:42:58 . 2010-04-01 09:42:58 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 12:51:24 . 2010-03-31 12:51:24 77824 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:58:02 . 2007-04-13 18:58:02 77824 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2007-04-13 18:57:58 . 2007-04-13 18:57:58 86016 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51:20 . 2010-03-31 12:51:20 86016 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2010-03-31 12:51:14 . 2010-03-31 12:51:14 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 18:57:52 . 2007-04-13 18:57:52 81920 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 13:32:08 . 2010-03-31 13:32:08 32768 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2007-04-13 19:30:52 . 2007-04-13 19:30:52 32768 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:19:42 . 2003-02-20 18:19:42 24576 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32:10 . 2010-03-31 13:32:10 24576 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-07-28 11:18:01 . 2011-07-28 11:18:01 32768 C:\WINDOWS\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-07-28 11:18:12 . 2011-07-28 11:18:12 32768 C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2011-07-27 10:21:27 . 2011-07-27 10:21:27 10134 C:\WINDOWS\Installer\{204BB4EF-68AC-454B-857E-431336B4188A}\callmsi.exe
+ 2011-07-28 11:31:24 . 2009-03-08 02:33:18 12288 C:\WINDOWS\ie8updates\KB982381-IE8\xpshims.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:31:52 55296 C:\WINDOWS\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:33:26 25600 C:\WINDOWS\ie8updates\KB982381-IE8\jsproxy.dll
+ 2009-11-27 17:35:52 . 2009-11-27 17:35:52 17920 C:\WINDOWS\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:40:13 . 2009-11-27 16:40:13 48128 C:\WINDOWS\Driver Cache\i386\iyuv_32.dll
+ 2011-07-28 11:55:09 . 2011-07-28 11:55:09 90112 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_887aa983\System.Drawing.Design.dll
+ 2011-07-28 11:55:07 . 2011-07-28 11:55:07 61440 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_59e29662\CustomMarshalers.dll
+ 2011-07-28 12:08:27 . 2011-07-28 12:08:27 94208 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\3f3ff3edbe8ba918c7b91c5c6dd0c37a\System.ComponentModel.DataAnnotations.ni.dll
- 2010-02-19 13:08:58 . 2010-02-19 13:08:58 77824 C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-28 11:23:07 . 2011-07-28 11:23:07 77824 C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-28 11:23:10 . 2011-07-28 11:23:10 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-02-19 13:09:01 . 2010-02-19 13:09:01 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2010-02-19 13:10:03 . 2010-02-19 13:10:03 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:30 81920 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 32768 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-02-19 13:09:06 . 2010-02-19 13:09:06 32768 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 12800 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-07-28 11:23:17 . 2011-07-28 11:23:17 12800 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-07-28 11:23:17 . 2011-07-28 11:23:17 28672 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 28672 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-02-19 13:10:00 . 2010-02-19 13:10:00 77824 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-28 11:23:26 . 2011-07-28 11:23:26 77824 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-28 11:23:22 . 2011-07-28 11:23:22 36864 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-02-19 13:09:23 . 2010-02-19 13:09:23 36864 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 77824 C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 77824 C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 13312 C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 13312 C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 10752 C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-19 13:09:03 . 2010-02-19 13:09:03 10752 C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-19 13:09:08 . 2010-02-19 13:09:08 72192 C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 72192 C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-07-28 11:23:12 . 2011-07-28 11:23:12 69120 C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 69120 C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-28 11:54:15 . 2011-07-28 11:54:15 81920 C:\WINDOWS\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 8192 C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 8192 C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2001-10-24 12:25:04 . 2009-11-27 16:40:13 8704 C:\WINDOWS\system32\tsbyuv.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 4608 C:\WINDOWS\system32\mqsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:04 4608 C:\WINDOWS\system32\mqsvc.exe
+ 2001-10-24 12:25:04 . 2009-11-27 16:40:13 8704 C:\WINDOWS\system32\dllcache\tsbyuv.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 4608 C:\WINDOWS\system32\dllcache\mqsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:04 4608 C:\WINDOWS\system32\dllcache\mqsvc.exe
+ 2009-11-27 16:40:13 . 2009-11-27 16:40:13 8704 C:\WINDOWS\Driver Cache\i386\tsbyuv.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 7168 C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 7168 C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-02-19 13:10:21 . 2010-02-19 13:10:21 5632 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:29 5632 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 6656 C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-02-19 13:09:05 . 2010-02-19 13:09:05 6656 C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-07-28 11:23:13 . 2011-07-28 11:23:13 8192 C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-02-19 13:09:04 . 2010-02-19 13:09:04 8192 C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 113664 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 113664 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 258048 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 258048 C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2008-07-03 09:42:26 . 2008-08-19 09:51:28 358912 C:\WINDOWS\system32\xpsp3res.dll
+ 2008-07-03 09:42:26 . 2009-04-15 09:55:59 358912 C:\WINDOWS\system32\xpsp3res.dll
+ 2004-08-18 12:00:00 . 2009-04-01 21:02:22 604160 C:\WINDOWS\system32\wmspdmod.dll
+ 2006-10-18 20:47:20 . 2008-06-24 16:12:58 295936 C:\WINDOWS\system32\wmpeffects.dll
- 2006-10-18 20:47:20 . 2006-10-18 20:47:20 295936 C:\WINDOWS\system32\wmpeffects.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 286208 C:\WINDOWS\system32\wmpdxm.dll
+ 2004-08-18 12:00:00 . 2008-06-18 03:03:08 938496 C:\WINDOWS\system32\WMNetmgr.dll
+ 2004-08-18 12:00:00 . 2007-10-25 07:28:30 222720 C:\WINDOWS\system32\wmasf.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 132096 C:\WINDOWS\system32\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-06-10 06:31:43 132096 C:\WINDOWS\system32\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-12-24 07:07:42 177664 C:\WINDOWS\system32\wintrust.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 916480 C:\WINDOWS\system32\wininet.dll
+ 2004-08-18 12:00:00 . 2008-12-16 12:50:55 351232 C:\WINDOWS\system32\winhttp.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 351232 C:\WINDOWS\system32\winhttp.dll
+ 2006-12-21 17:41:35 . 2009-02-06 16:39:29 227840 C:\WINDOWS\system32\wbem\wmiprvse.exe
+ 2006-12-21 17:41:35 . 2009-02-09 10:22:07 453120 C:\WINDOWS\system32\wbem\wmiprvsd.dll
+ 2006-12-21 17:41:31 . 2009-02-09 10:22:07 473088 C:\WINDOWS\system32\wbem\fastprox.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:06 420352 C:\WINDOWS\system32\vbscript.dll
+ 2004-08-18 12:00:00 . 2010-03-10 06:17:40 420352 C:\WINDOWS\system32\vbscript.dll
+ 2004-08-18 12:00:00 . 2009-10-15 20:52:46 119808 C:\WINDOWS\system32\t2embed.dll
+ 2004-08-18 12:00:00 . 2009-08-26 08:16:32 247326 C:\WINDOWS\system32\strmdll.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 168448 C:\WINDOWS\system32\schannel.dll
- 2004-08-18 12:00:00 . 2008-08-20 05:38:45 474112 C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-12-08 09:13:23 474112 C:\WINDOWS\system32\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 169472 C:\WINDOWS\system32\Setup\msmqocm.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:11:38 111104 C:\WINDOWS\system32\services.exe
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:08 399360 C:\WINDOWS\system32\rpcss.dll
+ 2004-08-18 12:00:00 . 2009-04-15 15:18:21 584192 C:\WINDOWS\system32\rpcrt4.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 112640 C:\WINDOWS\system32\rastls.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 112640 C:\WINDOWS\system32\rastls.dll
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 479248 C:\WINDOWS\system32\perfh009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 479248 C:\WINDOWS\system32\perfh009.dat
+ 2004-08-18 12:00:00 . 2011-07-28 11:23:58 475976 C:\WINDOWS\system32\perfh005.dat
- 2004-08-18 12:00:00 . 2011-03-27 10:54:59 475976 C:\WINDOWS\system32\perfh005.dat
+ 2004-08-18 12:00:00 . 2009-03-06 14:47:43 283648 C:\WINDOWS\system32\pdh.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 283648 C:\WINDOWS\system32\pdh.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 216064 C:\WINDOWS\system32\osk.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 216064 C:\WINDOWS\system32\osk.exe
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 206848 C:\WINDOWS\system32\occache.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 267776 C:\WINDOWS\system32\oakley.dll
+ 2004-08-18 12:00:00 . 2009-10-13 10:53:28 267776 C:\WINDOWS\system32\oakley.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 709632 C:\WINDOWS\system32\ntdll.dll
+ 2004-08-18 12:00:00 . 2009-08-05 09:07:44 205312 C:\WINDOWS\system32\mswebdvd.dll
+ 2004-08-18 12:00:00 . 2009-09-11 14:35:41 133632 C:\WINDOWS\system32\msv1_0.dll
+ 2006-12-21 17:41:42 . 2009-06-05 07:46:32 655872 C:\WINDOWS\system32\mstscax.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:04 611840 C:\WINDOWS\system32\mstime.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 611840 C:\WINDOWS\system32\mstime.dll
+ 2004-08-18 12:00:00 . 2006-12-04 14:21:50 414720 C:\WINDOWS\system32\msscp.dll
- 2006-12-21 17:41:43 . 2004-08-18 12:00:00 343552 C:\WINDOWS\system32\mspaint.exe
+ 2006-12-21 17:41:43 . 2009-12-17 08:00:39 343552 C:\WINDOWS\system32\mspaint.exe
+ 2009-03-08 02:32:26 . 2010-05-06 10:35:31 599040 C:\WINDOWS\system32\msfeeds.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 161792 C:\WINDOWS\system32\msdtcuiu.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 956928 C:\WINDOWS\system32\msdtctm.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 428032 C:\WINDOWS\system32\msdtcprx.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 489472 C:\WINDOWS\system32\mqutil.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 489472 C:\WINDOWS\system32\mqutil.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 186880 C:\WINDOWS\system32\mqtrig.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 186880 C:\WINDOWS\system32\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 117248 C:\WINDOWS\system32\mqtgsvc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 117248 C:\WINDOWS\system32\mqtgsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 517120 C:\WINDOWS\system32\mqsnap.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 123392 C:\WINDOWS\system32\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 123392 C:\WINDOWS\system32\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 177152 C:\WINDOWS\system32\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 177152 C:\WINDOWS\system32\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 661504 C:\WINDOWS\system32\mqqm.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 225280 C:\WINDOWS\system32\mqoa.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 225280 C:\WINDOWS\system32\mqoa.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 138240 C:\WINDOWS\system32\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 138240 C:\WINDOWS\system32\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 723456 C:\WINDOWS\system32\lsasrv.dll
- 2004-08-18 12:00:00 . 2006-10-18 19:03:58 100864 C:\WINDOWS\system32\logagent.exe
+ 2004-08-18 12:00:00 . 2008-06-17 23:09:22 100864 C:\WINDOWS\system32\logagent.exe
+ 2004-08-18 12:00:00 . 2009-05-07 15:44:45 345088 C:\WINDOWS\system32\localspl.dll
+ 2004-08-18 12:00:00 . 2009-03-21 14:21:21 984576 C:\WINDOWS\system32\kernel32.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 298496 C:\WINDOWS\system32\kerberos.dll
+ 2011-07-28 11:52:06 . 2009-03-10 20:18:08 454024 C:\WINDOWS\system32\KB905474\wgasetup.exe
- 2004-08-18 12:00:00 . 2009-03-08 02:33:16 726528 C:\WINDOWS\system32\jscript.dll
+ 2004-08-18 12:00:00 . 2009-12-09 05:55:34 726528 C:\WINDOWS\system32\jscript.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 683520 C:\WINDOWS\system32\inetcomm.dll
- 2006-12-21 17:43:22 . 2008-04-11 18:51:55 683520 C:\WINDOWS\system32\inetcomm.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:29 184320 C:\WINDOWS\system32\iepeers.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:26 387584 C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:54 173056 C:\WINDOWS\system32\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2010-05-05 13:30:57 173056 C:\WINDOWS\system32\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2008-10-23 13:01:53 283648 C:\WINDOWS\system32\gdi32.dll
+ 2006-12-21 18:34:23 . 2011-07-28 13:41:14 269392 C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-12-21 18:34:23 . 2011-05-06 10:45:33 269392 C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-18 12:00:00 . 2010-02-11 12:01:43 226880 C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2004-08-18 12:00:00 . 2009-12-31 16:14:12 352640 C:\WINDOWS\system32\drivers\srv.sys
+ 2004-08-18 12:00:00 . 2010-02-24 12:31:30 454016 C:\WINDOWS\system32\drivers\mrxsmb.sys
+ 2010-12-21 13:04:06 . 2010-12-21 13:04:06 115008 C:\WINDOWS\system32\drivers\ehdrv.sys
+ 2008-06-10 16:47:42 . 2010-12-21 13:04:06 141264 C:\WINDOWS\system32\drivers\eamon.sys
+ 2006-12-21 17:41:44 . 2008-04-21 21:28:17 216576 C:\WINDOWS\system32\dllcache\wordpad.exe
+ 2004-08-18 12:00:00 . 2009-04-01 21:02:22 604160 C:\WINDOWS\system32\dllcache\wmspdmod.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 286208 C:\WINDOWS\system32\dllcache\wmpdxm.dll
+ 2004-08-18 12:00:00 . 2008-06-18 03:03:08 938496 C:\WINDOWS\system32\dllcache\WMNetmgr.dll
+ 2006-12-21 17:41:35 . 2009-02-06 16:39:29 227840 C:\WINDOWS\system32\dllcache\wmiprvse.exe
+ 2006-12-21 17:41:35 . 2009-02-09 10:22:07 453120 C:\WINDOWS\system32\dllcache\wmiprvsd.dll
+ 2004-08-18 12:00:00 . 2007-10-25 07:28:30 222720 C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 132096 C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-06-10 06:31:43 132096 C:\WINDOWS\system32\dllcache\wkssvc.dll
+ 2004-08-18 12:00:00 . 2009-12-24 07:07:42 177664 C:\WINDOWS\system32\dllcache\wintrust.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 916480 C:\WINDOWS\system32\dllcache\wininet.dll
+ 2004-08-18 12:00:00 . 2008-12-16 12:50:55 351232 C:\WINDOWS\system32\dllcache\winhttp.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 351232 C:\WINDOWS\system32\dllcache\winhttp.dll
+ 2004-08-18 12:00:00 . 2010-03-10 06:17:40 420352 C:\WINDOWS\system32\dllcache\vbscript.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:06 420352 C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2004-08-18 12:00:00 . 2007-06-27 13:31:34 317952 C:\WINDOWS\system32\dllcache\unregmp2.exe
- 2006-12-21 17:43:13 . 2004-08-18 12:00:00 153088 C:\WINDOWS\system32\dllcache\triedit.dll
+ 2006-12-21 17:43:13 . 2009-06-21 22:07:51 153088 C:\WINDOWS\system32\dllcache\triedit.dll
+ 2004-08-18 12:00:00 . 2010-02-11 12:01:43 226880 C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2004-08-18 12:00:00 . 2009-10-15 20:52:46 119808 C:\WINDOWS\system32\dllcache\t2embed.dll
+ 2004-08-18 12:00:00 . 2009-08-26 08:16:32 247326 C:\WINDOWS\system32\dllcache\strmdll.dll
+ 2004-08-18 12:00:00 . 2009-12-31 16:14:12 352640 C:\WINDOWS\system32\dllcache\srv.sys
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 168448 C:\WINDOWS\system32\dllcache\schannel.dll
+ 2004-08-18 12:00:00 . 2009-12-08 09:13:23 474112 C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2004-08-18 12:00:00 . 2008-08-20 05:38:45 474112 C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:11:38 111104 C:\WINDOWS\system32\dllcache\services.exe
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:08 399360 C:\WINDOWS\system32\dllcache\rpcss.dll
+ 2004-08-18 12:00:00 . 2009-04-15 15:18:21 584192 C:\WINDOWS\system32\dllcache\rpcrt4.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 112640 C:\WINDOWS\system32\dllcache\rastls.dll
+ 2004-08-18 12:00:00 . 2009-10-12 13:54:11 112640 C:\WINDOWS\system32\dllcache\rastls.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 283648 C:\WINDOWS\system32\dllcache\pdh.dll
+ 2004-08-18 12:00:00 . 2009-03-06 14:47:43 283648 C:\WINDOWS\system32\dllcache\pdh.dll
+ 2004-08-18 12:00:00 . 2006-10-04 13:34:43 216064 C:\WINDOWS\system32\dllcache\osk.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 216064 C:\WINDOWS\system32\dllcache\osk.exe
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 206848 C:\WINDOWS\system32\dllcache\occache.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 267776 C:\WINDOWS\system32\dllcache\oakley.dll
+ 2004-08-18 12:00:00 . 2009-10-13 10:53:28 267776 C:\WINDOWS\system32\dllcache\oakley.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 709632 C:\WINDOWS\system32\dllcache\ntdll.dll
+ 2004-08-18 12:00:00 . 2009-08-05 09:07:44 205312 C:\WINDOWS\system32\dllcache\mswebdvd.dll
+ 2004-08-18 12:00:00 . 2009-09-11 14:35:41 133632 C:\WINDOWS\system32\dllcache\msv1_0.dll
+ 2006-12-21 17:41:42 . 2009-06-05 07:46:32 655872 C:\WINDOWS\system32\dllcache\mstscax.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 611840 C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:04 611840 C:\WINDOWS\system32\dllcache\mstime.dll
+ 2004-08-18 12:00:00 . 2006-12-04 14:21:50 414720 C:\WINDOWS\system32\dllcache\msscp.dll
- 2006-12-21 17:41:43 . 2004-08-18 12:00:00 343552 C:\WINDOWS\system32\dllcache\mspaint.exe
+ 2006-12-21 17:41:43 . 2009-12-17 08:00:39 343552 C:\WINDOWS\system32\dllcache\mspaint.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 169472 C:\WINDOWS\system32\dllcache\msmqocm.dll
+ 2006-12-21 17:41:40 . 2008-06-12 14:19:27 161792 C:\WINDOWS\system32\dllcache\msdtcuiu.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 956928 C:\WINDOWS\system32\dllcache\msdtctm.dll
+ 2006-12-21 17:41:39 . 2008-06-12 14:19:27 428032 C:\WINDOWS\system32\dllcache\msdtcprx.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 489472 C:\WINDOWS\system32\dllcache\mqutil.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 489472 C:\WINDOWS\system32\dllcache\mqutil.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 186880 C:\WINDOWS\system32\dllcache\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 186880 C:\WINDOWS\system32\dllcache\mqtrig.dll
+ 2004-08-18 12:00:00 . 2009-06-22 11:49:23 117248 C:\WINDOWS\system32\dllcache\mqtgsvc.exe
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 117248 C:\WINDOWS\system32\dllcache\mqtgsvc.exe
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 517120 C:\WINDOWS\system32\dllcache\mqsnap.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:50 123392 C:\WINDOWS\system32\dllcache\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 123392 C:\WINDOWS\system32\dllcache\mqrtdep.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 177152 C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 177152 C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 661504 C:\WINDOWS\system32\dllcache\mqqm.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 225280 C:\WINDOWS\system32\dllcache\mqoa.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 225280 C:\WINDOWS\system32\dllcache\mqoa.dll
+ 2004-08-18 12:00:00 . 2009-06-25 18:37:49 138240 C:\WINDOWS\system32\dllcache\mqad.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 138240 C:\WINDOWS\system32\dllcache\mqad.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 723456 C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2004-08-18 12:00:00 . 2006-10-18 19:03:58 100864 C:\WINDOWS\system32\dllcache\logagent.exe
+ 2004-08-18 12:00:00 . 2008-06-17 23:09:22 100864 C:\WINDOWS\system32\dllcache\logagent.exe
+ 2004-08-18 12:00:00 . 2009-05-07 15:44:45 345088 C:\WINDOWS\system32\dllcache\localspl.dll
+ 2004-08-18 12:00:00 . 2009-03-21 14:21:21 984576 C:\WINDOWS\system32\dllcache\kernel32.dll
+ 2004-08-18 12:00:00 . 2009-06-25 08:48:08 298496 C:\WINDOWS\system32\dllcache\kerberos.dll
+ 2004-08-18 12:00:00 . 2009-12-09 05:55:34 726528 C:\WINDOWS\system32\dllcache\jscript.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:33:16 726528 C:\WINDOWS\system32\dllcache\jscript.dll
- 2006-12-21 17:43:22 . 2008-04-11 18:51:55 683520 C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 683520 C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:29 184320 C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:26 387584 C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2004-08-18 12:00:00 . 2009-03-08 02:32:54 173056 C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2004-08-18 12:00:00 . 2010-05-05 13:30:57 173056 C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2006-12-21 17:43:30 . 2004-08-18 12:00:00 743936 C:\WINDOWS\system32\dllcache\helpsvc.exe
+ 2006-12-21 17:43:30 . 2010-06-14 14:30:28 743936 C:\WINDOWS\system32\dllcache\helpsvc.exe
+ 2004-08-18 12:00:00 . 2008-10-23 13:01:53 283648 C:\WINDOWS\system32\dllcache\gdi32.dll
+ 2006-12-21 17:41:31 . 2009-02-09 10:22:07 473088 C:\WINDOWS\system32\dllcache\fastprox.dll
+ 2004-08-18 12:00:00 . 2010-04-20 05:48:33 285696 C:\WINDOWS\system32\dllcache\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 285696 C:\WINDOWS\system32\dllcache\atmfd.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 683520 C:\WINDOWS\system32\dllcache\advapi32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 683520 C:\WINDOWS\system32\dllcache\advapi32.dll
+ 2004-08-18 12:00:00 . 2009-11-21 16:46:21 470528 C:\WINDOWS\system32\dllcache\aclayers.dll
+ 2004-08-18 12:00:00 . 2010-02-12 04:47:01 100864 C:\WINDOWS\system32\dllcache\6to4svc.dll
+ 2004-08-18 12:00:00 . 2010-04-20 05:48:33 285696 C:\WINDOWS\system32\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 285696 C:\WINDOWS\system32\atmfd.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 683520 C:\WINDOWS\system32\advapi32.dll
+ 2004-08-18 12:00:00 . 2009-02-09 10:22:07 683520 C:\WINDOWS\system32\advapi32.dll
+ 2004-08-18 12:00:00 . 2010-02-12 04:47:01 100864 C:\WINDOWS\system32\6to4svc.dll
+ 2006-12-21 17:43:30 . 2010-06-14 14:30:28 743936 C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe
- 2006-12-21 17:43:30 . 2004-08-18 12:00:00 743936 C:\WINDOWS\pchealth\helpctr\binaries\HelpSvc.exe
- 2008-07-25 10:17:00 . 2008-07-25 10:17:00 258048 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 10:22:48 . 2010-02-09 10:22:48 258048 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2007-04-13 18:58:00 . 2007-04-13 18:58:00 102400 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:51:22 . 2010-03-31 12:51:22 102400 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:49:54 . 2010-03-31 12:49:54 315392 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 18:56:30 . 2007-04-13 18:56:30 315392 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2007-04-13 19:30:52 . 2007-04-13 19:30:52 258048 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-03-31 13:32:06 . 2010-03-31 13:32:06 258048 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-02-24 22:14:38 . 2010-02-24 22:14:38 543232 C:\WINDOWS\Installer\61bba.msp
+ 2011-07-28 11:18:11 . 2011-07-28 11:18:12 432640 C:\WINDOWS\Installer\61bb4.msi
+ 2011-07-28 11:18:01 . 2011-07-28 11:18:01 429568 C:\WINDOWS\Installer\61bad.msi
+ 2011-07-27 10:21:26 . 2011-07-27 10:21:27 975872 C:\WINDOWS\Installer\208ae2.msi
+ 2011-07-28 11:56:30 . 2011-07-28 11:56:30 969728 C:\WINDOWS\Installer\1be667.msi
+ 2009-03-20 09:48:56 . 2009-03-20 09:48:56 183808 C:\WINDOWS\Installer\1be63e.msp
+ 2011-07-27 10:21:27 . 2011-07-27 10:21:27 101504 C:\WINDOWS\Installer\{204BB4EF-68AC-454B-857E-431336B4188A}\egui.exe
+ 2004-08-18 12:00:00 . 2007-06-27 13:31:34 317952 C:\WINDOWS\inf\unregmp2.exe
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:58 914944 C:\WINDOWS\ie8updates\KB982381-IE8\wininet.dll
+ 2011-07-28 11:31:24 . 2010-02-22 14:21:10 391032 C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:31:24 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:18 109568 C:\WINDOWS\ie8updates\KB982381-IE8\occache.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:04 611840 C:\WINDOWS\ie8updates\KB982381-IE8\mstime.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:26 594432 C:\WINDOWS\ie8updates\KB982381-IE8\msfeeds.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:33:50 246784 C:\WINDOWS\ie8updates\KB982381-IE8\ieproxy.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:31:56 183808 C:\WINDOWS\ie8updates\KB982381-IE8\iepeers.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:35:32 742912 C:\WINDOWS\ie8updates\KB982381-IE8\iedvtool.dll
+ 2011-07-28 11:31:24 . 2009-03-08 12:09:26 391536 C:\WINDOWS\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2011-07-28 11:31:24 . 2009-03-08 02:32:54 173056 C:\WINDOWS\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2011-07-28 11:28:18 . 2009-03-08 02:33:06 420352 C:\WINDOWS\ie8updates\KB981332-IE8\vbscript.dll
+ 2011-07-28 11:28:18 . 2009-05-26 11:40:44 391032 C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:28:18 . 2009-05-26 11:40:44 233848 C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:57:33 . 2008-07-08 12:59:53 391032 C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:57:33 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:57:33 . 2009-06-22 06:48:54 726528 C:\WINDOWS\ie8updates\KB976662-IE8\jscript.dll
+ 2011-07-28 11:25:15 . 2008-07-08 12:59:53 391032 C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2011-07-28 11:25:15 . 2008-07-08 12:59:43 233848 C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2011-07-28 11:25:15 . 2009-03-08 02:33:16 726528 C:\WINDOWS\ie8updates\KB971961-IE8\jscript.dll
+ 2011-07-27 10:02:38 . 2010-02-24 12:31:30 454016 C:\WINDOWS\Driver Cache\i386\mrxsmb.sys
+ 2011-07-28 11:55:40 . 2011-07-28 11:55:40 835584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_08995fd7\System.Drawing.dll
+ 2011-07-28 11:55:55 . 2011-07-28 11:55:55 192512 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_24c89221\System.Drawing.Design.dll
+ 2011-07-28 11:55:54 . 2011-07-28 11:55:54 118784 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3e59447e\CustomMarshalers.dll
+ 2011-07-28 13:36:14 . 2011-07-28 13:36:14 400896 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3dbc664afb90cc3809c05a6b5af5dfdb\System.Xml.Linq.ni.dll
+ 2011-07-28 13:08:07 . 2011-07-28 13:08:07 129536 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d0965d4e9baa17b7f6cc80e9506439c0\System.Web.Routing.ni.dll
+ 2011-07-28 13:08:21 . 2011-07-28 13:08:21 328192 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\317fd466272ef495ec4c2938e41a2ee0\System.Web.Entity.ni.dll
+ 2011-07-28 13:08:24 . 2011-07-28 13:08:24 301056 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\9c387957965fc3b2394e787b6c56d6b3\System.Web.Entity.Design.ni.dll
+ 2011-07-28 13:08:18 . 2011-07-28 13:08:18 542720 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\0092b0a0ccef46490213cd94fd158ab9\System.Web.DynamicData.ni.dll
+ 2011-07-28 12:08:06 . 2011-07-28 12:08:06 679936 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\6a74fbf28403feb768f2b0a323a4ac04\System.Security.ni.dll
+ 2011-07-28 13:07:58 . 2011-07-28 13:07:58 330752 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5ec6f124bed991ca55e5b43d1a90f654\System.Management.Instrumentation.ni.dll
+ 2011-07-28 13:07:43 . 2011-07-28 13:07:43 354816 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\abd07da71b9a0e02c9f207cf59e3fb2f\System.Data.Services.Design.ni.dll
+ 2011-07-28 13:07:41 . 2011-07-28 13:07:41 939520 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\aab7aaa9b2cce53e3cd2534ae2f1b689\System.Data.Services.Client.ni.dll
+ 2011-07-28 13:07:27 . 2011-07-28 13:07:27 755200 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4690f2f7d6d2a5cb2420702b6019ffbf\System.Data.Entity.Design.ni.dll
+ 2011-07-28 12:08:30 . 2011-07-28 12:08:30 135680 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\336a6cf524e01270ef4b9e907287d00d\System.Data.DataSetExtensions.ni.dll
+ 2011-07-28 12:08:03 . 2011-07-28 12:08:03 970752 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\8ecc7122ea648279a4af7247279b2d2b\System.Configuration.ni.dll
+ 2011-07-28 11:23:06 . 2011-07-28 11:23:06 839680 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-02-19 13:08:59 . 2010-02-19 13:08:59 839680 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-07-28 11:23:06 . 2011-07-28 11:23:06 835584 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-02-19 13:08:59 . 2010-02-19 13:08:59 835584 C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-07-28 11:23:15 . 2011-07-28 11:23:15 114688 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 114688 C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-07-28 11:23:18 . 2011-07-28 11:23:18 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-19 13:09:14 . 2010-02-19 13:09:14 131072 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-07-28 11:23:20 . 2011-07-28 11:23:20 131072 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-07-28 11:23:21 . 2011-07-28 11:23:21 303104 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-19 13:09:17 . 2010-02-19 13:09:17 303104 C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-19 13:09:28 . 2010-02-19 13:09:28 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-07-28 11:23:23 . 2011-07-28 11:23:23 258048 C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-02-19 13:10:00 . 2010-02-19 13:10:00 372736 C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-07-28 11:23:25 . 2011-07-28 11:23:25 372736 C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 626688 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-07-28 11:23:22 . 2011-07-28 11:23:22 626688 C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-02-19 13:09:13 . 2010-02-19 13:09:13 401408 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 401408 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-02-19 13:09:12 . 2010-02-19 13:09:12 188416 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-07-28 11:23:11 . 2011-07-28 11:23:11 188416 C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-02-19 13:09:15 . 2010-02-19 13:09:15 970752 C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-07-28 11:23:32 . 2011-07-28 11:23:32 970752 C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-07-28 11:23:32 . 2011-07-28 11:23:32 745472 C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-02-19 13:09:58 . 2010-02-19 13:09:58 745472 C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 425984 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-07-28 11:23:30 . 2011-07-28 11:23:30 425984 C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2010-02-19 13:10:02 . 2010-02-19 13:10:02 110592 C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-07-28 11:23:29 . 2011-07-28 11:23:29 110592 C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-02-19 13:09:06 . 2010-02-19 13:09:06 659456 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-28 11:23:14 . 2011-07-28 11:23:14 659456 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-28 11:23:15 . 2011-07-28 11:23:15 372736 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-19 13:09:07 . 2010-02-19 13:09:07 372736 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-19 13:09:07 . 2010-02-19 13:09:07 110592 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 110592 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2010-02-19 13:09:09 . 2010-02-19 13:09:09 749568 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-07-28 11:23:16 . 2011-07-28 11:23:16 749568 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-07-28 11:23:24 . 2011-07-28 11:23:24 655360 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-02-19 13:09:58 . 2010-02-19 13:09:58 655360 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2010-02-19 13:09:15 . 2010-02-19 13:09:15 348160 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-07-28 11:23:21 . 2011-07-28 11:23:21 348160 C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-07-28 11:23:05 . 2011-07-28 11:23:05 507904 C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-02-19 13:08:57 . 2010-02-19 13:08:57 507904 C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2010-02-19 13:09:13 . 2010-02-19 13:09:13 261632 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-28 11:23:18 . 2011-07-28 11:23:18 261632 C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 113664 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 113664 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-07-28 11:23:19 . 2011-07-28 11:23:19 258048 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-02-19 13:10:01 . 2010-02-19 13:10:01 258048 C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2010-02-19 13:10:04 . 2010-02-19 13:10:04 486400 C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-07-28 11:23:30 . 2011-07-28 11:23:30 486400 C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-18 12:00:00 . 2009-11-21 16:46:21 470528 C:\WINDOWS\AppPatch\aclayers.dll
+ 2011-07-27 10:03:15 . 2009-08-13 13:56:20 1748992 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-07-20 22:03:48 . 2009-07-20 22:03:48 1348432 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2008-09-30 14:42:08 . 2008-09-30 14:42:08 1286152 C:\WINDOWS\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2004-08-18 12:00:00 . 2010-04-06 02:52:46 2462720 C:\WINDOWS\system32\WMVCore.dll
+ 2004-08-18 12:00:00 . 2010-05-02 08:27:25 1850880 C:\WINDOWS\system32\win32k.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 1209344 C:\WINDOWS\system32\urlmon.dll
+ 2004-08-18 12:00:00 . 2008-07-03 13:15:50 8458752 C:\WINDOWS\system32\shell32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 1437696 C:\WINDOWS\system32\query.dll
+ 2004-08-18 12:00:00 . 2009-07-17 16:27:44 1437696 C:\WINDOWS\system32\query.dll
+ 2004-08-18 12:00:00 . 2010-02-05 18:40:44 1293824 C:\WINDOWS\system32\quartz.dll
+ 2004-08-18 12:00:00 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\system32\ntoskrnl.exe
+ 2004-08-17 15:45:30 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\system32\ntkrnlpa.exe
+ 2009-08-19 15:07:18 . 2009-08-19 15:07:18 1415000 C:\WINDOWS\system32\msxml6.dll
+ 2009-07-20 22:05:40 . 2009-07-20 22:05:40 1348432 C:\WINDOWS\system32\msxml4.dll
+ 2004-08-18 12:00:00 . 2009-07-31 04:59:48 1172480 C:\WINDOWS\system32\msxml3.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 5950976 C:\WINDOWS\system32\mshtml.dll
+ 2011-07-28 11:52:06 . 2009-03-10 20:26:34 1435008 C:\WINDOWS\system32\KB905474\wganotifypackageinner.exe
+ 2009-03-08 02:32:22 . 2010-05-06 10:35:30 1985536 C:\WINDOWS\system32\iertutil.dll
+ 2004-08-18 12:00:00 . 2010-04-06 02:52:46 2462720 C:\WINDOWS\system32\dllcache\WMVCore.dll
+ 2004-08-18 12:00:00 . 2010-05-02 08:27:25 1850880 C:\WINDOWS\system32\dllcache\win32k.sys
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:35 1209344 C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00:00 . 2008-07-03 13:15:50 8458752 C:\WINDOWS\system32\dllcache\shell32.dll
- 2004-08-18 12:00:00 . 2004-08-18 12:00:00 1437696 C:\WINDOWS\system32\dllcache\query.dll
+ 2004-08-18 12:00:00 . 2009-07-17 16:27:44 1437696 C:\WINDOWS\system32\dllcache\query.dll
+ 2004-08-18 12:00:00 . 2010-02-05 18:40:44 1293824 C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\system32\dllcache\ntoskrnl.exe
+ 2008-10-15 10:13:53 . 2010-02-16 19:34:37 2018816 C:\WINDOWS\system32\dllcache\ntkrpamp.exe
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
+ 2008-10-15 10:13:58 . 2010-02-16 19:34:37 2139136 C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
+ 2004-08-18 12:00:00 . 2009-07-31 04:59:48 1172480 C:\WINDOWS\system32\dllcache\msxml3.dll
+ 2006-12-21 17:43:22 . 2010-01-29 15:07:57 1315840 C:\WINDOWS\system32\dllcache\msoe.dll
+ 2004-08-18 12:00:00 . 2010-05-06 10:35:34 5950976 C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2006-12-21 17:43:37 . 2009-10-23 14:27:15 3555328 C:\WINDOWS\system32\dllcache\moviemk.exe
- 2006-12-21 17:43:37 . 2004-08-18 12:00:00 3555328 C:\WINDOWS\system32\dllcache\moviemk.exe
+ 2010-04-01 09:42:12 . 2010-04-01 09:42:12 1265664 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2007-04-13 19:35:46 . 2007-04-13 19:35:46 1265664 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42:18 . 2010-04-01 09:42:18 1232896 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 19:35:38 . 2007-04-13 19:35:38 1232896 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50:56 . 2010-03-31 12:50:56 2514944 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2007-04-13 18:57:28 . 2007-04-13 18:57:28 2514944 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50:26 . 2010-03-31 12:50:26 2527232 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 18:50:46 . 2007-04-13 18:50:46 2142208 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-04-01 09:42:16 . 2010-04-01 09:42:16 2142208 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:34:56 1206784 C:\WINDOWS\ie8updates\KB982381-IE8\urlmon.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:41:16 5937152 C:\WINDOWS\ie8updates\KB982381-IE8\mshtml.dll
+ 2011-07-28 11:31:22 . 2009-03-08 02:32:22 1985024 C:\WINDOWS\ie8updates\KB982381-IE8\iertutil.dll
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2183552 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-15 10:13:53 . 2010-02-16 19:34:37 2018816 C:\WINDOWS\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-15 10:13:57 . 2010-02-16 19:34:49 2060544 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-15 10:13:58 . 2010-02-16 19:34:37 2139136 C:\WINDOWS\Driver Cache\i386\ntkrnlmp.exe
+ 2011-07-28 11:55:52 . 2011-07-28 11:55:52 4792320 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_6f16632b\System.dll
+ 2011-07-28 11:55:05 . 2011-07-28 11:55:06 1966080 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_1e782ef8\System.dll
+ 2011-07-28 11:55:29 . 2011-07-28 11:55:29 2088960 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_c1e97461\System.Xml.dll
+ 2011-07-28 11:56:10 . 2011-07-28 11:56:10 5513216 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_360913bf\System.Xml.dll
+ 2011-07-28 11:56:02 . 2011-07-28 11:56:03 7884800 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d9189bbd\System.Windows.Forms.dll
+ 2011-07-28 11:55:18 . 2011-07-28 11:55:18 3018752 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_2d40806b\System.Windows.Forms.dll
+ 2011-07-28 11:56:16 . 2011-07-28 11:56:16 2244608 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3ee24f13\System.Drawing.dll
+ 2011-07-28 11:56:14 . 2011-07-28 11:56:14 3395584 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f1474cd0\System.Design.dll
+ 2011-07-28 11:55:35 . 2011-07-28 11:55:35 1470464 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_020c3c81\System.Design.dll
+ 2011-07-28 11:56:22 . 2011-07-28 11:56:23 8908800 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_bf35bee9\mscorlib.dll
+ 2011-07-28 11:55:44 . 2011-07-28 11:55:44 3391488 C:\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_b2f0c9af\mscorlib.dll
+ 2011-07-28 11:25:01 . 2011-07-28 11:25:02 3311104 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\a359b7de2c93bf3e302b8fbe81185474\WindowsBase.ni.dll
+ 2011-07-28 13:08:15 . 2011-07-28 13:08:15 2400256 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\2701397cec6cd59c0328fa5f42fc26c5\System.Web.Extensions.ni.dll
+ 2011-07-28 12:06:12 . 2011-07-28 12:06:12 1056768 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a52d4a11f7f6e4fe7c77ad1fc5e6e963\System.IdentityModel.ni.dll
+ 2011-07-28 13:07:49 . 2011-07-28 13:07:49 1800704 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\f6c99ab69d318c8439598023a83767e3\System.Deployment.ni.dll
+ 2011-07-28 13:07:36 . 2011-07-28 13:07:36 1326080 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Services\dbc30839b578eba6c6987cf85aec5f4f\System.Data.Services.ni.dll
+ 2011-07-28 11:43:24 . 2011-07-28 11:43:24 2510848 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\046873c6da8b022506cf8d8103d4de96\System.Data.Linq.ni.dll
+ 2011-07-28 13:07:20 . 2011-07-28 13:07:20 9903104 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\5675feea93c0fe533ff0ada333199f3c\System.Data.Entity.ni.dll
+ 2011-07-28 11:38:06 . 2011-07-28 11:38:07 2294784 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\9d8a1e3add264f3cc1a968d79748b1ed\System.Core.ni.dll
+ 2011-07-28 11:35:57 . 2011-07-28 11:36:02 2125824 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\ReachFramework\fee686ce428b5ce11e9dd18348e8830d\ReachFramework.ni.dll
+ 2011-07-28 11:33:47 . 2011-07-28 11:33:49 1656832 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationUI\ea00e1303f5b3bc4cc8d8c7812241089\PresentationUI.ni.dll
+ 2011-07-28 12:08:17 . 2011-07-28 12:08:17 1620480 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\8b9ad7b7128a8101b1158a2e1acbeb63\Microsoft.Build.Tasks.ni.dll
+ 2011-07-28 12:08:23 . 2011-07-28 12:08:23 1965568 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\224bcc5357c017e02c01aa21ce3c544e\Microsoft.Build.Tasks.v3.5.ni.dll
- 2010-02-19 13:09:10 . 2010-02-19 13:09:10 3149824 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:23:33 . 2011-07-28 11:23:34 3149824 C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:23:35 . 2011-07-28 11:23:35 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-02-19 13:10:23 . 2010-02-19 13:10:23 2048000 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-07-28 11:23:07 . 2011-07-28 11:23:09 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-02-19 13:09:00 . 2010-02-19 13:09:00 5025792 C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-07-28 11:23:10 . 2011-07-28 11:23:11 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-02-19 13:09:02 . 2010-02-19 13:09:02 5062656 C:\WINDOWS\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2010-02-19 13:08:55 . 2010-02-19 13:08:55 5238784 C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-28 11:23:02 . 2011-07-28 11:23:04 5238784 C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-02-19 13:10:22 . 2010-02-19 13:10:22 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-07-28 11:23:31 . 2011-07-28 11:23:31 2933248 C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-07-28 11:23:26 . 2011-07-28 11:23:27 4546560 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-02-19 13:10:10 . 2010-02-19 13:10:13 4546560 C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2008-08-23 09:38:43 . 2008-08-23 09:38:43 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-07-28 11:54:19 . 2011-07-28 11:54:19 1232896 C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2008-08-23 09:38:43 . 2008-08-23 09:38:43 1265664 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-28 11:54:18 . 2011-07-28 11:54:18 1265664 C:\WINDOWS\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 10841088 C:\WINDOWS\system32\wmp.dll
+ 2009-03-08 02:39:48 . 2010-05-06 10:35:29 11076096 C:\WINDOWS\system32\ieframe.dll
+ 2004-08-18 12:00:00 . 2009-07-13 21:43:24 10841088 C:\WINDOWS\system32\dllcache\wmp.dll
+ 2010-04-02 17:29:26 . 2010-04-02 17:29:26 11413504 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-04-02 10:30:02 . 2010-04-02 10:30:02 17456640 C:\WINDOWS\Installer\1be661.msp
+ 2011-07-28 11:31:23 . 2009-03-08 02:39:48 11063808 C:\WINDOWS\ie8updates\KB982381-IE8\ieframe.dll
+ 2011-07-28 11:44:34 . 2011-07-28 11:44:35 12428800 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\418f50cb29904548eabc0e4f6e788516\System.Windows.Forms.ni.dll
+ 2011-07-28 12:07:39 . 2011-07-28 12:07:40 17313792 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\ca6c0d233f69cd333d9ffb83e0737e23\System.ServiceModel.ni.dll
+ 2011-07-28 11:31:06 . 2011-07-28 11:31:09 14320128 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\372a084465556a94e586908cebe7aee8\PresentationFramework.ni.dll
+ 2011-07-28 11:27:15 . 2011-07-28 11:27:17 12213248 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\9b4747b29182ad8ffc638b9578ee5283\PresentationCore.ni.dll
-- Snímek resetován k současnému datu --
Re: FB vir
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51:30 3911776 ----a-w- C:\Program Files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51:30 3911776 ----a-w- C:\Program Files\uTorrentBar\tbuTor.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 15:25:44 94208]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 15:02:06 490952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 18:04:10 39408]
"uTorrent"="C:\Documents and Settings\Tuf\Plocha\utorrent.exe" [2011-03-29 13:16:09 399736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 13:42:20 77824]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 16:15:12 348160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 11:21:34 49208]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2010-04-03 17:23:16 13670504]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 16:38:18 421888]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 14:41:24 2219184]
C:\Documents and Settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - C:\Program Files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 12:11:14 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00:00 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50:42 155648 ----a-w- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23:16 13670504 ----a-w- C:\WINDOWS\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23:16 110696 ----a-w- C:\WINDOWS\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Opera\\opera.exe"=
"C:\\Program Files\\ICQ7.5\\ICQ.exe"=
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [12.1.2007 13:30:57 717296]
R1 bbcap;bbcap;C:\WINDOWS\system32\drivers\bbcap.sys [16.6.2007 9:19:17 2944]
R1 ehdrv;ehdrv;C:\WINDOWS\system32\drivers\ehdrv.sys [21.12.2010 15:04:06 115008]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\drivers\epfwtdir.sys [10.6.2008 18:56:10 94872]
R2 cpuz135;cpuz135;C:\WINDOWS\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19:51 21992]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41:42 810144]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06:15 247608]
R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29:41 9446]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05:50 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys --> D:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05:50 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25:50 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Obsah adresáře 'Naplánované úlohy'
2011-07-19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]
2010-03-26 C:\WINDOWS\Tasks\Driver Fetch.job
- C:\Program Files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 15:30:48 . 2010-03-24 09:51:50]
2011-07-28 C:\WINDOWS\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04:07 . 2009-07-08 18:04:07]
2011-07-28 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05:50 . 2009-07-08 18:05:17]
2011-07-28 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05:50 . 2009-07-08 18:05:17]
2011-07-26 C:\WINDOWS\Tasks\RegCure Program Check.job
- C:\Program Files\RegCure\RegCure.exe [2010-02-23 23:20:12 . 2010-03-05 19:29:36]
2010-05-18 C:\WINDOWS\Tasks\RegCure.job
- C:\Program Files\RegCure\RegCure.exe [2010-02-23 23:20:12 . 2010-03-05 19:29:36]
2011-07-28 C:\WINDOWS\Tasks\WGASetup.job
- C:\WINDOWS\system32\KB905474\wgasetup.exe [2011-07-28 11:52:06 . 2009-03-10 20:18:08]
------- Doplňkový sken -------
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
FF - ProfilePath - C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Cool's_Codec_pack_4.12 - C:\WINDOWS\iun6002.exe
AddRemove-Nvidia Omega Drivers for Windows 2k-XPv1.6693 - C:\WINDOWS\iun6002.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-28 15:42:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3388)
C:\WINDOWS\system32\msi.dll
C:\WINDOWS\system32\webcheck.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
C:\Program Files\programs\CMFFld80.dll
C:\WINDOWS\system32\PortableDeviceTypes.dll
C:\WINDOWS\system32\PortableDeviceApi.dll
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51:30 3911776 ----a-w- C:\Program Files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51:30 3911776 ----a-w- C:\Program Files\uTorrentBar\tbuTor.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "C:\Program Files\uTorrentBar\tbuTor.dll" [2010-12-09 11:51:30 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "C:\Program Files\ConduitEngine\ConduitEngine.dll" [2010-12-09 11:51:30 3911776]
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2005-10-28 15:25:44 94208]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 15:02:06 490952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-08 18:04:10 39408]
"uTorrent"="C:\Documents and Settings\Tuf\Plocha\utorrent.exe" [2011-03-29 13:16:09 399736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 13:42:20 77824]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2006-07-07 16:15:12 348160]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 11:21:34 49208]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2010-04-03 17:23:16 13670504]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2010-11-29 16:38:18 421888]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 10:59:52 254696]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 14:41:24 2219184]
C:\Documents and Settings\Tuf\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-27 110592]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Corel MEDIA FOLDERS INDEXER 8.LNK - C:\Program Files\Programs\MFIndexer.exe [2007-1-26 83456]
EdgeCLS11.00.lnk - C:\Program Files\EdgeCAM\Cam\EdgeCLS.exe [2007-3-24 708608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 12:11:14 233472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00:00 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50:42 155648 ----a-w- C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-04-03 17:23:16 13670504 ----a-w- C:\WINDOWS\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23:16 110696 ----a-w- C:\WINDOWS\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Documents and Settings\\Tuf\\Plocha\\utorrent.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Documents and Settings\\Tuf\\Dokumenty\\Downloads\\Call of Duty 4 Modern Warfare Full-Rip Skullptura\\Call of duty\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Opera\\opera.exe"=
"C:\\Program Files\\ICQ7.5\\ICQ.exe"=
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [12.1.2007 13:30:57 717296]
R1 bbcap;bbcap;C:\WINDOWS\system32\drivers\bbcap.sys [16.6.2007 9:19:17 2944]
R1 ehdrv;ehdrv;C:\WINDOWS\system32\drivers\ehdrv.sys [21.12.2010 15:04:06 115008]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\drivers\epfwtdir.sys [10.6.2008 18:56:10 94872]
R2 cpuz135;cpuz135;C:\WINDOWS\system32\drivers\cpuz135_x32.sys [21.5.2011 13:19:51 21992]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41:42 810144]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [11.3.2009 13:06:15 247608]
R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys [6.3.2008 13:29:41 9446]
S1 MpKsl35db2da8;MpKsl35db2da8;\??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys --> c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{40FC0ABE-3C54-4B50-94D9-7EDC6E996782}\MpKsl35db2da8.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05:50 133104]
S2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; [x]
S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys --> D:\Fxdrv.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp --> C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [8.7.2009 20:05:50 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\system32\drivers\mbamswissarmy.sys [25.7.2011 21:25:50 41272]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> C:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Obsah adresáře 'Naplánované úlohy'
2011-07-19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34:12 . 2008-07-30 11:34:12]
2010-03-26 C:\WINDOWS\Tasks\Driver Fetch.job
- C:\Program Files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-26 15:30:48 . 2010-03-24 09:51:50]
2011-07-28 C:\WINDOWS\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-08 18:04:07 . 2009-07-08 18:04:07]
2011-07-28 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05:50 . 2009-07-08 18:05:17]
2011-07-28 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-08 18:05:50 . 2009-07-08 18:05:17]
2011-07-26 C:\WINDOWS\Tasks\RegCure Program Check.job
- C:\Program Files\RegCure\RegCure.exe [2010-02-23 23:20:12 . 2010-03-05 19:29:36]
2010-05-18 C:\WINDOWS\Tasks\RegCure.job
- C:\Program Files\RegCure\RegCure.exe [2010-02-23 23:20:12 . 2010-03-05 19:29:36]
2011-07-28 C:\WINDOWS\Tasks\WGASetup.job
- C:\WINDOWS\system32\KB905474\wgasetup.exe [2011-07-28 11:52:06 . 2009-03-10 20:18:08]
------- Doplňkový sken -------
uStart Page = hxxp://start.icq.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
FF - ProfilePath - C:\Documents and Settings\Tuf\Data aplikací\Mozilla\Firefox\Profiles\cj25z6jb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Cool's_Codec_pack_4.12 - C:\WINDOWS\iun6002.exe
AddRemove-Nvidia Omega Drivers for Windows 2k-XPv1.6693 - C:\WINDOWS\iun6002.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-28 15:42:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\C:\DOCUME~1\Tuf\LOCALS~1\Temp\TJAE3D.tmp"
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,21,67,fd,76,c3,e4,06,15,fe,9c,e3,6a,c8,67,02,52,8f,9f,b3,20,05,3b,
09,9d,30,12,b2,97,43,b8,26,ad,48,0f,dd,10,53,68,4a,38,c1,1c,74,30,f2,bb,fa,\
"??"=hex:c0,da,29,93,c1,a4,a9,c1,72,21,be,1a,da,cf,41,29
[HKEY_USERS\S-1-5-21-1801674531-1085031214-2147098553-1003\Software\SecuROM\License information*]
"datasecu"=hex:93,0b,74,06,f0,ac,1b,96,84,10,ae,26,5e,11,de,79,63,a7,44,aa,b8,
b4,2d,b4,4f,bd,0c,ad,e0,be,cd,f6,37,b8,3e,f5,e4,fc,ac,8e,e0,24,23,77,26,d3,\
"rkeysecu"=hex:a2,eb,20,3d,e5,65,2c,f0,8e,66,78,61,79,29,e3,47
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3388)
C:\WINDOWS\system32\msi.dll
C:\WINDOWS\system32\webcheck.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
C:\Program Files\programs\CMFFld80.dll
C:\WINDOWS\system32\PortableDeviceTypes.dll
C:\WINDOWS\system32\PortableDeviceApi.dll
Přispějete na provoz fóra?