Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Zpráva

chris.h · #61 Příspěvek od **chris.h** » 22 lis 2011 11:59

MyNICDetails.rar: (1.13 KiB) Staženo 41 x

chris.h · #62 Příspěvek od **chris.h** » 22 lis 2011 14:03

Tak stále nefunguje... ani přes wifi a ani přes kabel...

chris.h · #63 Příspěvek od **chris.h** » 23 lis 2011 07:18

Vše provedeno... zasílám výsledky

http://www.uloz.to/11235186/vzorky-rar

OTL.rar: (91.9 KiB) Staženo 36 x

chris.h · #64 Příspěvek od **chris.h** » 23 lis 2011 09:44

Dodávám, to co chybělo...

MyNICDetails.rar: (1.13 KiB) Staženo 30 x

chris.h · #65 Příspěvek od **chris.h** » 23 lis 2011 10:15

Tak nevím, jestli jsem to tam zadala správně... jsem to uložila do poznámkového bloku a dala na stránce otestovat... jestli je to dobře...

výsledek:

http://www.virustotal.com/file-scan/rep ... 1322038737

chris.h · #66 Příspěvek od **chris.h** » 23 lis 2011 11:07

DiskReport.rar: (375 bajtů) Staženo 41 x

chris.h · #67 Příspěvek od **chris.h** » 23 lis 2011 11:28

MyNICDetails.rar: (1.1 KiB) Staženo 26 x

chris.h · #68 Příspěvek od **chris.h** » 23 lis 2011 12:06

zkusila jsem to... ale háže mi to tam pořád stejnou hlášku... že systém windows nemohl dokončit opravu problému...

chris.h · #69 Příspěvek od **chris.h** » 23 lis 2011 12:45

Vše naimportováno i restartováno... teď mi nejde zapnout brána firewall a ani se mi nedaří připojit...

S tím mým notebookem jsou cosi jen samé problémy...

chris.h · #70 Příspěvek od **chris.h** » 23 lis 2011 13:22

MyNICDetails.rar: (1.11 KiB) Staženo 27 x

Combofix:

ComboFix 11-11-22.03 - OEM 23.11.2011 13:05:40.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.515 [GMT 1:00]
Spuštěný z: c:\documents and settings\OEM\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-23 do 2011-11-23 )))))))))))))))))))))))))))))))
.
.
2011-11-23 11:58 . 2011-11-23 11:58 512 ----a-w- C:\Physical0MBR.bin
2011-11-23 05:30 . 2011-11-23 05:31 -------- d-----w- C:\vzorky
2011-11-20 23:49 . 2008-05-19 06:57 95744 ----a-w- c:\windows\system32\msiexec.exe
2011-11-20 23:49 . 2008-04-14 04:49 138112 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-20 10:31 . 2011-11-20 10:31 35712 ----a-w- c:\windows\system32\drivers\BlackBox.sys
2011-11-19 13:37 . 2011-11-19 13:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-11-18 11:22 . 2011-11-17 22:57 133208 ----a-w- c:\windows\system32\drivers\10418741.sys
2011-11-17 20:38 . 2011-11-17 22:57 133208 ----a-w- c:\windows\system32\drivers\44042542.sys
2011-11-17 16:38 . 2011-11-17 16:39 -------- d-----w- c:\program files\trend micro
2011-11-17 16:38 . 2011-11-17 16:40 -------- d-----w- C:\rsit
2011-11-17 14:59 . 2011-11-18 08:19 -------- d-----w- c:\documents and settings\OEM\Data aplikací\AVI ReComp
2011-11-17 14:58 . 2011-11-17 14:58 -------- d-----w- c:\program files\Gabest
2011-11-17 14:58 . 2011-11-17 14:58 -------- d-----w- c:\program files\Xvid
2011-11-17 14:57 . 2011-11-17 14:57 -------- d-----w- c:\program files\AviSynth 2.5
2011-11-17 14:54 . 2011-11-17 14:58 -------- d-----w- c:\program files\AVI ReComp
2011-11-17 14:45 . 2011-11-17 14:45 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ESET
2011-11-17 11:55 . 2011-11-17 11:55 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-11-17 11:48 . 2011-11-17 11:48 -------- d-----w- c:\program files\ESET
2011-11-17 09:09 . 2011-11-17 11:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2011-11-16 18:37 . 2011-11-17 12:35 -------- d-sh--w- c:\documents and settings\OEM\Local Settings\Data aplikací\632ff156
2011-11-08 08:54 . 2011-11-08 09:58 -------- d-----w- c:\program files\WAS
2011-10-30 18:14 . 2011-10-30 18:14 -------- d-----w- c:\documents and settings\OEM\Data aplikací\Search Settings
2011-10-30 18:13 . 2011-11-17 12:47 -------- d-----w- c:\program files\Application Updater
2011-10-30 18:13 . 2011-10-30 18:13 -------- d-----w- c:\program files\IObit Toolbar
2011-10-24 18:31 . 2011-10-24 18:31 -------- d-----w- c:\documents and settings\OEM\Data aplikací\Sonic
2011-10-24 18:31 . 2011-10-24 18:31 89680 ----a-w- c:\documents and settings\OEM\MSSSerif120.fon
2011-10-24 18:31 . 2011-10-24 18:31 -------- d-----w- c:\documents and settings\OEM\Data aplikací\Leadertech
2011-10-24 18:31 . 2011-10-24 18:31 64544 ----a-w- c:\documents and settings\OEM\MSSSerif96.fon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-11 22:07 . 2011-04-30 04:16 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\asyncmac.sys
[-] 2004-08-18 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2004-08-18 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ndis.sys
[-] 2006-05-02 . BC84C4F67D0E880B0C46DC0CE2B8CBAA . 182656 . . [5.1.2600.2899] . . c:\windows\system32\dllcache\ndis.sys
[-] 2006-05-02 . BC84C4F67D0E880B0C46DC0CE2B8CBAA . 182656 . . [5.1.2600.2899] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\SoftwareDistribution\Download\53b506440add8bed5aec578eeae6bb86\sp2qfe\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\SoftwareDistribution\Download\53b506440add8bed5aec578eeae6bb86\sp2gdr\ntfs.sys
[-] 2004-08-18 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2004-08-18 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\SoftwareDistribution\Download\8b3f0b76a887dad5988d39ddc24cfa31\sp2qfe\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
.
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\browser.dll
[-] 2004-08-18 . F219E27E88107A50544153898DD8178E . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\lsass.exe
[-] 2004-08-18 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netman.dll
[-] 2005-08-22 . 86AD5B0E02F2C968FBB096AB4C555C9C . 197632 . . [5.1.2600.2743] . . c:\windows\SoftwareDistribution\Download\6e2ccf29424df6a1513fef8b4d60b6ca\sp2gdr\netman.dll
[-] 2005-08-22 . BB0557B62B95F366464C3C60A0BD6BDF . 197632 . . [5.1.2600.2743] . . c:\windows\SoftwareDistribution\Download\6e2ccf29424df6a1513fef8b4d60b6ca\sp2qfe\netman.dll
[-] 2004-08-18 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\system32\netman.dll
.
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\comres.dll
[-] 2004-08-18 12:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\qmgr.dll
[-] 2004-08-18 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
.
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\system32\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
.
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\services.exe
[-] 2004-08-18 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
.
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\winlogon.exe
[-] 2005-04-01 . 67E4879024A3D0D7AA0A60D3DEDCED06 . 502784 . . [5.1.2600.2645] . . c:\windows\system32\winlogon.exe
.
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . E26B26189B786E6B092F002041D5A1E2 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . E26B26189B786E6B092F002041D5A1E2 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2006-08-25 . 6CB1BAC5FA7E692B63C3D5AAA348E76A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\cryptsvc.dll
[-] 2004-08-18 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
.
[-] 2008-07-07 20:32 . 398314DF0B21338C4996B469101750D1 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:32 . 398314DF0B21338C4996B469101750D1 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\es.dll
[-] 2005-07-26 04:42 . 8B1B932554B6317E97AE3B9D05344470 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:30 . 7B9199B6809586DC2CF30D411CECBD33 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\imm32.dll
[-] 2004-08-18 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
.
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\SoftwareDistribution\Download\cd7fb984a64faa05fdcb52d5d62b1ab2\sp2qfe\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\SoftwareDistribution\Download\cd7fb984a64faa05fdcb52d5d62b1ab2\sp2gdr\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\system32\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\system32\dllcache\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\linkinfo.dll
[-] 2005-09-01 . 3E611531CC70649635FC890B421AECD0 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\lpk.dll
[-] 2004-08-18 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
.
[-] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\system32\mshtml.dll
[-] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2008-12-13 . E32432E44F926075122F5B17E224ABF5 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[-] 2008-10-17 . 00439C27E013BE9DC0A6DDE4B626B6DC . 3593216 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2GDR\mshtml.dll
[-] 2008-10-16 . B5F7E24595A3F05ACE4F1152542FB07F . 3595264 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2QFE\mshtml.dll
[-] 2008-06-24 . 221718BE0A0DE22548C3BF125F19F49A . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[-] 2008-06-23 . B552ADA48C2BA853872AFFCAC88A6513 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[-] 2008-04-23 . 4B0ED25CBE16A4BECE1CCB7F8F7C8112 . 3591680 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[-] 2008-04-23 . 223F1E24EBBF6D6FB67999179DD2D75E . 3593728 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\mshtml.dll
[-] 2008-03-01 . 03093130102A79634BD562406EAE1F2F . 3591680 . . [7.00.6000.16640] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2GDR\mshtml.dll
[-] 2008-03-01 . AA61A6FAA4D691A6ED38FC1099EDE19B . 3593216 . . [7.00.6000.20772] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2QFE\mshtml.dll
[-] 2007-10-30 . E7125FC5771EF8DE8963A6B877E2E65B . 3593216 . . [7.00.6000.20710] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\mshtml.dll
[-] 2007-10-30 . E932C9B7BFAA4B0E18AAA9C61B917DD3 . 3590656 . . [7.00.6000.16587] . . c:\windows\ie7updates\KB950759-IE7\mshtml.dll
[-] 2006-11-07 . CBF04597F9CF7739E572276A2698FDD3 . 3577856 . . [7.00.5730.11] . . c:\windows\ie7updates\KB942615-IE7\mshtml.dll
[-] 2006-02-01 . A1F319431539E1713E04624B8EF3F93B . 3035136 . . [6.00.2900.2838] . . c:\windows\$hf_mig$\KB912945\SP2QFE\mshtml.dll
[-] 2006-02-01 . A1F319431539E1713E04624B8EF3F93B . 3035136 . . [6.00.2900.2838] . . c:\windows\ie7\mshtml.dll
[-] 2006-02-01 . 1199A7679F1B8C9102B8BA446CCA6F22 . 3032576 . . [6.00.2900.2838] . . c:\windows\$NtUninstallKB912945$\mshtml.dll
[-] 2005-11-23 . EA8FA6CCC90F413864E79B515BC571E0 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2004-08-18 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-18 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-18 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 37BABA5DBD9027837FDC27E5D6EF33E1 . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 37BABA5DBD9027837FDC27E5D6EF33E1 . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\mswsock.dll
[-] 2004-08-18 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\netlogon.dll
[-] 2004-08-18 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\powrprof.dll
[-] 2004-08-18 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\scecli.dll
[-] 2004-08-18 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\sfc.dll
[-] 2004-08-18 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\svchost.exe
[-] 2004-08-18 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\tapisrv.dll
[-] 2005-07-08 . 2EB5536278D697C5895A48514682BF64 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 250241D65CCF692AEACC318A266413C2 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\user32.dll
[-] 2007-03-08 . 5393076FDCD6DAEB82814688DDE3E9A2 . 578048 . . [5.1.2600.3099] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 5393076FDCD6DAEB82814688DDE3E9A2 . 578048 . . [5.1.2600.3099] . . c:\windows\system32\dllcache\user32.dll
[-] 2005-03-02 . 3EF380290CE2CA8598E475CEAC4ADB13 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\userinit.exe
[-] 2004-08-18 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
.
[-] 2008-10-16 . 84801E4617B5AFB065DD58438850587D . 826368 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2GDR\wininet.dll
[-] 2008-10-16 . A72D6CC0F715D415003478294C4ECB2A . 827904 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2QFE\wininet.dll
[-] 2008-06-23 . 01EF5E10F55A5AE4D49C93C25879921E . 826368 . . [7.00.6000.16705] . . c:\windows\system32\wininet.dll
[-] 2008-06-23 . 01EF5E10F55A5AE4D49C93C25879921E . 826368 . . [7.00.6000.16705] . . c:\windows\system32\dllcache\wininet.dll
[-] 2008-06-23 . 57BE3F6CA8282AC863C16862C1B65964 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . 03727BB0DE4D4902F951D3BD7D0AC4FE . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 . B2F04AA876DC2E15B59B509DE727F415 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\wininet.dll
[-] 2008-03-01 . 4B0D8A282E0BEF3E52B8B6449D8473DD . 826368 . . [7.00.6000.16640] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2GDR\wininet.dll
[-] 2008-03-01 . 46A1A52EB6C86344C6EBF65B17404C90 . 827392 . . [7.00.6000.20772] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2QFE\wininet.dll
[-] 2007-10-10 . C543CC3D7A05FB0D23107C89115811A0 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2007-10-10 . 3C48D8EFA3FFA68F7AEAAAFFAB6B9CB3 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2006-11-07 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2006-01-09 . 1B28E6C7A9034A7E798D79D035DE3DE1 . 659456 . . [6.00.2900.2823] . . c:\windows\$NtUninstallKB912945$\wininet.dll
[-] 2006-01-09 . FD4554FA8C83594A63325D2D827C3712 . 663040 . . [6.00.2900.2823] . . c:\windows\$hf_mig$\KB912945\SP2QFE\wininet.dll
[-] 2006-01-09 . FD4554FA8C83594A63325D2D827C3712 . 663040 . . [6.00.2900.2823] . . c:\windows\ie7\wininet.dll
[-] 2005-10-21 . FEA61DB28F80AA80550031772B8A9317 . 662528 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ws2_32.dll
[-] 2004-08-18 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ws2help.dll
[-] 2004-08-18 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\system32\dllcache\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\regedit.exe
[-] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\regedit.exe
[-] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ole32.dll
[-] 2005-07-26 . A0D5A763708D868C1EFC18D6F6EEDE0D . 1284608 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll
[-] 2005-07-25 . 93AC0C1189CB7C34910CD00748A23E3A . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
.
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\usp10.dll
[-] 2004-08-18 . E28340F6CB7BAC3EACDA9C74A0BE42BE . 406528 . . [1.0420.2600.2180] . . c:\windows\system32\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ctfmon.exe
[-] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\shsvcs.dll
[-] 2006-12-19 . F961FDD353F9451440197024FDDFE086 . 135168 . . [6.00.2900.3051] . . c:\windows\SoftwareDistribution\Download\81349700e1d0e69ed326704ad04cb3f2\sp2qfe\shsvcs.dll
[-] 2004-08-18 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\srsvc.dll
[-] 2004-08-18 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\wscntfy.exe
[-] 2004-08-18 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\xmlprov.dll
[-] 2004-08-18 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\eventlog.dll
[-] 2004-08-18 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\sfcfiles.dll
[-] 2004-08-18 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\regsvc.dll
[-] 2004-08-18 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\schedsvc.dll
[-] 2004-08-18 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ssdpsrv.dll
[-] 2004-08-18 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\termsrv.dll
[-] 2004-08-18 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\system32\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\hnetcfg.dll
[-] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\system32\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\appmgmts.dll
[-] 2004-08-18 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
.
[-] 2004-08-18 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SoftwareDistribution\Download\798c2b1d212eb7352400a51d77fd6ecb\sp2qfe\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\SoftwareDistribution\Download\798c2b1d212eb7352400a51d77fd6ecb\sp2gdr\aec.sys
[-] 2004-08-03 22:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\AGP440.SYS
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ip6fw.sys
[-] 2004-08-18 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2008-04-14 03:21 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\mfc40u.dll
[-] 2006-11-01 19:19 . 6C44E5766939B7552BFF75B2B6FF1161 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\31081c53fdf82897403792e17717d8e4\sp2qfe\mfc40u.dll
[-] 2004-08-18 12:00 . A9D81C87BEF253D4CE3A5F8CEE2526C4 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\msgsvc.dll
[-] 2004-08-18 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
.
[-] 2005-01-28 12:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-01-28 12:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-01-28 12:44 . 140EF97B64F560FD78643CAE2CDAD838 . 25088 . . [10.0.3790.3802] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-18 12:00 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
[-] 2008-08-14 . 5495B7902AE2EEE3A98D889E9A679724 . 2068224 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 . 6BB160864CAABEEA24D6BA9EDE18B641 . 2065152 . . [5.1.2600.3427] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2008-08-14 . 6BB160864CAABEEA24D6BA9EDE18B641 . 2065152 . . [5.1.2600.3427] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2008-08-14 . 37AB1EFD93B6BD3440AB0B9DEE5CD87A . 2022912 . . [5.1.2600.3427] . . c:\windows\system32\ntkrnlpa.exe
[-] 2008-08-14 . 09CD607918C3F5600D8A111155F62CA6 . 2068224 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[-] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ntkrnlpa.exe
[-] 2007-02-28 . A873FF1754E2A81CB1A34588CAB363D6 . 2061568 . . [5.1.2600.3093] . . c:\windows\SoftwareDistribution\Download\81ffcef05a9ff5107f049b92cbb049e0\sp2qfe\ntkrnlpa.exe
[-] 2006-04-12 . 99C23F92BE05D26C12F78BFB26E68B67 . 2018816 . . [5.1.2600.2885] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
.
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ntmssvc.dll
[-] 2004-08-18 12:00 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\upnphost.dll
[-] 2007-02-05 . 6FD45FDC0C32BC4E81F718B671A3E017 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 0C0C2C77C6B52181369594F2AA36AF40 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 0C0C2C77C6B52181369594F2AA36AF40 . 185344 . . [5.1.2600.3077] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2004-08-18 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\dsound.dll
[-] 2004-08-18 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\d3d9.dll
[-] 2004-08-18 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ddraw.dll
[-] 2004-08-18 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
.
[-] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\olepro32.dll
[-] 2004-08-18 12:00 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\perfctrs.dll
[-] 2004-08-18 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\version.dll
[-] 2004-08-18 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
.
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2GDR\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . c:\windows\SoftwareDistribution\Download\c02b34f424055e53bb04c14641fb150a\SP2QFE\iexplore.exe
[-] 2008-06-23 . 64E376A47763DAEABCDA14BD5B6EA286 . 625664 . . [7.00.6000.16705] . . c:\windows\system32\dllcache\iexplore.exe
[-] 2008-06-23 . C52A9EF571E91535EB78DB4B8B95EA07 . 625664 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
[-] 2008-04-22 . 197B7E4030CFBD8D2979D375E1787AA2 . 625664 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
[-] 2008-04-22 . 232B22817B90AE0AFF2D189E3E3735AC . 625664 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\iexplore.exe
[-] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\iexplore.exe
[-] 2008-02-29 . 2D0E5592AB5A46C27DAF7CCAFF4F5B59 . 625664 . . [7.00.6000.16640] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2GDR\iexplore.exe
[-] 2008-02-22 . 6E0888626E0CAC79F57149814E22DB4D . 625664 . . [7.00.6000.20772] . . c:\windows\SoftwareDistribution\Download\7d4fbc75addb6e920515a380de714932\SP2QFE\iexplore.exe
[-] 2007-10-10 . E854D02E4231F704D9BE782A424E6D8B . 625152 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB950759-IE7\iexplore.exe
[-] 2007-10-10 . 632BDE0179847234433CA50945442ACB . 625664 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
[-] 2006-10-17 . 5334D4461AA92A7B008755FE6D13C5F2 . 622080 . . [7.00.5730.11] . . c:\windows\ie7updates\KB942615-IE7\iexplore.exe
[-] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\ie7\iexplore.exe
.
[-] 2008-08-14 . 2BCBCE27A946C057051A85CB032F49FF . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . C45C335F78C90DC75C05D5260B6888C7 . 2188160 . . [5.1.2600.3427] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2008-08-14 . C45C335F78C90DC75C05D5260B6888C7 . 2188160 . . [5.1.2600.3427] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2008-08-14 . 55EC603D54E1E5BE367B12DC133FAB0B . 2144768 . . [5.1.2600.3427] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-08-14 . 91F18AB1E9ACBF6E27A5545A8F57C89B . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\ntoskrnl.exe
[-] 2007-02-28 . D40B4F66D877802EC5E655B91B5490FA . 2184320 . . [5.1.2600.3093] . . c:\windows\SoftwareDistribution\Download\81ffcef05a9ff5107f049b92cbb049e0\sp2qfe\ntoskrnl.exe
[-] 2006-04-12 . CF4F9297A22A9583612334F8C5C69998 . 2139136 . . [5.1.2600.2885] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\srsvc.dll
[-] 2004-08-18 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\w32time.dll
[-] 2004-08-18 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\system32\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\wiaservc.dll
[-] 2006-12-19 . 1F3BB7CB8064B3EC143D291F7222DF4B . 334336 . . [5.1.2600.3051] . . c:\windows\SoftwareDistribution\Download\b11b8c7d122b985d06d293e3e98fe976\sp2qfe\wiaservc.dll
[-] 2006-12-19 . B824215A934A24928CDDD1EF7E113035 . 334336 . . [5.1.2600.3051] . . c:\windows\SoftwareDistribution\Download\b11b8c7d122b985d06d293e3e98fe976\sp2gdr\wiaservc.dll
[-] 2004-08-18 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\system32\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\midimap.dll
[-] 2004-08-18 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\system32\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\rasadhlp.dll
[-] 2006-06-26 . 907E7787538EDDAAA2EA88A01B4E2F53 . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 408B05D8104FB3C19403450FDA953C7C . 8192 . . [5.1.2600.2938] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . 408B05D8104FB3C19403450FDA953C7C . 8192 . . [5.1.2600.2938] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-18_23.03.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-19 13:38 . 2011-11-19 13:38 10134 c:\windows\Installer\{D7EF9C3C-741D-47B4-B44E-9EA2D65029E7}\callmsi.exe
+ 2011-08-04 08:20 . 2011-08-04 08:20 103112 c:\windows\system32\drivers\epfwtdir.sys
+ 2011-08-04 08:20 . 2011-08-04 08:20 118104 c:\windows\system32\drivers\ehdrv.sys
+ 2011-08-09 12:57 . 2011-08-09 12:57 154136 c:\windows\system32\drivers\eamon.sys
+ 2011-11-20 14:12 . 2011-11-18 10:30 261060 c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2011-11-19 13:38 . 2011-11-19 13:38 105624 c:\windows\Installer\{D7EF9C3C-741D-47B4-B44E-9EA2D65029E7}\egui.exe
+ 2011-11-19 13:38 . 2011-11-19 13:38 1033728 c:\windows\Installer\37ce5.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 19:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-08-09 417112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2007-04-12 196608]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2007-04-12 208896]
"TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2007-04-09 58416]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2007-03-09 66176]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-05 172032]
"TpShocks"="TpShocks.exe" [2007-03-29 181808]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-03-28 243248]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-26 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-26 131072]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2007-02-08 536576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"ISUSPM Startup"="c:\program files\Common Files\Installshield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"AwaySch"="c:\program files\Lenovo\AwayTask\AwaySch.EXE" [2006-11-07 91688]
"LPManager"="c:\progra~1\THINKV~1\PrdCtr\LPMGR.exe" [2007-03-22 120368]
"AMSG"="c:\program files\ThinkVantage\AMSG\Amsg.exe" [2007-02-01 419376]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-08 3076144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.894" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\OEM\Nabídka Start\Programy\Po spuštění\
AccuWeather.lnk - c:\documents and settings\OEM\Dokumenty\AccuWeather.com Stratus\AccuWeather.com Stratus.exe [2011-8-18 142848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-03-14 21:17 89600 ------w- c:\windows\system32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 07:37 34344 ------w- c:\program files\Lenovo\HOTKEY\notifyf2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2006-12-14 02:06 28672 ------w- c:\program files\Lenovo\HOTKEY\tphklock.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
2009-02-27 16:04 278016 ----a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
2009-01-14 13:49 113680 ----a-w- c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
2011-04-28 07:59 220552 ----a-w- c:\program files\PDF24\pdf24.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Common Files\\Adobe AIR\\Versions\\1.0\\Resources\\Adobe AIR Updater.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\IObit\\Advanced SystemCare 4\\ASC.exe"=
"c:\\Program Files\\IObit\\Advanced SystemCare 4\\AutoUpdate.exe"=
"c:\\Documents and Settings\\OEM\\Dokumenty\\AccuWeather.com Stratus\\AccuWeather.com Stratus.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\MFAData\\SelfUpd\\avgmfapx.exe"=
"c:\\Documents and Settings\\OEM\\Dokumenty\\Stažené soubory\\RSIT.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Ask.com\\Updater\\Updater.exe"=
"c:\\Program Files\\AVI ReComp\\AVIReComp.exe"=
"c:\\Documents and Settings\\OEM\\Dokumenty\\Stažené soubory\\tdsskiller.exe"=
.
R0 10418741;10418741;c:\windows\system32\drivers\10418741.sys [18.11.2011 12:22 133208]
R0 44042542;44042542;c:\windows\system32\drivers\44042542.sys [17.11.2011 21:38 133208]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [7.1.2009 23:39 20744]
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2.3.2007 17:47 19760]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [8.9.2011 7:34 974944]
R2 smihlp;SMI Helper Driver (smihlp);c:\program files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [14.3.2007 22:10 11152]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 12:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 14:58 26248]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\drivers\tvti2c.sys [13.9.2006 12:42 35264]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe --> c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [?]
S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe --> c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [?]
S2 TVT Backup Protection Service;TVT Backup Protection Service;"c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe" --> c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [?]
S3 HCYDLAH;HCYDLAH;c:\docume~1\OEM\LOCALS~1\Temp\HCYDLAH.exe --> c:\docume~1\OEM\LOCALS~1\Temp\HCYDLAH.exe [?]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-23 c:\windows\Tasks\ASC4_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 4\PMonitor.exe [2011-08-10 14:40]
.
2011-11-23 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2007-11-20 16:15]
.
2007-11-20 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\system32\OOBE\oobebaln.exe [2007-11-20 12:00]
.
2007-11-20 c:\windows\Tasks\Připomenutí registrace 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2007-11-20 12:00]
.
2011-11-23 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 19:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=1586&gct=hp
mStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.09\AMVConverter\grab.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.09\MediaManager\grab.html
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 212.80.66.7
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\6jts2rqn.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVS2&o=1586&locale=en_EU&apn_uid=0e4ab43d-827c-4778-b5c5-ceeb7f5719f5&apn_ptnrs=^AAA&apn_sauid=A361D9EB-CC1A-4B61-B407-66CFE0F66674&apn_dtid=^YYYYYY^YY^CZ&&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-23 13:10
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\psqlpwd.dll
c:\program files\ThinkVantage Fingerprint Software\homefus2.dll
c:\program files\ThinkVantage Fingerprint Software\infra.dll
c:\program files\ThinkVantage Fingerprint Software\homepass.dll
c:\program files\ThinkVantage Fingerprint Software\bio.dll
c:\program files\ThinkVantage Fingerprint Software\ps2css.dll
c:\program files\ThinkVantage Fingerprint Software\remote.dll
c:\program files\Lenovo\HOTKEY\tphklock.dll
c:\program files\ThinkVantage Fingerprint Software\pscssint.dll
.
- - - - - - - > 'lsass.exe'(1076)
c:\windows\system32\psqlpwd.dll
c:\program files\ThinkVantage Fingerprint Software\homefus2.dll
c:\program files\ThinkVantage Fingerprint Software\infra.dll
.
- - - - - - - > 'explorer.exe'(2312)
c:\windows\system32\msi.dll
.
Celkový čas: 2011-11-23 13:13:37
ComboFix-quarantined-files.txt 2011-11-23 12:13
ComboFix2.txt 2011-11-20 20:12
ComboFix3.txt 2011-11-20 18:51
ComboFix4.txt 2011-11-20 10:28
ComboFix5.txt 2011-11-23 12:04
.
Před spuštěním: Volných bajtů: 24 191 893 504
Po spuštění: Volných bajtů: 24 159 821 824
.
- - End Of File - - 17F8A4DDEB791B1A54933B1FC2D3BDBA

#71 Příspěvek od **JaRon** » 23 lis 2011 14:04

tak toto je take zaujimave citanie - neodolam kolega snad prepaci, ale ked sa vrati az vecer,,, dovtedy este:
- odinstaluj AskToolbar
- prescanuj PC s MBAM - uplny scan - log vloz - NIC NEMAZ

chris.h · #72 Příspěvek od **chris.h** » 23 lis 2011 22:54

Dobrý večer,

tak servis pack již stahuji, ale bude to chvíli trvat, je docela velký...

chris.h · #73 Příspěvek od **chris.h** » 23 lis 2011 23:50

Ask Tool mi nejde odinstalovat... hlásí mi to, že instalační služba není přístupná

MBAM:

Malwarebytes' Anti-Malware
http://www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.11

23.11.2011 23:47:17
mbam-log-2011-11-23 (23-47-01).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 250841
Uplynulý čas: 37 minut, 30 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 4
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\iobit toolbar\IE\4.7\iobittoolbarie.dll (PUP.Dealio.TB) -> No action taken.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> No action taken.

#74 Příspěvek od **JaRon** » 24 lis 2011 07:36

nechaj odstranit najdene a hod tam ten SP3 - ako pisal kolega

chris.h · #75 Příspěvek od **chris.h** » 24 lis 2011 09:39

Tak vše je dokončeno

VIRY.CZ

Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň

Re: Prosím o pomoc, vir Rootkit.Agent.NUS Trojský kůň