Prosim o kontrolu logu-pomaly pocitac,mrzne kurzor mysi

[motji]

ještě poprosím o záložku drivers

[Rinto]

zalozka drivers:

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/30 08:08
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: 00000049
Image Path: \Driver\00000049
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xBA8C8000 Size: 57344 File Visible: - Signed: -
Status: -

Name: Aavmker4.SYS
Image Path: C:\WINDOWS\System32\Drivers\Aavmker4.SYS
Address: 0xBAB40000 Size: 19520 File Visible: - Signed: -
Status: -

Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xBA691000 Size: 187776 File Visible: - Signed: -
Status: -

Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xB7324000 Size: 138496 File Visible: - Signed: -
Status: -

Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xBAA08000 Size: 60800 File Visible: - Signed: -
Status: -

Name: aswFsBlk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys
Address: 0xBAC20000 Size: 32768 File Visible: - Signed: -
Status: -

Name: aswMon2.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswMon2.SYS
Address: 0xB6DBA000 Size: 87424 File Visible: - Signed: -
Status: -

Name: aswRdr.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswRdr.SYS
Address: 0xB6884000 Size: 15104 File Visible: - Signed: -
Status: -

Name: aswSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswSP.SYS
Address: 0xB7268000 Size: 135168 File Visible: - Signed: -
Status: -

Name: aswTdi.SYS
Image Path: C:\WINDOWS\System32\Drivers\aswTdi.SYS
Address: 0xBA9E8000 Size: 39104 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xBA649000 Size: 98304 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0x00000000 Size: 0 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xBAF18000 Size: 3072 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xBADEA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xBACB8000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xBAA48000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xBAAD8000 Size: 62976 File Visible: - Signed: -
Status: -

Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xBA908000 Size: 53248 File Visible: - Signed: -
Status: -

Name: disk.sys
Image Path: disk.sys
Address: 0xBA8F8000 Size: 36352 File Visible: - Signed: -
Status: -

Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xBA9C8000 Size: 61440 File Visible: - Signed: -
Status: -

Name: dtscsi.sys
Image Path: C:\WINDOWS\System32\Drivers\dtscsi.sys
Address: 0xB9844000 Size: 303104 File Visible: - Signed: -
Status: -

Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB7188000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBAE24000 Size: 8192 File Visible: No Signed: -
Status: -

Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xB7264000 Size: 12288 File Visible: - Signed: -
Status: -

Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C4000 Size: 73728 File Visible: - Signed: -
Status: -

Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xBAF8A000 Size: 4096 File Visible: - Signed: -
Status: -

Name: e1e5132.sys
Image Path: C:\WINDOWS\system32\DRIVERS\e1e5132.sys
Address: 0xB98FD000 Size: 266240 File Visible: - Signed: -
Status: -

Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xBAA28000 Size: 44544 File Visible: - Signed: -
Status: -

Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xBA629000 Size: 129792 File Visible: - Signed: -
Status: -

Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xBADE8000 Size: 7936 File Visible: - Signed: -
Status: -

Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xBA661000 Size: 125056 File Visible: - Signed: -
Status: -

Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806E4000 Size: 134400 File Visible: - Signed: -
Status: -

Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xB98B1000 Size: 163840 File Visible: - Signed: -
Status: -

Name: HECI.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HECI.sys
Address: 0xBAA88000 Size: 44672 File Visible: - Signed: -
Status: -

Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xBAA58000 Size: 36864 File Visible: - Signed: -
Status: -

Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xBAC98000 Size: 28672 File Visible: - Signed: -
Status: -

Name: hidusb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Address: 0xB75C2000 Size: 10368 File Visible: - Signed: -
Status: -

Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xB6382000 Size: 265728 File Visible: - Signed: -
Status: -

Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xBAAB8000 Size: 42112 File Visible: - Signed: -
Status: -

Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xBAA78000 Size: 36352 File Visible: - Signed: -
Status: -

Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0xB736E000 Size: 152832 File Visible: - Signed: -
Status: -

Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0xB73ED000 Size: 75264 File Visible: - Signed: -
Status: -

Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xBA8A8000 Size: 37248 File Visible: - Signed: -
Status: -

Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xBAC50000 Size: 24576 File Visible: - Signed: -
Status: -

Name: kbdhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Address: 0xB75AA000 Size: 14592 File Visible: - Signed: -
Status: -

Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xBADA8000 Size: 8192 File Visible: - Signed: -
Status: -

Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xB661D000 Size: 172416 File Visible: - Signed: -
Status: -

Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xB988E000 Size: 143360 File Visible: - Signed: -
Status: -

Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xBA600000 Size: 92928 File Visible: - Signed: -
Status: -

Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xBADEC000 Size: 4224 File Visible: - Signed: -
Status: -

Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xBAC58000 Size: 23040 File Visible: - Signed: -
Status: -

Name: mouhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Address: 0xB75B2000 Size: 12160 File Visible: - Signed: -
Status: -

Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xBA8D8000 Size: 42368 File Visible: - Signed: -
Status: -

Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0xB6B35000 Size: 180608 File Visible: - Signed: -
Status: -

Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0xB7289000 Size: 455296 File Visible: - Signed: -
Status: -

Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xBACA8000 Size: 19072 File Visible: - Signed: -
Status: -

Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xBA948000 Size: 35072 File Visible: - Signed: -
Status: -

Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xBA4DF000 Size: 15488 File Visible: - Signed: -
Status: -

Name: Mup.sys
Image Path: Mup.sys
Address: 0xBA52C000 Size: 105344 File Visible: - Signed: -
Status: -

Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xBA546000 Size: 182656 File Visible: - Signed: -
Status: -

Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xBA4EB000 Size: 10112 File Visible: - Signed: -
Status: -

Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xB6E8C000 Size: 14592 File Visible: - Signed: -
Status: -

Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xB97FD000 Size: 91520 File Visible: - Signed: -
Status: -

Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xBA968000 Size: 40576 File Visible: - Signed: -
Status: -

Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0xBAA18000 Size: 34688 File Visible: - Signed: -
Status: -

Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0xB7346000 Size: 162816 File Visible: - Signed: -
Status: -

Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xBAA98000 Size: 61824 File Visible: - Signed: -
Status: -

Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xBACB0000 Size: 30848 File Visible: - Signed: -
Status: -

Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xBA573000 Size: 574976 File Visible: - Signed: -
Status: -

Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xBAEC4000 Size: 2944 File Visible: - Signed: -
Status: -

Name: nv4_disp.dll
Image Path: C:\WINDOWS\System32\nv4_disp.dll
Address: 0xBF9D6000 Size: 5976064 File Visible: - Signed: -
Status: -

Name: nv4_mini.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
Address: 0xB9952000 Size: 6547872 File Visible: - Signed: -
Status: -

Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xBA8B8000 Size: 61696 File Visible: - Signed: -
Status: -

Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xBAB30000 Size: 19712 File Visible: - Signed: -
Status: -

Name: pci.sys
Image Path: pci.sys
Address: 0xBA680000 Size: 68224 File Visible: - Signed: -
Status: -

Name: pciide.sys
Image Path: pciide.sys
Address: 0xBAE70000 Size: 3328 File Visible: - Signed: -
Status: -

Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xBAB28000 Size: 28672 File Visible: - Signed: -
Status: -

Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xB746D000 Size: 147456 File Visible: - Signed: -
Status: -

Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xB97EC000 Size: 69120 File Visible: - Signed: -
Status: -

Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xBAC40000 Size: 17792 File Visible: - Signed: -
Status: -

Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xBA918000 Size: 35712 File Visible: - Signed: -
Status: -

Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0xBAD80000 Size: 8832 File Visible: - Signed: -
Status: -

Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xBAB08000 Size: 51328 File Visible: - Signed: -
Status: -

Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xBAB18000 Size: 41472 File Visible: - Signed: -
Status: -

Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xBA938000 Size: 48384 File Visible: - Signed: -
Status: -

Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xBAC48000 Size: 16512 File Visible: - Signed: -
Status: -

Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0xB72F9000 Size: 175744 File Visible: - Signed: -
Status: -

Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xBADEE000 Size: 4224 File Visible: - Signed: -
Status: -

Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xBAAE8000 Size: 57600 File Visible: - Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB6138000 Size: 49152 File Visible: No Signed: -
Status: -

Name: SCSIPORT.SYS
Image Path: C:\WINDOWS\System32\Drivers\SCSIPORT.SYS
Address: 0xB982C000 Size: 98304 File Visible: - Signed: -
Status: -

Name: serenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys
Address: 0xBADA4000 Size: 15744 File Visible: - Signed: -
Status: -

Name: serial.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys
Address: 0xBAAA8000 Size: 64512 File Visible: - Signed: -
Status: -

Name: serscan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\serscan.sys
Address: 0xBADC2000 Size: 6784 File Visible: - Signed: -
Status: -

Name: sfng32.sys
Image Path: C:\WINDOWS\system32\drivers\sfng32.sys
Address: 0xB7448000 Size: 73728 File Visible: - Signed: -
Status: -

Name: sptd.sys
Image Path: sptd.sys
Address: 0xBA6D7000 Size: 851968 File Visible: - Signed: -
Status: -

Name: SPTD5821.SYS
Image Path: C:\WINDOWS\System32\Drivers\SPTD5821.SYS
Address: 0xBA6BF000 Size: 98304 File Visible: - Signed: -
Status: -

Name: sr.sys
Image Path: sr.sys
Address: 0xBA617000 Size: 73472 File Visible: - Signed: -
Status: -

Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0xB69F3000 Size: 333952 File Visible: - Signed: -
Status: -

Name: sthda.sys
Image Path: C:\WINDOWS\system32\drivers\sthda.sys
Address: 0xB7491000 Size: 1134304 File Visible: - Signed: -
Status: -

Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xBADC4000 Size: 4352 File Visible: - Signed: -
Status: -

Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xB6BD2000 Size: 60800 File Visible: - Signed: -
Status: -

Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0xB7394000 Size: 361600 File Visible: - Signed: -
Status: -

Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xBAC30000 Size: 20480 File Visible: - Signed: -
Status: -

Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xBA958000 Size: 40704 File Visible: - Signed: -
Status: -

Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xB96EE000 Size: 384768 File Visible: - Signed: -
Status: -

Name: usbccgp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Address: 0xBAB80000 Size: 32128 File Visible: - Signed: -
Status: -

Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xBADD0000 Size: 8192 File Visible: - Signed: -
Status: -

Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xBAC18000 Size: 30208 File Visible: - Signed: -
Status: -

Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0xBA988000 Size: 59520 File Visible: - Signed: -
Status: -

Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xB98D9000 Size: 147456 File Visible: - Signed: -
Status: -

Name: USBSTOR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Address: 0xBAB90000 Size: 26368 File Visible: - Signed: -
Status: -

Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xBAC10000 Size: 20608 File Visible: - Signed: -
Status: -

Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xBACA0000 Size: 20992 File Visible: - Signed: -
Status: -

Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xB993E000 Size: 81920 File Visible: - Signed: -
Status: -

Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xBA8E8000 Size: 52352 File Visible: - Signed: -
Status: -

Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0xBA9F8000 Size: 34560 File Visible: - Signed: -
Status: -

Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xBABF8000 Size: 20480 File Visible: - Signed: -
Status: -

Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xB69B6000 Size: 83072 File Visible: - Signed: -
Status: -

Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -
Status: -

Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\WMILIB.SYS
Address: 0xBADAA000 Size: 8192 File Visible: - Signed: -
Status: -

Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2150400 File Visible: - Signed: -
Status: -

[Rinto]

tak nakoniec sa podarilo urobit log z GMERu

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-30 09:58:18
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kgnoypog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB72706B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB7270574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB7270A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB727014C]
SSDT sptd.sys ZwEnumerateKey [0xBA6DCC7E]
SSDT sptd.sys ZwEnumerateValueKey [0xBA6DCFF6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB727064E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB727008C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB72700F0]
SSDT sptd.sys ZwQueryKey [0xBA6DD0C0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB727076E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB727072E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB72708AE]

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\sptd.sys Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
? C:\WINDOWS\System32\Drivers\SPTD5821.SYS Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9952360, 0x37192D, 0xE8000020]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 B98454D0 16 Bytes [FC, EC, DE, F3, 63, BB, B0, ...]
.text dtscsi.sys!A0DB34FC6FE35D429A28ADDE5467D4D7 + 11 B98454E1 31 Bytes [40, 84, B9, 83, 51, 0A, A1, ...]
? C:\WINDOWS\System32\Drivers\dtscsi.sys Proces nemôže získať prístup k súboru, pretože daný súbor práve používa iný proces.

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6D8A32] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6D8B6E] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6D8AF6] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6D96CC] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6D95A2] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[804] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[804] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A6B4708

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\00000049 \Device\00000042 sptd.sys

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A6B4EB0
Device \Driver\Ftdisk \Device\HarddiskVolume2 8A6B4EB0
Device \FileSystem\Rdbss \Device\FsWrap 8A2C7EB0
Device \Driver\Cdrom \Device\CdRom1 8A4557B0
Device \Driver\atapi \Device\Ide\IdePort0 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdePort1 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdePort2 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-7 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdePort3 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdePort4 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\atapi \Device\Ide\IdePort5 [BA652B40] atapi.sys[unknown section] {MOV EAX, 0x8a6b4b98; XCHG [ESP], EAX; PUSH EAX; PUSH 0xba6ed442; RET }
Device \Driver\USBSTOR \Device\00000080 8A1D9878
Device \Driver\USBSTOR \Device\00000081 8A1D9878
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A4C10E8
Device \Driver\NetBT \Device\NetbiosSmb 8A4C10E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{9DF26FF7-7294-4329-856B-AF61F0D90CF9} 8A4C10E8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Disk \Device\Harddisk0\DR0 8A6B49C0

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Disk \Device\Harddisk1\DR3 8A6B49C0
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+7 8A6B49C0
Device \Driver\Disk \Device\Harddisk2\DR4 8A6B49C0
Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+8 8A6B49C0
Device \Driver\Disk \Device\Harddisk3\DR5 8A6B49C0
Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+9 8A6B49C0
Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+a 8A6B49C0
Device \Driver\Disk \Device\Harddisk4\DR6 8A6B49C0
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A2F6380
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A2F6380
Device \FileSystem\Npfs \Device\NamedPipe 8A4E1370
Device \Driver\USBSTOR \Device\0000007d 8A1D9878
Device \Driver\Ftdisk \Device\FtControl 8A6B4EB0
Device \Driver\USBSTOR \Device\0000007e 8A1D9878
Device \FileSystem\Msfs \Device\Mailslot 8A398850
Device \Driver\USBSTOR \Device\0000007f 8A1D9878
Device \Driver\dtscsi \Device\Scsi\dtscsi1Port6Path0Target0Lun0 8A3E7CB0
Device \Driver\dtscsi \Device\Scsi\dtscsi1 8A3E7CB0
Device \FileSystem\Cdfs \Cdfs 8A22CEB0

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0 1390077970
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1085619914
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -500827519
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE6 0x78 0x95 0x8A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0x17 0x06 0xC2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xAE 0x34 0xBF 0x79 ...

---- EOF - GMER 1.0.15 ----

[motji]

Dejte soubor otestovat na http://www.virustotal.com
C:\WINDOWS\System32\drivers\atapi.sys
Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
Sem vložte link s výsledky.


odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC
- spusťte gmer , zaškrtněte Devices a udělejte sken, log vložte zde




stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu


start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

[Rinto]

otestovane na virustotal:

http://www.virustotal.com/analisis/b4df ... 1264852258


program Daemon tools ani Alcohol mi CCleaner neukazuje,takze ich neviem odinstalovat

[Rinto]

log z GMER zaskrtnute len Devices:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-30 12:59:58
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\kgnoypog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

[motji]

Nevadí, asi už Daemon nebo alcohol v pc nemáte a byli to jen zbytky
ještě poprosím o log z Mbr

[Rinto]

s tym mbr som asi spravil chybu,spustil som ten program mbr,a vyhodilo mi takyto log:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

a ked som dal start a spustit a nakopiroval "%userprofile%\plocha\mbr" -t
tak mi vypisalo taketo

mbrxx.JPG

(29.54 KiB) Staženo 94 x

[motji]

Máte Mbr.exe na ploše?
Zkuste tento příkaz

"%userprofile%\desktop\mbr" -t

[Rinto]

teraz to uz islo

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK

[motji]

Ted už je to ok.
Jak to vypadá s počítačem?

[Rinto]

kurzor este zamrza,a ked otvorim Firefox tak otvori dve okna,v prvom je stranka byteseeker.com a druhe uz je normalne google.com

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Folder::
c:\program files\BearShare Applications
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"=-
Extra::
Firefox::
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\7iqt6mvz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|ht ... k:official\n

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Rinto]

log z ComboFixu

ComboFix 10-01-29.09 - Owner 30.01.2010 15:39:21.3.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2030.1606 [GMT 1:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100130-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\BearShare Applications
c:\program files\BearShare Applications\BearShare MediaBar\basis.xml
c:\program files\BearShare Applications\BearShare MediaBar\bearshare.bmp
c:\program files\BearShare Applications\BearShare MediaBar\bearshare_icons.bmp
c:\program files\BearShare Applications\BearShare MediaBar\bearshare_logo.bmp
c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
c:\program files\BearShare Applications\BearShare MediaBar\BearSharePersonalizationUninstall.exe
c:\program files\BearShare Applications\BearShare MediaBar\beforeNavigate.js
c:\program files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
c:\program files\BearShare Applications\BearShare MediaBar\button_arrow.bmp
c:\program files\BearShare Applications\BearShare MediaBar\button_arrow_clk.bmp
c:\program files\BearShare Applications\BearShare MediaBar\button_arrow_hl.bmp
c:\program files\BearShare Applications\BearShare MediaBar\mailsites.html
c:\program files\BearShare Applications\BearShare MediaBar\myemail.bmp
c:\program files\BearShare Applications\BearShare MediaBar\myemail_hl.bmp
c:\program files\BearShare Applications\BearShare MediaBar\mysites.bmp
c:\program files\BearShare Applications\BearShare MediaBar\mysites_hl.bmp
c:\program files\BearShare Applications\BearShare MediaBar\resizer.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_clk.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_hl.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_images.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_maps.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_news.bmp
c:\program files\BearShare Applications\BearShare MediaBar\search_videos.bmp
c:\program files\BearShare Applications\BearShare MediaBar\showSettings.js
c:\program files\BearShare Applications\BearShare MediaBar\storesearchcriteria.js
c:\program files\BearShare Applications\BearShare MediaBar\topsites.html
c:\program files\BearShare Applications\BearShare MediaBar\Uninstall.exe
c:\program files\BearShare Applications\BearShare MediaBar\version.txt
c:\program files\BearShare Applications\BearShare MediaBar\web.bmp
c:\program files\BearShare Applications\BearShare\ammp3.dll
c:\program files\BearShare Applications\BearShare\avcodec-51.dll
c:\program files\BearShare Applications\BearShare\avformat-51.dll
c:\program files\BearShare Applications\BearShare\avutil-49.dll
c:\program files\BearShare Applications\BearShare\BearShare.exe
c:\program files\BearShare Applications\BearShare\DiscoveryHelper.dll
c:\program files\BearShare Applications\BearShare\FFPage.exe
c:\program files\BearShare Applications\BearShare\FixAudioDriverSignature.reg
c:\program files\BearShare Applications\BearShare\GIFAnimator.dll
c:\program files\BearShare Applications\BearShare\HTML\error.html
c:\program files\BearShare Applications\BearShare\HTML\loading.html
c:\program files\BearShare Applications\BearShare\HTML\noInternet.html
c:\program files\BearShare Applications\BearShare\HTML\offline.html
c:\program files\BearShare Applications\BearShare\IMWebControl.dll
c:\program files\BearShare Applications\BearShare\INSTALL.LOG
c:\program files\BearShare Applications\BearShare\lame_enc.dll
c:\program files\BearShare Applications\BearShare\Launcher.exe
c:\program files\BearShare Applications\BearShare\libungif4.dll
c:\program files\BearShare Applications\BearShare\lic_helper.dll
c:\program files\BearShare Applications\BearShare\license.txt
c:\program files\BearShare Applications\BearShare\licenseWMP11.rtf
c:\program files\BearShare Applications\BearShare\msvcp71.dll
c:\program files\BearShare Applications\BearShare\msvcr71.dll
c:\program files\BearShare Applications\BearShare\NCTAudioCDGrabber2.dll
c:\program files\BearShare Applications\BearShare\NCTAudioCDWriter2.dll
c:\program files\BearShare Applications\BearShare\NCTAudioCompress3.dll
c:\program files\BearShare Applications\BearShare\NCTAudioFile3.dll
c:\program files\BearShare Applications\BearShare\NCTAudioFileWMA3.dll
c:\program files\BearShare Applications\BearShare\NCTAudioFormatSettings3.dll
c:\program files\BearShare Applications\BearShare\NCTDataCDWriter2.dll
c:\program files\BearShare Applications\BearShare\PersonalizationUninstall.exe
c:\program files\BearShare Applications\BearShare\PortableMediaDeviceWrapper.dll
c:\program files\BearShare Applications\BearShare\ResourcesLOC.dll
c:\program files\BearShare Applications\BearShare\shistory.im
c:\program files\BearShare Applications\BearShare\Shw32.dll
c:\program files\BearShare Applications\BearShare\Skins\Default.skn
c:\program files\BearShare Applications\BearShare\Skins\Default.xml
c:\program files\BearShare Applications\BearShare\Skins\Images\DefArtwork.jpg
c:\program files\BearShare Applications\BearShare\Skins\Images\FriendshipNotif.jpg
c:\program files\BearShare Applications\BearShare\Skins\Images\TAFLogo.PNG
c:\program files\BearShare Applications\BearShare\Skins\Images\ToGoLogo.PNG
c:\program files\BearShare Applications\BearShare\Skins\Settings.xml
c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe
c:\program files\BearShare Applications\BearShare\UNWISE.EXE
c:\program files\BearShare Applications\BearShare\UpdateInst.exe
c:\program files\BearShare Applications\BearShare\WMAProfiles.prx
c:\program files\BearShare Applications\BearShare\WMHelper.dll
c:\program files\BearShare Applications\BearShare\WMHelper.log
c:\program files\BearShare Applications\Common\InstallHelper.dll

.
((((((((((((((((((((((((( Files Created from 2009-12-28 to 2010-01-30 )))))))))))))))))))))))))))))))
.

2010-01-30 14:00 . 2010-01-30 14:00 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-01-30 14:00 . 2010-01-30 14:01 -------- d-----w- c:\program files\NVIDIA Corporation
2010-01-30 13:39 . 2010-01-30 13:39 -------- d-----w- c:\windows\system32\sk-SK
2010-01-30 13:38 . 2010-01-05 10:00 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-30 13:38 . 2010-01-05 10:00 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-30 13:38 . 2010-01-05 10:00 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-30 13:38 . 2010-01-05 10:00 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-01-30 13:38 . 2010-01-05 10:00 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-01-30 13:38 . 2010-01-05 10:00 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-30 13:38 . 2009-12-31 15:33 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-30 13:38 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-01-30 13:32 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-01-30 13:32 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-01-30 13:32 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-01-29 20:22 . 2010-01-29 20:22 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-29 19:31 . 2010-01-29 19:31 0 ----a-w- c:\windows\nsreg.dat
2010-01-29 19:31 . 2010-01-29 19:31 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Mozilla
2010-01-29 17:17 . 2010-01-29 17:17 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-01-29 17:17 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-29 17:17 . 2010-01-29 17:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-29 17:17 . 2010-01-29 17:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-29 17:17 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-29 17:10 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-29 17:10 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-29 17:10 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-29 17:10 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-29 17:10 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-29 17:10 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-29 17:10 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-29 17:10 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-29 17:10 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-29 16:54 . 2010-01-29 16:54 -------- d-----w- C:\rsit
2010-01-29 16:54 . 2010-01-29 16:54 -------- d-----w- c:\program files\trend micro
2010-01-29 16:27 . 2010-01-29 16:27 -------- d-----w- c:\program files\CCleaner
2010-01-29 16:15 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-29 16:07 . 2010-01-29 16:07 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera
2010-01-29 16:00 . 2010-01-29 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2010-01-15 18:32 . 2009-10-21 05:38 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
2010-01-15 18:32 . 2009-10-21 05:38 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
2010-01-15 18:32 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys
2010-01-12 11:03 . 2010-01-12 11:03 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-12 11:03 . 2010-01-12 11:03 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-12 11:03 . 2010-01-12 11:03 2283526 ----a-w- c:\windows\system32\nvdata.bin
2010-01-12 11:03 . 2010-01-12 11:03 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-12 11:03 . 2010-01-12 11:03 11632640 ----a-w- c:\windows\system32\nvcompiler.dll
2010-01-11 21:17 . 2010-01-11 21:17 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-01-11 21:17 . 2010-01-11 21:17 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-01-11 21:17 . 2010-01-11 21:17 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-01-11 21:17 . 2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-11 21:17 . 2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-11 21:17 . 2010-01-11 21:17 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-01-11 20:31 . 2010-01-11 20:31 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-01-11 20:31 . 2010-01-11 20:31 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\ESET
2010-01-11 20:29 . 2010-01-11 20:29 -------- d-----w- c:\documents and settings\Owner\Application Data\ESET
2010-01-11 19:29 . 2009-07-17 16:22 1435648 -c----w- c:\windows\system32\dllcache\query.dll
2010-01-11 19:29 . 2009-10-12 13:38 149504 -c----w- c:\windows\system32\dllcache\rastls.dll
2010-01-11 19:29 . 2009-10-12 13:38 79872 -c----w- c:\windows\system32\dllcache\raschap.dll
2010-01-11 19:29 . 2009-09-04 21:03 58880 -c----w- c:\windows\system32\dllcache\msasn1.dll
2010-01-11 19:29 . 2009-10-13 10:30 270336 -c----w- c:\windows\system32\dllcache\oakley.dll
2010-01-11 19:22 . 2010-01-11 19:22 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-30 14:24 . 2008-09-14 09:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-30 14:21 . 2008-09-14 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-30 13:46 . 2010-01-30 13:33 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-30 13:33 . 2010-01-30 13:33 -------- d-----w- c:\documents and settings\Owner\Application Data\Windows Desktop Search
2010-01-12 11:03 . 2008-04-30 17:07 592488 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-12 11:03 . 2008-04-30 17:06 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-12 11:03 . 2008-01-07 14:37 14458880 ----a-w- c:\windows\system32\nvoglnt.dll
2010-01-12 11:03 . 2008-01-03 14:26 6359168 ----a-w- c:\windows\system32\nv4_disp.dll
2010-01-12 11:03 . 2008-01-03 14:26 4104192 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-12 11:03 . 2008-01-03 14:26 182888 ----a-w- c:\windows\system32\nvcodins.dll
2010-01-12 11:03 . 2008-01-03 14:26 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-12 11:03 . 2008-01-03 14:26 1081344 ----a-w- c:\windows\system32\nvapi.dll
2010-01-12 11:03 . 2008-01-03 14:26 10276768 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-01-11 18:39 . 2008-05-01 12:29 13104 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-05 10:00 . 2006-02-28 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2006-02-28 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2006-02-28 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-29_22.08.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-30 14:06 . 2010-01-30 14:06 16384 c:\windows\Temp\Perflib_Perfdata_5d4.dat
+ 2008-05-26 21:18 . 2008-05-26 21:18 56320 c:\windows\system32\xmlfilter.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 97792 c:\windows\system32\UncCplExt.dll
+ 2008-05-26 20:59 . 2008-05-26 20:59 18904 c:\windows\system32\structuredqueryschematrivial.bin
+ 2008-04-30 16:50 . 2009-05-12 14:12 26144 c:\windows\system32\spupdsvc.exe
+ 2008-04-30 17:25 . 2009-05-12 14:12 16928 c:\windows\system32\spmsg.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 87552 c:\windows\system32\searchfilterhost.exe
+ 2008-05-26 21:18 . 2008-05-26 21:18 38400 c:\windows\system32\rtffilt.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 81920 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvwddi.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 86016 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmctray.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 35840 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvcod.dll
+ 2010-01-30 14:00 . 2007-06-08 02:56 54272 c:\windows\system32\ReinstallBackups\0023\DriverFiles\sfng32.sys
+ 2010-01-30 13:59 . 2008-04-14 00:12 23552 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\wdmaud.drv
+ 2010-01-30 13:59 . 2008-04-13 18:45 49408 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\stream.sys
+ 2010-01-30 13:59 . 2008-04-13 18:45 60160 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\drmk.sys
+ 2010-01-30 13:59 . 2006-02-28 12:00 12160 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\mouhid.sys
+ 2010-01-30 13:59 . 2008-04-13 18:39 23040 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\mouclass.sys
+ 2008-05-26 21:18 . 2008-05-26 21:18 71680 c:\windows\system32\propdefs.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 44544 c:\windows\system32\pngfilt.dll
+ 2006-02-28 12:00 . 2010-01-30 13:33 78250 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2009-10-08 13:56 20480 c:\windows\system32\oleaccrc.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 11264 c:\windows\system32\oephRes.dll
+ 2006-06-29 07:05 . 2006-06-29 07:05 23552 c:\windows\system32\normaliz.dll
+ 2006-06-28 16:59 . 2006-06-28 16:59 24576 c:\windows\system32\nlsdl.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 98304 c:\windows\system32\nlhtml.dll
+ 2006-02-28 12:00 . 2008-03-07 17:02 98304 c:\windows\system32\nlhtml.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 44032 c:\windows\system32\msstrc.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 32768 c:\windows\system32\mssprxy.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 87552 c:\windows\system32\mssitlb.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 11776 c:\windows\system32\msshooks.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 60416 c:\windows\system32\msscntrs.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 34816 c:\windows\system32\msscb.dll
+ 2006-02-28 12:00 . 2007-08-14 01:01 48128 c:\windows\system32\mshtmler.dll
+ 2006-02-28 12:00 . 2007-08-14 01:32 45568 c:\windows\system32\mshta.exe
+ 2010-01-30 13:33 . 2007-08-14 01:36 12288 c:\windows\system32\msfeedssync.exe
+ 2010-01-30 13:33 . 2010-01-05 10:00 52224 c:\windows\system32\msfeedsbs.dll
- 2006-02-28 12:00 . 2008-04-14 00:11 29696 c:\windows\system32\mimefilt.dll
+ 2006-02-28 12:00 . 2008-03-07 17:02 29696 c:\windows\system32\mimefilt.dll
+ 2006-02-28 12:00 . 2007-08-14 01:44 40960 c:\windows\system32\licmgr10.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 27648 c:\windows\system32\jsproxy.dll
+ 2006-02-28 12:00 . 2007-08-14 01:39 92672 c:\windows\system32\inseng.dll
+ 2006-02-28 12:00 . 2007-08-14 01:36 36352 c:\windows\system32\imgutil.dll
+ 2010-01-30 13:33 . 2009-12-31 15:33 13824 c:\windows\system32\ieudinit.exe
+ 2006-02-28 12:00 . 2007-08-14 01:39 55296 c:\windows\system32\iesetup.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 44544 c:\windows\system32\iernonce.dll
+ 2006-02-28 12:00 . 2009-12-31 15:33 70656 c:\windows\system32\ie4uinit.exe
+ 2006-06-29 07:05 . 2006-06-29 07:05 26112 c:\windows\system32\idndl.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 63488 c:\windows\system32\icardie.dll
- 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\system32\drivers\stream.sys
+ 2004-08-03 23:08 . 2008-04-13 19:45 49408 c:\windows\system32\drivers\stream.sys
- 2008-04-30 16:50 . 2008-04-13 18:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2008-04-30 16:50 . 2008-04-13 19:45 60160 c:\windows\system32\drivers\drmk.sys
+ 2004-08-03 23:08 . 2008-04-13 19:45 49408 c:\windows\system32\dllcache\stream.sys
+ 2010-01-30 13:33 . 2010-01-05 10:00 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2006-02-28 12:00 . 2009-10-08 13:56 20480 c:\windows\system32\dllcache\oleaccrc.dll
+ 2010-01-30 13:33 . 2007-08-14 01:01 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2010-01-30 13:33 . 2007-08-14 01:32 45568 c:\windows\system32\dllcache\mshta.exe
+ 2010-01-30 13:33 . 2007-08-14 01:44 40960 c:\windows\system32\dllcache\licmgr10.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-01-30 13:33 . 2007-08-14 01:39 92672 c:\windows\system32\dllcache\inseng.dll
+ 2010-01-30 13:33 . 2007-08-14 01:36 36352 c:\windows\system32\dllcache\imgutil.dll
+ 2010-01-30 13:33 . 2007-08-14 01:39 55296 c:\windows\system32\dllcache\iesetup.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-02-20 08:10 . 2010-01-05 10:00 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2010-01-30 13:33 . 2007-08-14 01:44 69120 c:\windows\system32\dllcache\iedw.exe
+ 2010-01-30 13:33 . 2009-12-31 15:33 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-01-30 13:33 . 2007-08-14 01:18 60416 c:\windows\system32\dllcache\hmmapi.dll
+ 2008-04-30 16:50 . 2008-04-13 19:45 60160 c:\windows\system32\dllcache\drmk.sys
+ 2008-04-30 16:12 . 2007-08-14 01:54 33792 c:\windows\system32\dllcache\custsat.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-01-30 13:33 . 2007-08-14 01:39 71680 c:\windows\system32\dllcache\admparse.dll
+ 2006-02-28 12:00 . 2007-08-14 01:39 71680 c:\windows\system32\admparse.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-01-30 13:38 . 2009-10-28 14:36 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-01-30 13:38 . 2009-10-29 07:46 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-01-30 13:38 . 2009-10-28 14:36 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-01-30 13:38 . 2009-10-29 07:46 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll
+ 2010-01-30 13:38 . 2007-08-14 01:36 44544 c:\windows\ie7updates\KB976325-IE7\pngfilt.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 50688 c:\windows\ie7updates\KB976325-IE7\msfeedsbs.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 27136 c:\windows\ie7updates\KB976325-IE7\jsproxy.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 13312 c:\windows\ie7updates\KB976325-IE7\ieudinit.exe
+ 2010-01-30 13:38 . 2007-08-14 01:39 43008 c:\windows\ie7updates\KB976325-IE7\iernonce.dll
+ 2010-01-30 13:38 . 2009-12-22 05:20 81920 c:\windows\ie7updates\KB976325-IE7\ieencode.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 54784 c:\windows\ie7updates\KB976325-IE7\ie4uinit.exe
+ 2010-01-30 13:38 . 2007-08-14 01:36 61952 c:\windows\ie7updates\KB976325-IE7\icardie.dll
+ 2010-01-30 13:38 . 2008-04-14 00:11 35328 c:\windows\ie7updates\KB976325-IE7\corpol.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 37888 c:\windows\ie7\url.dll
+ 2010-01-30 13:38 . 2007-08-14 01:52 66048 c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2010-01-30 13:38 . 2007-08-14 01:54 32960 c:\windows\ie7\spuninst\iecustom.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 39424 c:\windows\ie7\pngfilt.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 96256 c:\windows\ie7\occache.dll
+ 2010-01-30 13:37 . 2008-04-13 16:26 56832 c:\windows\ie7\mshtmler.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 29184 c:\windows\ie7\mshta.exe
+ 2010-01-30 13:37 . 2008-04-14 00:11 22016 c:\windows\ie7\licmgr10.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 15872 c:\windows\ie7\jsproxy.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 96256 c:\windows\ie7\inseng.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 35840 c:\windows\ie7\imgutil.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 93184 c:\windows\ie7\iexplore.exe
+ 2010-01-30 13:37 . 2008-04-14 00:11 62976 c:\windows\ie7\iesetup.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 48640 c:\windows\ie7\iernonce.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 18432 c:\windows\ie7\iedw.exe
+ 2010-01-30 13:37 . 2008-04-14 00:12 34304 c:\windows\ie7\ie4uinit.exe
+ 2010-01-30 13:37 . 2008-04-14 00:11 38912 c:\windows\ie7\hmmapi.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 55808 c:\windows\ie7\extmgr.dll
+ 2010-01-30 13:37 . 2004-09-22 16:45 28672 c:\windows\ie7\custsat.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 99840 c:\windows\ie7\advpack.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 61440 c:\windows\ie7\admparse.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 2048 c:\windows\system32\UncRes.dll
+ 2010-01-30 13:59 . 2008-04-14 00:11 4096 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\ksuser.dll
+ 2008-04-30 16:50 . 2008-04-14 01:11 4096 c:\windows\system32\ksuser.dll
- 2008-04-30 16:50 . 2008-04-14 00:11 4096 c:\windows\system32\ksuser.dll
+ 2004-04-19 14:01 . 2004-04-19 14:01 6656 c:\windows\system32\drivers\gflmouhid.sys
+ 2008-04-30 16:50 . 2008-04-14 01:11 4096 c:\windows\system32\dllcache\ksuser.dll
+ 2010-01-30 13:33 . 2007-08-14 01:45 206336 c:\windows\system32\WinFXDocObj.exe
+ 2006-02-28 12:00 . 2010-01-05 10:00 233472 c:\windows\system32\webcheck.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 105984 c:\windows\system32\url.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 131072 c:\windows\system32\UncPH.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 108032 c:\windows\system32\UncNE.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 143872 c:\windows\system32\UncDMS.dll
+ 2007-10-09 11:03 . 2009-10-08 13:57 611328 c:\windows\system32\uiautomationcore.dll
+ 2008-05-26 20:59 . 2008-05-26 20:59 106605 c:\windows\system32\structuredqueryschema.bin
+ 2008-04-30 16:50 . 2008-04-10 19:08 212992 c:\windows\system32\stacsv.exe
+ 2008-04-30 16:50 . 2008-04-10 19:07 164352 c:\windows\system32\staco.dll
+ 2008-04-30 16:50 . 2008-04-10 19:08 372736 c:\windows\system32\stacapi.dll
+ 2008-05-26 21:17 . 2008-05-26 21:17 301568 c:\windows\system32\srchadmin.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 184832 c:\windows\system32\searchprotocolhost.exe
+ 2008-05-26 21:18 . 2008-05-26 21:18 439808 c:\windows\system32\searchindexer.exe
+ 2010-01-30 14:00 . 2008-03-25 00:52 155716 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvsvc32.exe
+ 2010-01-30 14:00 . 2008-03-25 00:52 286720 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvnt4cpl.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 458752 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmccssr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 188416 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmccss.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 229376 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmccs.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 413696 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvapi.dll
+ 2010-01-30 14:00 . 2007-06-08 02:56 117248 c:\windows\system32\ReinstallBackups\0023\DriverFiles\staco.dll
+ 2010-01-30 14:00 . 2007-06-08 02:56 229376 c:\windows\system32\ReinstallBackups\0023\DriverFiles\stacapi.dll
+ 2010-01-30 13:59 . 2008-04-13 19:19 146048 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\portcls.sys
+ 2010-01-30 13:59 . 2008-04-13 19:16 141056 c:\windows\system32\ReinstallBackups\0023\DriverFiles\i386\ks.sys
+ 2008-05-26 21:17 . 2008-05-26 21:17 754176 c:\windows\system32\propsys.dll
+ 2006-02-28 12:00 . 2010-01-30 13:33 462304 c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2009-10-08 13:57 220160 c:\windows\system32\oleacc.dll
+ 2006-02-28 12:00 . 2008-03-07 17:02 192000 c:\windows\system32\offfilt.dll
- 2006-02-28 12:00 . 2008-04-14 00:12 192000 c:\windows\system32\offfilt.dll
+ 2008-05-26 21:19 . 2008-05-26 21:19 273408 c:\windows\system32\oeph.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 102912 c:\windows\system32\occache.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 671232 c:\windows\system32\mstime.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 203776 c:\windows\system32\mssphtb.dll
+ 2008-05-26 21:18 . 2009-05-24 23:24 350208 c:\windows\system32\mssph.dll
+ 2008-05-26 21:18 . 2008-05-26 21:18 231936 c:\windows\system32\msshsq.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 193024 c:\windows\system32\msrating.dll
+ 2006-02-28 12:00 . 2007-08-14 01:54 156160 c:\windows\system32\msls31.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 477696 c:\windows\system32\mshtmled.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 459264 c:\windows\system32\msfeeds.dll
+ 2010-01-30 13:33 . 2007-08-14 01:54 180736 c:\windows\system32\ieui.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 268288 c:\windows\system32\iertutil.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 192512 c:\windows\system32\iepeers.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 385024 c:\windows\system32\iedkcs32.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 380928 c:\windows\system32\ieapfltr.dll
+ 2006-02-28 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 230400 c:\windows\system32\ieaksie.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 153088 c:\windows\system32\ieakeng.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 133120 c:\windows\system32\extmgr.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 214528 c:\windows\system32\dxtrans.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 347136 c:\windows\system32\dxtmsft.dll
+ 2004-03-16 08:58 . 2008-04-13 20:19 146048 c:\windows\system32\drivers\portcls.sys
- 2004-03-16 08:58 . 2008-04-13 19:19 146048 c:\windows\system32\drivers\portcls.sys
- 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\system32\drivers\ks.sys
+ 2004-08-03 23:15 . 2008-04-13 20:16 141056 c:\windows\system32\drivers\ks.sys
+ 2008-04-21 06:44 . 2010-01-05 10:00 832512 c:\windows\system32\dllcache\wininet.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2010-01-30 13:33 . 2008-05-27 17:23 765952 c:\windows\system32\dllcache\vgx.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 105984 c:\windows\system32\dllcache\url.dll
+ 2010-01-30 13:33 . 2006-09-23 20:12 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-03-16 08:58 . 2008-04-13 20:19 146048 c:\windows\system32\dllcache\portcls.sys
+ 2006-02-28 12:00 . 2009-10-08 13:57 220160 c:\windows\system32\dllcache\oleacc.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 102912 c:\windows\system32\dllcache\occache.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 671232 c:\windows\system32\dllcache\mstime.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 193024 c:\windows\system32\dllcache\msrating.dll
+ 2006-02-28 12:00 . 2007-08-14 01:54 156160 c:\windows\system32\dllcache\msls31.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-03 23:15 . 2008-04-13 20:16 141056 c:\windows\system32\dllcache\ks.sys
+ 2010-01-30 13:33 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2010-01-30 13:33 . 2010-01-05 10:00 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2006-02-28 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 124928 c:\windows\system32\dllcache\advpack.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 124928 c:\windows\system32\advpack.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-01-30 13:38 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-01-30 13:38 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-01-30 13:38 . 2009-10-29 07:46 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-01-30 13:38 . 2009-10-28 06:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-01-30 13:38 . 2009-10-29 07:46 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-01-30 13:38 . 2009-10-28 06:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 818688 c:\windows\ie7updates\KB976325-IE7\wininet.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 231424 c:\windows\ie7updates\KB976325-IE7\webcheck.dll
+ 2010-01-30 13:38 . 2007-08-14 01:44 105984 c:\windows\ie7updates\KB976325-IE7\url.dll
+ 2010-01-30 13:38 . 2009-05-26 11:40 382840 c:\windows\ie7updates\KB976325-IE7\spuninst\updspapi.dll
+ 2010-01-30 13:38 . 2009-05-26 11:40 231288 c:\windows\ie7updates\KB976325-IE7\spuninst\spuninst.exe
+ 2010-01-30 13:38 . 2007-08-14 01:44 101376 c:\windows\ie7updates\KB976325-IE7\occache.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 670720 c:\windows\ie7updates\KB976325-IE7\mstime.dll
+ 2010-01-30 13:38 . 2007-08-14 01:44 192000 c:\windows\ie7updates\KB976325-IE7\msrating.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 475648 c:\windows\ie7updates\KB976325-IE7\mshtmled.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 458752 c:\windows\ie7updates\KB976325-IE7\msfeeds.dll
+ 2010-01-30 13:38 . 2007-08-14 01:43 622080 c:\windows\ie7updates\KB976325-IE7\iexplore.exe
+ 2010-01-30 13:38 . 2007-08-14 01:34 266752 c:\windows\ie7updates\KB976325-IE7\iertutil.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 382976 c:\windows\ie7updates\KB976325-IE7\iedkcs32.dll
+ 2010-01-30 13:38 . 2007-07-11 19:27 383488 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dll
+ 2010-01-30 13:38 . 2007-08-14 00:56 161792 c:\windows\ie7updates\KB976325-IE7\ieakui.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 229376 c:\windows\ie7updates\KB976325-IE7\ieaksie.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 152064 c:\windows\ie7updates\KB976325-IE7\ieakeng.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 131584 c:\windows\ie7updates\KB976325-IE7\extmgr.dll
+ 2010-01-30 13:38 . 2007-08-14 01:35 214528 c:\windows\ie7updates\KB976325-IE7\dxtrans.dll
+ 2010-01-30 13:38 . 2007-08-14 01:35 346624 c:\windows\ie7updates\KB976325-IE7\dxtmsft.dll
+ 2010-01-30 13:38 . 2007-08-14 01:39 123904 c:\windows\ie7updates\KB976325-IE7\advpack.dll
+ 2010-01-30 13:47 . 2007-08-14 01:54 765952 c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2010-01-30 13:47 . 2007-03-06 01:23 371424 c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2010-01-30 13:47 . 2007-03-06 01:22 213216 c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2010-01-30 13:39 . 2006-09-07 00:43 371424 c:\windows\ie7updates\IE7-LIP\spuninst\updspapi.dll
+ 2010-01-30 13:39 . 2006-09-07 00:43 213216 c:\windows\ie7updates\IE7-LIP\spuninst\spuninst.exe
+ 2010-01-30 13:37 . 2009-12-22 05:21 667136 c:\windows\ie7\wininet.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 276480 c:\windows\ie7\webcheck.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 851968 c:\windows\ie7\vgx.dll
+ 2010-01-30 13:37 . 2009-12-22 05:21 627712 c:\windows\ie7\urlmon.dll
+ 2010-01-30 13:38 . 2006-09-07 00:43 371424 c:\windows\ie7\spuninst\updspapi.dll
+ 2010-01-30 13:38 . 2006-09-07 00:43 213216 c:\windows\ie7\spuninst\spuninst.exe
+ 2010-01-30 13:37 . 2008-04-14 00:12 532480 c:\windows\ie7\mstime.dll
+ 2010-01-30 13:37 . 2008-04-14 00:12 146432 c:\windows\ie7\msrating.dll
+ 2010-01-30 13:37 . 2006-02-28 12:00 146432 c:\windows\ie7\msls31.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 449024 c:\windows\ie7\mshtmled.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 251904 c:\windows\ie7\iepeers.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 323584 c:\windows\ie7\iedkcs32.dll
+ 2010-01-30 13:37 . 2006-02-28 12:00 221184 c:\windows\ie7\ieakui.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 216576 c:\windows\ie7\ieaksie.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 143360 c:\windows\ie7\ieakeng.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 205312 c:\windows\ie7\dxtrans.dll
+ 2010-01-30 13:37 . 2008-04-14 00:11 357888 c:\windows\ie7\dxtmsft.dll
+ 2006-02-28 12:00 . 2010-01-05 10:00 1168384 c:\windows\system32\urlmon.dll
+ 2008-05-26 21:21 . 2008-05-26 21:21 1582592 c:\windows\system32\tquery.dll
+ 2008-04-30 16:50 . 2008-04-10 19:06 2129920 c:\windows\system32\stlang.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 2670592 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvwssr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 2629632 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvwss.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 4136960 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvvitvsr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 3776512 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvvitvs.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 8634368 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvoglnt.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 2854912 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmoblsr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 1257472 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvmobls.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 3444736 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvgamesr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 3469312 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvgames.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 5783552 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvdispsr.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 6582272 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvdisps.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 1126400 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvcuda.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 6547872 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nv4_mini.sys
+ 2010-01-30 14:00 . 2008-03-25 00:52 5974528 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nv4_disp.dll
+ 2010-01-30 13:59 . 2007-06-08 02:56 1184168 c:\windows\system32\ReinstallBackups\0023\DriverFiles\sthda.sys
+ 2008-05-26 21:21 . 2008-05-26 21:21 1418240 c:\windows\system32\mssrch.dll
+ 2006-02-28 12:00 . 2010-01-05 14:30 3599360 c:\windows\system32\mshtml.dll
+ 2010-01-30 13:33 . 2010-01-05 10:00 6067200 c:\windows\system32\ieframe.dll
+ 2010-01-30 13:33 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2008-04-30 16:50 . 2008-04-10 19:10 1271032 c:\windows\system32\drivers\sthda.sys
+ 2008-06-26 08:15 . 2010-01-05 10:00 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-21 06:44 . 2010-01-05 14:30 3599360 c:\windows\system32\dllcache\mshtml.dll
+ 2010-01-30 13:33 . 2006-09-23 20:12 1022976 c:\windows\system32\dllcache\browseui.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-01-30 13:38 . 2009-10-29 12:16 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-01-30 13:38 . 2009-10-29 07:46 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
+ 2010-01-30 13:38 . 2009-06-29 08:33 2452872 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dat
+ 2010-01-30 13:38 . 2007-08-14 01:54 1162240 c:\windows\ie7updates\KB976325-IE7\urlmon.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 3578368 c:\windows\ie7updates\KB976325-IE7\mshtml.dll
+ 2010-01-30 13:38 . 2007-08-14 01:54 6049280 c:\windows\ie7updates\KB976325-IE7\ieframe.dll
+ 2010-01-30 13:38 . 2007-02-12 23:10 2451312 c:\windows\ie7updates\KB976325-IE7\ieapfltr.dat
+ 2010-01-30 13:37 . 2009-12-22 05:21 3071488 c:\windows\ie7\mshtml.dll
+ 2010-01-30 14:00 . 2008-03-25 00:52 13524992 c:\windows\system32\ReinstallBackups\0025\DriverFiles\nvcpl.dll
+ 2008-01-03 14:26 . 2010-01-12 11:03 10276768 c:\windows\system32\dllcache\nv4_mini.sys
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [29.1.2010 18:10 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.1.2010 18:10 20560]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [19.4.2004 15:01 6656]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\7iqt6mvz.default\
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

BHO-{6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
HKLM-Run-SysTrayApp - c:\program files\IDT\WDM\sttray.exe
HKLM-Run-nwiz - nwiz.exe
AddRemove-BearShare - c:\program files\BearShare Applications\BearShare\UninstallSurvey.exe
AddRemove-BearShare MediaBar - c:\program files\BearShare Applications\BearShare MediaBar\Uninstall.exe
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-30 15:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-01-30 15:43:38
ComboFix-quarantined-files.txt 2010-01-30 14:43
ComboFix2.txt 2010-01-29 22:09

Pre-Run: 84 032 897 024 bytes free
Post-Run: 83 993 763 840 bytes free

- - End Of File - - 5EA185676FC89631C8BDC0DBC88B9D98

[motji]

Jak to vypadá ted? Stále Vám vyskakuje ta stránka?