Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2011-04-09 21:11:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (15%) free of 45 GB
Total RAM: 2047 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:11:19, on 9.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\windows\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\windows\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\windows\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\cacaoweb\cacaoweb.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\PnkBstrB.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\download\RSIT.exe
C:\Program Files\trend micro\PC.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://tudosearch.com/index.php?q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - d:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\5638\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: SearchBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775b} - mscoree.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Documents and Settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: SearchBar - {c9a6357b-25cc-4bcf-96c1-78736985d412} - mscoree.dll (file missing)
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - d:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cacaoweb] "C:\Program Files\cacaoweb\cacaoweb.exe" -noplayer
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Startup: Xfire.lnk = J:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Orbit.lnk = D:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Do&wnload selected by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://d:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Slovníky - {06F14300-93F6-420F-98A8-C337DD007C15} - http://slovniky.centrum.cz (file missing) (HKCU)
O9 - Extra button: Počasí - {0999CBF4-29BB-4AC0-8454-9E397362F8F0} - http://pocasi.centrum.cz (file missing) (HKCU)
O9 - Extra button: Supermapy - {235C9636-D559-4BB3-B5B0-C99B809D0FE5} - http://www.supermapy.cz (file missing) (HKCU)
O9 - Extra button: Fotoalba - {4BB9C9F8-FD25-4C41-B0A8-E3D3921BE147} - http://www.fotoalba.cz (file missing) (HKCU)
O9 - Extra button: Bleskově - {51A673C9-9600-4895-BFE9-3107324B9ED5} - http://www.bleskove.cz (file missing) (HKCU)
O9 - Extra button: Stahuj.cz - {7A9344BE-0377-43DD-85E7-2D368105E397} - http://www.stahuj.cz (file missing) (HKCU)
O9 - Extra button: Aktuálně - {BC73E454-DEAA-4A97-A1F4-7F1507B3214A} - http://aktualne.centrum.cz (file missing) (HKCU)
O9 - Extra button: Xchat.cz - {E971688C-F056-468C-92BE-D65D27A2BE01} - http://www.xchat.cz (file missing) (HKCU)
O9 - Extra button: Centrum.cz - {F7AFFB01-8A2D-4B82-879F-CEE7375A166A} - http://www.centrum.cz (file missing) (HKCU)
O9 - Extra button: Žena.cz - {FAEFA620-4D3E-4DD8-B44F-6A16E4E8EDF4} - http://www.zena.cz (file missing) (HKCU)
O16 - DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - http://games.icq.com/online/online2/pir ... 0.0.32.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O18 - Protocol: toolbarchrome - {718733BC-AD64-4E5F-AC18-A85FBD75D54D} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate1caa1c0485e21a) (gupdate1caa1c0485e21a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 14417 bytes
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Norton Security Scan for PC.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1390067357-725345543-1004.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1390067357-725345543-1004.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - d:\Program Files\Orbitdownloader\orbitcth.dll [2008-10-31 130248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-28 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\5638\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-09-02 1241448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d970ed5-3eda-438d-bffd-715931e2775b}]
SearchBar.InitToolbarBHO - C:\windows\system32\mscoree.dll [2009-11-07 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-10-30 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Documents and Settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll [2011-03-08 432640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-28 501056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{c9a6357b-25cc-4bcf-96c1-78736985d412} - SearchBar - C:\windows\system32\mscoree.dll [2009-11-07 297808]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-09-02 1241448]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - d:\Program Files\Orbitdownloader\GrabPro.dll [2008-10-31 441464]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\windows\SkyTel.EXE [2006-05-16 2879488]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2006-12-19 16062464]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-11-30 32768]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-11-02 2216960]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-07-14 13877248]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2010-02-15 417792]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2010-10-30 274608]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-02-15 1230704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=D:\Program Files\uTorrent\uTorrent.exe [2011-03-31 399736]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"cacaoweb"=C:\Program Files\cacaoweb\cacaoweb.exe [2011-04-08 369392]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Orbit.lnk - D:\Program Files\Orbitdownloader\orbitdm.exe
C:\Documents and Settings\PC\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
Xfire.lnk - J:\Program Files\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"d:\Program Files\Orbitdownloader\orbitdm.exe"="d:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"d:\Program Files\Orbitdownloader\orbitnet.exe"="d:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\World of Warcraft\Launcher.exe"="D:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"J:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="J:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"J:\Program Files\World of Warcraft\Launcher.exe"="J:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ"
"D:\Program Files\Garena\Garena.exe"="D:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"D:\Program Files\HLSW\hlsw.exe"="D:\Program Files\HLSW\hlsw.exe:*:Enabled:hlsw"
"D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Documents and Settings\PC\Plocha\lol\vsechno mozny\MOJE\Moje hry\Age of EmpiresI\Empires.exe"="C:\Documents and Settings\PC\Plocha\lol\vsechno mozny\MOJE\Moje hry\Age of EmpiresI\Empires.exe:*:Enabled:Age of Empires"
"C:\Program Files\cacaoweb\cacaoweb.exe"="C:\Program Files\cacaoweb\cacaoweb.exe:*:Enabled:cacaoweb"
"D:\Program Files\Atari\TDU2\_UpLauncher.exe"="D:\Program Files\Atari\TDU2\_UpLauncher.exe:*:Enabled:UpLauncher"
"D:\Program Files\Atari\TDU2\UpLauncher.exe"="D:\Program Files\Atari\TDU2\UpLauncher.exe:*:Enabled:UpLauncher"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator Update Support"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe"="D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe"="D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe"="D:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"C:\Documents and Settings\PC\Plocha\lol\vsechno mozny\MOJE\Moje hry\Skype.exe"="C:\Documents and Settings\PC\Plocha\lol\vsechno mozny\MOJE\Moje hry\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
======List of files/folders created in the last 3 months======
2011-04-09 21:11:13 ----D---- C:\rsit
2011-04-09 21:11:13 ----D---- C:\Program Files\trend micro
2011-03-27 21:16:59 ----D---- C:\Documents and Settings\PC\Data aplikací\DDMSettings
2011-03-24 22:44:51 ----HDC---- C:\windows\$NtUninstallKB2524375$
2011-03-20 12:16:01 ----D---- C:\Documents and Settings\PC\Data aplikací\Ubisoft
2011-03-20 12:16:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2011-03-20 11:56:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2011-03-20 11:14:37 ----D---- C:\Documents and Settings\PC\Data aplikací\PunkBuster
2011-03-20 11:14:00 ----D---- C:\Program Files\Ubisoft
2011-03-13 22:46:11 ----HDC---- C:\windows\$NtUninstallKB971029$
2011-03-09 22:16:12 ----HDC---- C:\windows\$NtUninstallKB2479943$
2011-03-09 22:13:06 ----HDC---- C:\windows\$NtUninstallKB2481109$
2011-03-03 12:29:59 ----D---- C:\Program Files\Common Files\Skype
2011-02-24 12:32:20 ----D---- C:\windows\system32\drivers\NSS
2011-02-24 12:32:20 ----D---- C:\Program Files\Norton Security Scan
2011-02-24 12:32:18 ----D---- C:\Program Files\NortonInstaller
2011-02-24 10:19:40 ----N---- C:\windows\system32\spmsg2.dll
2011-02-24 10:19:34 ----HDC---- C:\windows\$NtUninstallXPSEPSCLP$
2011-02-20 20:17:26 ----SHD---- C:\RECYCLER
2011-02-19 20:06:07 ----D---- C:\Documents and Settings\PC\Data aplikací\cacaoweb
2011-02-19 12:08:43 ----A---- C:\ComboFix.txt
2011-02-18 22:09:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP Product Assistant
2011-02-18 21:58:38 ----A---- C:\windows\system32\javaws.exe
2011-02-18 21:58:38 ----A---- C:\windows\system32\javaw.exe
2011-02-18 21:58:38 ----A---- C:\windows\system32\java.exe
2011-02-09 20:14:21 ----HDC---- C:\windows\$NtUninstallKB2478971$
2011-02-09 20:14:17 ----HDC---- C:\windows\$NtUninstallKB2485376$
2011-02-09 20:14:11 ----HDC---- C:\windows\$NtUninstallKB2479628$
2011-02-09 20:14:04 ----HDC---- C:\windows\$NtUninstallKB2483185$
2011-02-09 20:10:38 ----HDC---- C:\windows\$NtUninstallKB2476687$
2011-02-09 20:09:55 ----HDC---- C:\windows\$NtUninstallKB2478960$
2011-02-09 20:09:44 ----HDC---- C:\windows\$NtUninstallKB2393802$
2011-02-04 13:14:46 ----D---- C:\Documents and Settings\PC\Data aplikací\Publish Providers
2011-02-04 13:03:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony
2011-02-04 13:03:34 ----D---- C:\Program Files\Sony
2011-02-04 12:59:01 ----D---- C:\Documents and Settings\PC\Data aplikací\Sony
2011-01-26 17:47:29 ----D---- C:\Program Files\GamePark
2011-01-25 23:28:24 ----HDC---- C:\windows\$NtUninstallKB971513$
2011-01-25 23:25:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-01-18 16:22:45 ----D---- C:\Program Files\cacaoweb
2011-01-14 17:56:05 ----A---- C:\windows\wowCP.ini
2011-01-12 21:49:43 ----HDC---- C:\windows\$NtUninstallKB2419632$
======List of files/folders modified in the last 3 months======
2011-04-09 21:11:14 ----D---- C:\windows\Prefetch
2011-04-09 21:11:13 ----RD---- C:\Program Files
2011-04-09 21:10:57 ----D---- C:\Documents and Settings\PC\Data aplikací\uTorrent
2011-04-09 21:05:56 ----D---- C:\windows\Temp
2011-04-09 21:05:08 ----A---- C:\windows\NeroDigital.ini
2011-04-09 19:58:08 ----D---- C:\Documents and Settings\PC\Data aplikací\ICQ
2011-04-09 18:25:26 ----A---- C:\windows\system32\PnkBstrB.exe
2011-04-09 16:50:19 ----D---- C:\windows\system32\CatRoot2
2011-04-09 16:49:26 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-04-09 14:15:42 ----D---- C:\Documents and Settings\PC\Data aplikací\Orbit
2011-04-09 13:28:35 ----SHD---- C:\windows\Installer
2011-04-09 13:28:35 ----D---- C:\Config.Msi
2011-04-09 13:27:33 ----D---- C:\Documents and Settings\PC\Data aplikací\OpenOffice.org2
2011-04-09 13:27:06 ----SD---- C:\windows\Tasks
2011-04-08 23:43:31 ----A---- C:\windows\SchedLgU.Txt
2011-04-08 15:49:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-04-03 19:19:59 ----D---- C:\Documents and Settings\PC\Data aplikací\Skype
2011-04-03 19:19:32 ----D---- C:\Documents and Settings\PC\Data aplikací\skypePM
2011-04-02 10:51:34 ----D---- C:\Documents and Settings\PC\Data aplikací\Vso
2011-04-01 20:33:11 ----A---- C:\windows\wincmd.ini
2011-03-31 19:53:58 ----D---- C:\Documents and Settings\PC\Data aplikací\Spyware Terminator
2011-03-31 19:46:08 ----D---- C:\Program Files\Spyware Terminator
2011-03-31 12:20:03 ----D---- C:\Program Files\ICQ7.0
2011-03-31 11:59:19 ----D---- C:\Documents and Settings\PC\Data aplikací\teamspeak2
2011-03-30 09:58:52 ----D---- C:\windows\system32
2011-03-30 09:58:52 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-03-29 15:55:34 ----D---- C:\windows\Minidump
2011-03-29 15:55:34 ----D---- C:\WINDOWS
2011-03-24 22:44:54 ----HD---- C:\windows\inf
2011-03-24 22:44:07 ----HD---- C:\windows\$hf_mig$
2011-03-24 21:58:26 ----D---- C:\Documents and Settings\PC\Data aplikací\TS3Client
2011-03-20 11:14:40 ----A---- C:\windows\system32\PnkBstrA.exe
2011-03-20 11:14:00 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-20 11:13:36 ----D---- C:\windows\WinSxS
2011-03-20 11:11:49 ----RSD---- C:\windows\assembly
2011-03-20 11:11:16 ----D---- C:\windows\system32\DirectX
2011-03-13 22:46:15 ----A---- C:\windows\imsins.BAK
2011-03-13 22:46:13 ----RSHDC---- C:\windows\system32\dllcache
2011-03-09 22:13:37 ----A---- C:\windows\system32\MRT.exe
2011-03-09 22:13:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-03-03 12:29:59 ----D---- C:\Program Files\Common Files
2011-03-03 12:29:58 ----RD---- C:\Program Files\Skype
2011-02-25 14:25:13 ----D---- C:\Documents and Settings\PC\Data aplikací\HLSW
2011-02-24 12:57:32 ----D---- C:\windows\Microsoft.NET
2011-02-24 12:32:20 ----D---- C:\windows\system32\drivers
2011-02-24 12:32:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-02-24 10:19:19 ----D---- C:\windows\system32\XPSViewer
2011-02-24 10:19:19 ----D---- C:\windows\system32\cs-cz
2011-02-24 10:19:02 ----D---- C:\windows\system32\mui
2011-02-24 09:33:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-02-24 09:33:29 ----D---- C:\Program Files\DivX
2011-02-21 15:44:31 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-19 12:08:45 ----AD---- C:\Qoobox
2011-02-19 12:06:57 ----A---- C:\windows\system.ini
2011-02-19 12:06:51 ----D---- C:\windows\system32\drivers\etc
2011-02-19 12:05:22 ----D---- C:\windows\AppPatch
2011-02-18 22:14:36 ----D---- C:\Documents and Settings\PC\Data aplikací\HpUpdate
2011-02-18 22:10:27 ----A---- C:\windows\wininit.ini
2011-02-18 22:10:13 ----RSD---- C:\windows\Fonts
2011-02-18 22:10:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2011-02-18 22:08:37 ----D---- C:\Program Files\HP
2011-02-18 21:58:58 ----D---- C:\Program Files\Common Files\Java
2011-02-18 21:58:34 ----D---- C:\Program Files\Java
2011-02-09 20:11:03 ----D---- C:\Program Files\Internet Explorer
2011-02-09 20:10:46 ----D---- C:\windows\ie8updates
2011-02-09 15:53:50 ----A---- C:\windows\system32\sbe.dll
2011-02-09 15:53:50 ----A---- C:\windows\system32\encdec.dll
2011-02-02 22:40:23 ----A---- C:\windows\system32\deployJava1.dll
2011-02-02 09:58:33 ----A---- C:\windows\system32\mstscax.dll
2011-01-27 13:57:06 ----A---- C:\windows\system32\mstsc.exe
2011-01-25 23:23:29 ----D---- C:\windows\SoftwareDistribution
2011-01-25 23:13:40 ----DC---- C:\windows\system32\DRVSTORE
2011-01-25 22:58:29 ----A---- C:\Documents and Settings\PC\Data aplikací\inst.exe
2011-01-25 22:58:06 ----D---- C:\windows\system32\Macromed
2011-01-25 22:58:01 ----D---- C:\Documents and Settings\PC\Data aplikací\Macromedia
2011-01-21 16:44:07 ----A---- C:\windows\system32\shimgvw.dll
2011-01-21 16:44:07 ----A---- C:\windows\system32\shell32.dll
2011-01-17 19:46:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-01-14 21:25:56 ----D---- C:\windows\system32\Restore
2011-01-14 17:58:05 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2011-01-13 20:35:25 ----D---- C:\Documents and Settings\PC\Data aplikací\Real
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iteatapi;ITEATAPI_Service_Install; C:\windows\system32\DRIVERS\iteatapi.sys [2005-10-28 27648]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-11-13 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2008-07-19 94416]
R2 MaVctrl;MaVctrl; C:\windows\system32\DRIVERS\MaVc2K.sys [2005-08-18 11473]
R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2009-07-14 7741664]
R3 PnkBstrK;PnkBstrK; \??\C:\windows\system32\drivers\PnkBstrK.sys []
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk51x86.sys [2005-05-06 232064]
S1 project; service tool ; C:\windows\System32\Drivers\register.sys [2001-11-28 1950]
S2 zntport;NTPort Library Driver; \??\C:\WINDOWS\system32\zntport.sys []
S3 aps5qlat;aps5qlat; C:\windows\system32\drivers\aps5qlat.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DBKDRVR54;DBKDRVR54; \??\C:\Program Files\Cheat Engine\dbk32.sys []
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2007-09-27 223128]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\AKB260.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\D:\Program Files\Garena\safedrv.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 MaRdPnp;MaRdPnp; C:\windows\system32\DRIVERS\MaRdP2K.sys [2005-08-18 49867]
S3 maz550c;maz550c; C:\windows\System32\Drivers\maz550c.sys [2005-06-16 24784]
S3 maz550m;maz550m; C:\windows\System32\Drivers\maz550m.sys [2005-06-16 25044]
S3 maz550u;maz550u; C:\windows\System32\Drivers\maz550u.sys [2006-10-11 55424]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 PAC7311;VGA SoC PC-Camer@; C:\windows\system32\DRIVERS\PA707UCM.SYS [2005-07-08 143232]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2010-09-17 47360]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-02-19 380928]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2009-07-14 168004]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2011-03-20 75136]
R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2011-04-09 214520]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-02 496128]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
S2 gupdate1caa1c0485e21a;Služba Google Update (gupdate1caa1c0485e21a); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 133104]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\windows\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 hpqcxs08;hpqcxs08; C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\windows\System32\svchost.exe [2008-04-14 14336]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu . Děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Log vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
mám problém, že když zapnu počítač trvá dlouho než se mi načtou ikony na ploše. Mám tam plochu 5minut a potom se mi to načte a nebo se mi také stává, že se mi sice ikony načtou, ale nemohu jít na internej, TeamSpeak a nebo skype mi funguji ale nemohu několik minut (přibližně 2 - 4 ) na internet ( používám Google Chrome, nefunguje to ani na Internet Explorer a Mozila Firefox) Mohli by jste mi nějak pomoci ?
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5363
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10.4.2011 0:32:30
mbam-log-2011-04-10 (00-32-27).txt
Typ kontroly: Úplný test (C:\|D:\|J:\|)
Testované objekty: 238290
Uplynulý čas: 47 minut, 53 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 5
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 6
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\documents and settings\PC\local settings\data aplikací\Mozilla\Firefox\Profiles\pke84l2b.default\Cache(2)\0b929813d01 (Trojan.Downloader) -> No action taken.
c:\Qoobox\quarantine\C\WINDOWS\system32\winboterr\svchost.exe.vir (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{3f311865-3e77-493d-adca-e277aca9fd49}\RP754\A0817952.exe (Trojan.Agent.CK) -> No action taken.
c:\WINDOWS\system32\config.ini.exe (Malware.Packer.Gen) -> No action taken.
c:\documents and settings\PC\data aplikací\cglogs.dat (Malware.Trace) -> No action taken.
c:\program files\icqtoolbar\5638\toolbaru.dll (Trojan.BHO) -> No action taken.
www.malwarebytes.org
Verze databáze: 5363
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
10.4.2011 0:32:30
mbam-log-2011-04-10 (00-32-27).txt
Typ kontroly: Úplný test (C:\|D:\|J:\|)
Testované objekty: 238290
Uplynulý čas: 47 minut, 53 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 5
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 6
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
c:\documents and settings\PC\local settings\data aplikací\Mozilla\Firefox\Profiles\pke84l2b.default\Cache(2)\0b929813d01 (Trojan.Downloader) -> No action taken.
c:\Qoobox\quarantine\C\WINDOWS\system32\winboterr\svchost.exe.vir (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{3f311865-3e77-493d-adca-e277aca9fd49}\RP754\A0817952.exe (Trojan.Agent.CK) -> No action taken.
c:\WINDOWS\system32\config.ini.exe (Malware.Packer.Gen) -> No action taken.
c:\documents and settings\PC\data aplikací\cglogs.dat (Malware.Trace) -> No action taken.
c:\program files\icqtoolbar\5638\toolbaru.dll (Trojan.BHO) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Potřebujete-li ICQToolbar, ponechte, vše ostatní, co MBAM nalezl, smažte a restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
stále žádná změna + zapomněl jsem se zmínit, že při načítání plochy mi vyskočí okno TrayApp a chce to po mě nějaké CD .. 
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
ComboFix 11-04-09.01 - PC 10.04.2011 17:21:04.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1501 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081031-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Data aplikací\cacaoweb
c:\documents and settings\PC\Data aplikací\cacaoweb\ad96D9145E8C867A23E1125CAAA9681BE1.ad
c:\documents and settings\PC\Data aplikací\cacaoweb\adstorage.db
c:\documents and settings\PC\Data aplikací\cacaoweb\replicating3E03A1F99C8F3E53E62971BB87A195DD.cacao
c:\documents and settings\PC\Data aplikací\cacaoweb\storage.db
c:\documents and settings\PC\Plocha\cacaoweb.exe
c:\documents and settings\PC\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-10 do 2011-04-10 )))))))))))))))))))))))))))))))
.
.
2011-04-10 07:58 . 2011-04-10 07:58 -------- d-----w- c:\documents and settings\PC\Data aplikací\Digiarty
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\PC\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-09 21:43 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- C:\rsit
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- c:\program files\trend micro
2011-03-27 19:16 . 2011-03-27 19:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\DDMSettings
2011-03-22 14:22 . 2011-03-22 14:22 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\Ubisoft
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ubisoft
2011-03-20 09:56 . 2011-03-20 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\documents and settings\PC\Data aplikací\PunkBuster
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\program files\Ubisoft
2011-03-16 18:20 . 2011-03-16 18:20 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Browser Plugin
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 13:37 . 2008-01-20 10:28 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 13:37 . 2009-03-16 16:13 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 13:37 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-20 09:14 . 2008-01-20 10:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-19 17:03 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-02-09 13:53 . 2004-08-18 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-10-07 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2008-03-08 19:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-09-26 15:06 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-09-26 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 20:58 . 2010-09-17 10:17 87608 ----a-w- c:\documents and settings\PC\Data aplikací\inst.exe
2011-01-25 20:58 . 2010-09-17 10:17 47360 ----a-w- c:\documents and settings\PC\Data aplikací\pcouffin.sys
2011-01-21 14:44 . 2004-08-18 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-02-19_10.06.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-10 09:59 . 2011-04-10 09:59 16384 c:\windows\Temp\Perflib_Perfdata_674.dat
+ 2011-04-10 09:59 . 2011-04-10 09:59 16384 c:\windows\Temp\Perflib_Perfdata_5bc.dat
+ 2011-02-24 08:19 . 2006-06-29 12:07 14048 c:\windows\system32\spmsg2.dll
+ 2004-08-18 12:00 . 2011-03-30 07:58 74230 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 74230 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-03-30 07:58 84834 c:\windows\system32\perfc005.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 84834 c:\windows\system32\perfc005.dat
+ 2007-09-26 15:08 . 2008-04-14 03:22 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 20480 c:\windows\system32\dllcache\inetwiz.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 86016 c:\windows\system32\dllcache\icwconn2.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\DeleteTemp.exe
+ 2008-03-22 09:27 . 2008-03-22 09:27 28302 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\baseline.dat
+ 2008-03-22 09:33 . 2008-03-22 09:33 46096 c:\windows\Microsoft.NET\Framework\v3.5\cs\MSBuild.resources.exe
+ 2007-10-15 13:12 . 2007-10-15 13:12 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\WsatConfig.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 10240 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\SMSvcHost.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 13824 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ServiceModelReg.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ComSvcConfig.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0405\mscorsecr.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Services.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Mobile.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Transactions.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.ServiceProcess.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Security.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 11776 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Remoting.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Messaging.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Management.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.EnterpriseServices.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.Protocols.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.data.sqlxml.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.Install.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\sysglobl.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 86528 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\ShFusRes.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Regasm.Resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\MSBuild.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.VisualBasic.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.JScript.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Utilities.Resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Engine.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\caspol.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regsql.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_rc.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 20480 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\alinkui.dll
+ 2008-03-22 09:00 . 2008-03-22 09:00 25088 c:\windows\Installer\249a22.msp
+ 2008-03-22 08:57 . 2008-03-22 08:57 52224 c:\windows\Installer\249a21.msp
+ 2011-02-24 08:19 . 2011-02-24 08:19 81408 c:\windows\Installer\249a09.msi
- 2010-05-22 18:31 . 2011-02-09 18:10 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 15:07 . 2010-12-18 19:11 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 15:07 . 2011-02-20 20:22 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 86016 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsBase.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10240 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 46136 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 77824 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Services.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16896 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_cs_b77a5c561934e089\System.Transactions.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_cs_31bf3856ad364e35\System.Speech.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 66616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_cs_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Security.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 86016 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11776 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16384 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_cs_31bf3856ad364e35\System.Printing.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_cs_b03f5f7f11d50a3a\System.Net.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Messaging.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 13312 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Management.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10752 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_cs_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 20480 c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_cs_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 61440 c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16896 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_cs_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_cs_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 57344 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_cs_b77a5c561934e089\System.Core.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10752 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_cs_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_cs_31bf3856ad364e35\ReachFramework.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 65536 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11776 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 18296 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 18296 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 6656 c:\windows\system32\mui\0405\mscorees.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 6144 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.Design.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\JSC.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\InstallUtil.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regbrowsers.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_compiler.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\CvtResUI.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 7680 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 9216 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 7680 c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Xml.Linq.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 6144 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_cs_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 8704 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2004-08-18 12:00 . 2008-04-14 03:21 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 12:00 . 2009-07-27 23:19 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 12:00 . 2011-03-30 07:58 449144 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 449144 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 445676 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-03-30 07:58 445676 c:\windows\system32\perfh005.dat
+ 2011-03-01 10:30 . 2011-03-01 10:30 234656 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe
+ 2011-03-01 10:30 . 2011-03-01 10:30 311456 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.dll
+ 2009-07-27 23:19 . 2009-07-27 23:19 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2007-09-26 15:06 . 2008-04-14 03:22 282112 c:\windows\system32\dllcache\pinball.exe
+ 2007-09-26 15:08 . 2008-04-14 03:21 102912 c:\windows\system32\dllcache\pchshell.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 215552 c:\windows\system32\dllcache\icwconn1.exe
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2007-09-26 15:06 . 2008-04-14 03:22 543232 c:\windows\system32\dllcache\dialer.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 982008 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapUI.dll
+ 2008-03-22 09:06 . 2008-03-22 09:06 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapRes.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 687104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsscenario.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 411136 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsbasereqs.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 627712 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs70uimgr.dll
+ 2008-03-22 09:40 . 2008-03-22 09:40 432128 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.msi
+ 2008-03-22 09:06 . 2008-03-22 09:06 124416 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setupres.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setup.exe
+ 2008-03-21 15:59 . 2008-03-21 15:59 183296 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\RebootStub.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\HtmlLite.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 276472 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\dlmgr.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 151552 c:\windows\Microsoft.NET\Framework\v3.5\cs\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 238072 c:\windows\Microsoft.NET\Framework\v3.5\1029\vbc7ui.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 174592 c:\windows\Microsoft.NET\Framework\v3.5\1029\cscompui.dll
+ 2006-10-24 23:43 . 2006-10-24 23:43 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\cs\PresentationUI.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\infocard.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 159744 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.xml.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Windows.Forms.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 602112 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 204800 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 536576 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Design.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 385024 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Deployment.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 339968 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.OracleClient.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 366592 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorrc.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorlib.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 139264 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Tasks.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 311296 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnetmmcext.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 214528 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\Vsavb7rtUI.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 188928 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\vbc7ui.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 141824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\cscompui.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 428032 c:\windows\Installer\249a2c.msi
+ 2008-03-22 08:54 . 2008-03-22 08:54 312320 c:\windows\Installer\249a24.msp
+ 2008-03-22 08:45 . 2008-03-22 08:45 727040 c:\windows\Installer\249a23.msp
+ 2008-03-22 08:51 . 2008-03-22 08:51 124416 c:\windows\Installer\249a20.msp
+ 2008-03-22 08:48 . 2008-03-22 08:48 166400 c:\windows\Installer\249a1f.msp
+ 2008-03-22 08:42 . 2008-03-22 08:42 117760 c:\windows\Installer\249a1e.msp
+ 2008-03-22 08:32 . 2008-03-22 08:32 488960 c:\windows\Installer\249a0e.msp
+ 2008-03-22 08:19 . 2008-03-22 08:19 251904 c:\windows\Installer\249a0d.msp
+ 2008-03-22 08:29 . 2008-03-22 08:29 360960 c:\windows\Installer\249a0c.msp
+ 2008-03-22 08:26 . 2008-03-22 08:26 708608 c:\windows\Installer\249a0b.msp
+ 2008-03-22 08:22 . 2008-03-22 08:22 365568 c:\windows\Installer\249a0a.msp
+ 2011-04-03 17:19 . 2011-04-03 17:19 371272 c:\windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
- 2011-01-18 16:01 . 2011-01-18 16:01 371272 c:\windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-02-24 08:19 . 2011-02-24 08:19 159744 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_cs_b77a5c561934e089\System.xml.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 111672 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_cs_31bf3856ad364e35\System.WorkflowServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 316480 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 189496 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 425984 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 602112 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 647168 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 454656 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 204800 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\system.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 536576 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Design.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 385024 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 339968 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationUI.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 237568 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 106496 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 303104 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 151552 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 139264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 311296 c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_cs_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-02-24 08:19 . 2006-06-29 12:07 371424 c:\windows\$NtUninstallXPSEPSCLP$\spuninst\updspapi.dll
+ 2011-02-24 08:19 . 2006-06-29 12:07 213216 c:\windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe
+ 2011-03-09 20:13 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-09 20:13 . 2008-04-14 03:22 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-09 20:16 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-09 20:16 . 2008-04-14 03:21 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-09 20:16 . 2008-04-14 03:21 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 391032 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 759160 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-09 20:13 . 2010-07-05 13:13 233848 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-09 20:16 . 2010-02-22 14:21 391032 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-09 20:16 . 2010-02-22 14:21 759160 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-09 20:16 . 2010-02-22 14:20 233848 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2007-09-26 15:07 . 2008-04-14 02:28 2481664 c:\windows\system32\dllcache\msoeres.dll
+ 2007-09-26 15:07 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-13 07:54 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2007-09-26 15:08 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-03-11 10:17 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1045504 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1361920 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\SITSetup.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1059328 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\gencomp.dll
+ 2011-04-03 17:19 . 2011-04-03 17:19 1583104 c:\windows\Installer\af7e7a.msi
+ 2011-02-24 08:19 . 2011-02-24 08:19 1048064 c:\windows\Installer\249a1d.msi
+ 2011-02-16 12:54 . 2011-02-16 12:54 4992000 c:\windows\Installer\104f809.msp
+ 2011-01-11 16:53 . 2011-01-11 16:53 1763328 c:\windows\Installer\104f7f1.msp
- 2010-05-22 18:31 . 2011-02-09 18:10 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-03-20 09:11 . 2011-03-20 09:11 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-09 20:13 . 2009-06-10 07:21 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2007-09-26 19:18 . 2011-03-09 20:13 37943240 c:\windows\system32\MRT.exe
+ 2011-02-20 20:21 . 2011-02-20 20:21 20308992 c:\windows\Installer\119aa8c.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c9a6357b-25cc-4bcf-96c1-78736985d412}"= "mscoree.dll" [2009-11-06 297808]
.
[HKEY_CLASSES_ROOT\clsid\{c9a6357b-25cc-4bcf-96c1-78736985d412}]
[HKEY_CLASSES_ROOT\SearchBar.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-03-31 399736]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"cacaoweb"="c:\program files\cacaoweb\cacaoweb.exe" [2011-04-08 369392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-02 2216960]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2010-02-15 417792]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-10-30 274608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-3-22 393216]
Xfire.lnk - j:\program files\Xfire\Xfire.exe [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Orbit.lnk - d:\program files\Orbitdownloader\orbitdm.exe [2010-7-20 1690824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Age of EmpiresI\\Empires.exe"=
"c:\\Program Files\\cacaoweb\\cacaoweb.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"12128:TCP"= 12128:TCP:BitComet 12128 TCP
"12128:UDP"= 12128:UDP:BitComet 12128 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2007 21:21 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.4.2008 16:53 78416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.2.2009 17:32 142592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [19.2.2010 20:43 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.4.2008 16:53 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.9.2008 18:31 246520]
S2 gupdate1caa1c0485e21a;Služba Google Update (gupdate1caa1c0485e21a);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 17:22 133104]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp --> c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\d:\program files\Garena\safedrv.sys --> d:\program files\Garena\safedrv.sys [?]
S3 maz550c;maz550c;c:\windows\system32\drivers\maz550c.sys [16.1.2009 20:04 24784]
S3 maz550m;maz550m;c:\windows\system32\drivers\maz550m.sys [16.1.2009 20:04 25044]
S3 maz550u;maz550u;c:\windows\system32\drivers\maz550u.sys [16.1.2009 20:04 55424]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.10.2010 18:56 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.10.2010 18:56 8320]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [18.8.2004 14:00 14336]
S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [8.7.2005 11:43 143232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [8.10.2010 16:57 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PNKBSTRB
*NewlyCreated* - PNKBSTRK
*Deregistered* - project
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-09 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\program files\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-02-24 07:25]
.
2011-04-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
2011-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://tudosearch.com/index.php?q=
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://games.icq.com/online/online2/pirate_poppers/PiratePoppers.1.0.0.32.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-10 17:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
cacaoweb = "c:\program files\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?es??????????????????P???????????????P???P???????????P?\?P???G???????G?????????????( ??????Service Pack 3?????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
.
[HKEY_USERS\S-1-5-21-606747145-1390067357-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:55,72,42,94,ee,b9,f8,10,68,e7,b0,db,8a,12,c9,e5,97,22,51,47,38,
58,eb,8e,15,b6,42,d6,43,20,6c,ce,e5,ac,74,f1,6b,17,24,1b,cb,c0,51,cc,88,f7,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-04-10 17:26:28
ComboFix-quarantined-files.txt 2011-04-10 15:26
ComboFix2.txt 2011-02-19 10:08
ComboFix3.txt 2010-12-14 19:28
ComboFix4.txt 2010-12-14 18:55
ComboFix5.txt 2011-04-10 15:18
.
Před spuštěním: 9 348 104 192
Po spuštění: 9 651 683 328
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 7D62FF50C2A456041A3123A76B8C4F46
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1501 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081031-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Data aplikací\cacaoweb
c:\documents and settings\PC\Data aplikací\cacaoweb\ad96D9145E8C867A23E1125CAAA9681BE1.ad
c:\documents and settings\PC\Data aplikací\cacaoweb\adstorage.db
c:\documents and settings\PC\Data aplikací\cacaoweb\replicating3E03A1F99C8F3E53E62971BB87A195DD.cacao
c:\documents and settings\PC\Data aplikací\cacaoweb\storage.db
c:\documents and settings\PC\Plocha\cacaoweb.exe
c:\documents and settings\PC\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-10 do 2011-04-10 )))))))))))))))))))))))))))))))
.
.
2011-04-10 07:58 . 2011-04-10 07:58 -------- d-----w- c:\documents and settings\PC\Data aplikací\Digiarty
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\PC\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-09 21:43 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- C:\rsit
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- c:\program files\trend micro
2011-03-27 19:16 . 2011-03-27 19:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\DDMSettings
2011-03-22 14:22 . 2011-03-22 14:22 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\Ubisoft
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ubisoft
2011-03-20 09:56 . 2011-03-20 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\documents and settings\PC\Data aplikací\PunkBuster
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\program files\Ubisoft
2011-03-16 18:20 . 2011-03-16 18:20 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Browser Plugin
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 13:37 . 2008-01-20 10:28 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 13:37 . 2009-03-16 16:13 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 13:37 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-20 09:14 . 2008-01-20 10:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-19 17:03 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-02-09 13:53 . 2004-08-18 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-10-07 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2008-03-08 19:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-09-26 15:06 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-09-26 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 20:58 . 2010-09-17 10:17 87608 ----a-w- c:\documents and settings\PC\Data aplikací\inst.exe
2011-01-25 20:58 . 2010-09-17 10:17 47360 ----a-w- c:\documents and settings\PC\Data aplikací\pcouffin.sys
2011-01-21 14:44 . 2004-08-18 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-02-19_10.06.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-10 09:59 . 2011-04-10 09:59 16384 c:\windows\Temp\Perflib_Perfdata_674.dat
+ 2011-04-10 09:59 . 2011-04-10 09:59 16384 c:\windows\Temp\Perflib_Perfdata_5bc.dat
+ 2011-02-24 08:19 . 2006-06-29 12:07 14048 c:\windows\system32\spmsg2.dll
+ 2004-08-18 12:00 . 2011-03-30 07:58 74230 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 74230 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-03-30 07:58 84834 c:\windows\system32\perfc005.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 84834 c:\windows\system32\perfc005.dat
+ 2007-09-26 15:08 . 2008-04-14 03:22 30208 c:\windows\system32\dllcache\wabmig.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 20480 c:\windows\system32\dllcache\inetwiz.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 86016 c:\windows\system32\dllcache\icwconn2.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\DeleteTemp.exe
+ 2008-03-22 09:27 . 2008-03-22 09:27 28302 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\baseline.dat
+ 2008-03-22 09:33 . 2008-03-22 09:33 46096 c:\windows\Microsoft.NET\Framework\v3.5\cs\MSBuild.resources.exe
+ 2007-10-15 13:12 . 2007-10-15 13:12 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\WsatConfig.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 10240 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\SMSvcHost.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 13824 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ServiceModelReg.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\ComSvcConfig.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 22528 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0405\mscorsecr.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Services.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.Mobile.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Transactions.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.ServiceProcess.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Security.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 11776 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Remoting.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Messaging.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Management.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.EnterpriseServices.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.DirectoryServices.Protocols.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.data.sqlxml.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 49152 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Configuration.Install.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\sysglobl.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 86528 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\ShFusRes.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 11264 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Regasm.Resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\MSBuild.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 57344 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.VisualBasic.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 45056 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.JScript.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 10240 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Utilities.Resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Engine.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\caspol.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regsql.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 80896 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_rc.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 20480 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\alinkui.dll
+ 2008-03-22 09:00 . 2008-03-22 09:00 25088 c:\windows\Installer\249a22.msp
+ 2008-03-22 08:57 . 2008-03-22 08:57 52224 c:\windows\Installer\249a21.msp
+ 2011-02-24 08:19 . 2011-02-24 08:19 81408 c:\windows\Installer\249a09.msi
- 2010-05-22 18:31 . 2011-02-09 18:10 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-04 15:07 . 2010-12-18 19:11 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 15:07 . 2011-02-20 20:22 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 86016 c:\windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsBase.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10240 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 46136 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.Runtime.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 77824 c:\windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Services.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 49152 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16896 c:\windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_cs_b77a5c561934e089\System.Transactions.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 61440 c:\windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_cs_31bf3856ad364e35\System.Speech.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 66616 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_cs_31bf3856ad364e35\System.ServiceModel.Web.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Install.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Security.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 86016 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11776 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 32768 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16384 c:\windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_cs_31bf3856ad364e35\System.Printing.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Net.resources\3.5.0.0_cs_b03f5f7f11d50a3a\System.Net.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 77824 c:\windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Messaging.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 13312 c:\windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Management.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10752 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation.resources\3.5.0.0_cs_b77a5c561934e089\System.Management.Instrumentation.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 20480 c:\windows\assembly\GAC_MSIL\System.IO.Log.resources\3.0.0.0_cs_b03f5f7f11d50a3a\System.IO.Log.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 61440 c:\windows\assembly\GAC_MSIL\System.IdentityModel.resources\3.0.0.0_cs_b77a5c561934e089\System.IdentityModel.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 32768 c:\windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 24576 c:\windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 40960 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 16896 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_cs_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_cs_b77a5c561934e089\system.data.sqlxml.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.Linq.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 57344 c:\windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_cs_b77a5c561934e089\System.Core.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 49152 c:\windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10752 c:\windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_cs_b03f5f7f11d50a3a\sysglobl.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 36864 c:\windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_cs_31bf3856ad364e35\ReachFramework.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationBuildTasks.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 57344 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 45056 c:\windows\assembly\GAC_MSIL\Microsoft.Jscript.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.JScript.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 10240 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Utilities.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 65536 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 53248 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Engine.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 11776 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.resources.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 26488 c:\windows\$hf_mig$\KB2481109\update\spcustom.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 18296 c:\windows\$hf_mig$\KB2481109\spmsg.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 53248 c:\windows\$hf_mig$\KB2481109\SP3QFE\tsgqec.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 26488 c:\windows\$hf_mig$\KB2479943\update\spcustom.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 18296 c:\windows\$hf_mig$\KB2479943\spmsg.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 6656 c:\windows\system32\mui\0405\mscorees.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 9216 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC\CS\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 6144 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Drawing.Design.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\JSC.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 4096 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\InstallUtil.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_regbrowsers.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 8704 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnet_compiler.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\CvtResUI.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 4608 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration.resources\3.0.0.0_cs_31bf3856ad364e35\WindowsFormsIntegration.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 7680 c:\windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationTypes.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 4096 c:\windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationProvider.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 9216 c:\windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_cs_31bf3856ad364e35\UIAutomationClient.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 7680 c:\windows\assembly\GAC_MSIL\System.Xml.Linq.resources\3.5.0.0_cs_b77a5c561934e089\System.Xml.Linq.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 6144 c:\windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions.resources\3.5.0.0_cs_b77a5c561934e089\System.Data.DataSetExtensions.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\SMDiagnostics.resources\3.0.0.0_cs_b77a5c561934e089\SMDiagnostics.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 9216 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 8704 c:\windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 5120 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge.Dtc.resources\3.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll
- 2004-08-18 12:00 . 2008-04-14 03:21 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 12:00 . 2009-07-27 23:19 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 12:00 . 2011-03-30 07:58 449144 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 449144 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-02-06 19:03 445676 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-03-30 07:58 445676 c:\windows\system32\perfh005.dat
+ 2011-03-01 10:30 . 2011-03-01 10:30 234656 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe
+ 2011-03-01 10:30 . 2011-03-01 10:30 311456 c:\windows\system32\Macromed\Flash\FlashUtil10n_ActiveX.dll
+ 2009-07-27 23:19 . 2009-07-27 23:19 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2007-09-26 15:06 . 2008-04-14 03:22 282112 c:\windows\system32\dllcache\pinball.exe
+ 2007-09-26 15:08 . 2008-04-14 03:21 102912 c:\windows\system32\dllcache\pchshell.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2007-09-26 15:07 . 2008-04-14 03:22 215552 c:\windows\system32\dllcache\icwconn1.exe
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2007-09-26 15:06 . 2008-04-14 03:22 543232 c:\windows\system32\dllcache\dialer.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 982008 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapUI.dll
+ 2008-03-22 09:06 . 2008-03-22 09:06 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\WapRes.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 687104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsscenario.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 411136 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vsbasereqs.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 627712 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs70uimgr.dll
+ 2008-03-22 09:40 . 2008-03-22 09:40 432128 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.msi
+ 2008-03-22 09:06 . 2008-03-22 09:06 124416 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setupres.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setup.exe
+ 2008-03-21 15:59 . 2008-03-21 15:59 183296 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\RebootStub.exe
+ 2008-03-21 14:56 . 2008-03-21 14:56 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\HtmlLite.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 276472 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\dlmgr.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 151552 c:\windows\Microsoft.NET\Framework\v3.5\cs\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 238072 c:\windows\Microsoft.NET\Framework\v3.5\1029\vbc7ui.dll
+ 2008-03-22 09:33 . 2008-03-22 09:33 174592 c:\windows\Microsoft.NET\Framework\v3.5\1029\cscompui.dll
+ 2006-10-24 23:43 . 2006-10-24 23:43 372736 c:\windows\Microsoft.NET\Framework\v3.0\WPF\cs\PresentationUI.resources.dll
+ 2007-10-15 13:12 . 2007-10-15 13:12 864256 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\cs\infocard.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 159744 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.xml.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Windows.Forms.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 602112 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Web.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 204800 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\system.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 536576 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Design.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 385024 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Deployment.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 339968 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Data.OracleClient.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 366592 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorrc.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\mscorlib.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 139264 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\Microsoft.Build.Tasks.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 311296 c:\windows\Microsoft.NET\Framework\v2.0.50727\cs\aspnetmmcext.resources.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 214528 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\Vsavb7rtUI.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 188928 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\vbc7ui.dll
+ 2007-10-26 02:16 . 2007-10-26 02:16 141824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1029\cscompui.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 428032 c:\windows\Installer\249a2c.msi
+ 2008-03-22 08:54 . 2008-03-22 08:54 312320 c:\windows\Installer\249a24.msp
+ 2008-03-22 08:45 . 2008-03-22 08:45 727040 c:\windows\Installer\249a23.msp
+ 2008-03-22 08:51 . 2008-03-22 08:51 124416 c:\windows\Installer\249a20.msp
+ 2008-03-22 08:48 . 2008-03-22 08:48 166400 c:\windows\Installer\249a1f.msp
+ 2008-03-22 08:42 . 2008-03-22 08:42 117760 c:\windows\Installer\249a1e.msp
+ 2008-03-22 08:32 . 2008-03-22 08:32 488960 c:\windows\Installer\249a0e.msp
+ 2008-03-22 08:19 . 2008-03-22 08:19 251904 c:\windows\Installer\249a0d.msp
+ 2008-03-22 08:29 . 2008-03-22 08:29 360960 c:\windows\Installer\249a0c.msp
+ 2008-03-22 08:26 . 2008-03-22 08:26 708608 c:\windows\Installer\249a0b.msp
+ 2008-03-22 08:22 . 2008-03-22 08:22 365568 c:\windows\Installer\249a0a.msp
+ 2011-04-03 17:19 . 2011-04-03 17:19 371272 c:\windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
- 2011-01-18 16:01 . 2011-01-18 16:01 371272 c:\windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-02-24 08:19 . 2011-02-24 08:19 159744 c:\windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_cs_b77a5c561934e089\System.xml.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 111672 c:\windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_cs_31bf3856ad364e35\System.WorkflowServices.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 316480 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 189496 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities.resources\3.0.0.0_cs_31bf3856ad364e35\System.Workflow.Activities.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 425984 c:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 602112 c:\windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Web.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 647168 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_cs_31bf3856ad364e35\System.Web.Extensions.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 454656 c:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_cs_b77a5c561934e089\System.ServiceModel.Resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 204800 c:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\system.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 536576 c:\windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Design.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 385024 c:\windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Deployment.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 339968 c:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 110592 c:\windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_cs_b77a5c561934e089\System.Data.OracleClient.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 372736 c:\windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationUI.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 237568 c:\windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 106496 c:\windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 303104 c:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 151552 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5.resources\3.5.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 139264 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.resources\2.0.0.0_cs_b03f5f7f11d50a3a\Microsoft.Build.Tasks.resources.dll
+ 2011-02-24 08:19 . 2011-02-24 08:19 311296 c:\windows\assembly\GAC_MSIL\AspNetMMCExt.resources\2.0.0.0_cs_b03f5f7f11d50a3a\aspnetmmcext.resources.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-11-13 13:01 . 2010-11-13 13:01 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-02-24 08:19 . 2006-06-29 12:07 371424 c:\windows\$NtUninstallXPSEPSCLP$\spuninst\updspapi.dll
+ 2011-02-24 08:19 . 2006-06-29 12:07 213216 c:\windows\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe
+ 2011-03-09 20:13 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2481109$\spuninst\updspapi.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2481109$\spuninst\spuninst.exe
+ 2011-03-09 20:13 . 2008-04-14 03:22 677888 c:\windows\$NtUninstallKB2481109$\mstsc.exe
+ 2011-03-09 20:16 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2479943$\spuninst\updspapi.dll
+ 2011-03-09 20:16 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2479943$\spuninst\spuninst.exe
+ 2011-03-09 20:16 . 2008-04-14 03:21 270848 c:\windows\$NtUninstallKB2479943$\sbe.dll
+ 2011-03-09 20:16 . 2008-04-14 03:21 186880 c:\windows\$NtUninstallKB2479943$\encdec.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 391032 c:\windows\$hf_mig$\KB2481109\update\updspapi.dll
+ 2011-03-09 20:13 . 2010-07-05 13:13 759160 c:\windows\$hf_mig$\KB2481109\update\update.exe
+ 2011-03-09 20:13 . 2010-07-05 13:13 233848 c:\windows\$hf_mig$\KB2481109\spuninst.exe
+ 2011-01-27 11:41 . 2011-01-27 11:41 677888 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstsc.exe
+ 2011-02-02 07:57 . 2011-02-02 07:57 136192 c:\windows\$hf_mig$\KB2481109\SP3QFE\aaclient.dll
+ 2011-03-09 20:16 . 2010-02-22 14:21 391032 c:\windows\$hf_mig$\KB2479943\update\updspapi.dll
+ 2011-03-09 20:16 . 2010-02-22 14:21 759160 c:\windows\$hf_mig$\KB2479943\update\update.exe
+ 2011-03-09 20:16 . 2010-02-22 14:20 233848 c:\windows\$hf_mig$\KB2479943\spuninst.exe
+ 2011-02-09 13:52 . 2011-02-09 13:52 270848 c:\windows\$hf_mig$\KB2479943\SP3QFE\sbe.dll
+ 2011-02-09 13:52 . 2011-02-09 13:52 186880 c:\windows\$hf_mig$\KB2479943\SP3QFE\encdec.dll
+ 2007-09-26 15:07 . 2008-04-14 02:28 2481664 c:\windows\system32\dllcache\msoeres.dll
+ 2007-09-26 15:07 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
- 2009-08-13 07:54 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2007-09-26 15:08 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2010-03-11 10:17 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1045504 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\vs_setup.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1361920 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\SITSetup.dll
+ 2008-03-21 14:56 . 2008-03-21 14:56 1059328 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\gencomp.dll
+ 2011-04-03 17:19 . 2011-04-03 17:19 1583104 c:\windows\Installer\af7e7a.msi
+ 2011-02-24 08:19 . 2011-02-24 08:19 1048064 c:\windows\Installer\249a1d.msi
+ 2011-02-16 12:54 . 2011-02-16 12:54 4992000 c:\windows\Installer\104f809.msp
+ 2011-01-11 16:53 . 2011-01-11 16:53 1763328 c:\windows\Installer\104f7f1.msp
- 2010-05-22 18:31 . 2011-02-09 18:10 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-05-22 18:31 . 2011-03-09 20:13 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2010-05-22 18:31 . 2011-02-09 18:10 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-03-20 09:11 . 2011-03-20 09:11 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-11-13 13:00 . 2010-11-13 13:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-20 09:11 . 2011-03-20 09:11 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-03-09 20:13 . 2009-06-10 07:21 2066432 c:\windows\$NtUninstallKB2481109$\mstscax.dll
+ 2011-02-02 07:57 . 2011-02-02 07:57 2069504 c:\windows\$hf_mig$\KB2481109\SP3QFE\lhmstscx.dll
+ 2007-09-26 19:18 . 2011-03-09 20:13 37943240 c:\windows\system32\MRT.exe
+ 2011-02-20 20:21 . 2011-02-20 20:21 20308992 c:\windows\Installer\119aa8c.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c9a6357b-25cc-4bcf-96c1-78736985d412}"= "mscoree.dll" [2009-11-06 297808]
.
[HKEY_CLASSES_ROOT\clsid\{c9a6357b-25cc-4bcf-96c1-78736985d412}]
[HKEY_CLASSES_ROOT\SearchBar.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-03-31 399736]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"cacaoweb"="c:\program files\cacaoweb\cacaoweb.exe" [2011-04-08 369392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-02 2216960]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2010-02-15 417792]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-10-30 274608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-3-22 393216]
Xfire.lnk - j:\program files\Xfire\Xfire.exe [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Orbit.lnk - d:\program files\Orbitdownloader\orbitdm.exe [2010-7-20 1690824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Age of EmpiresI\\Empires.exe"=
"c:\\Program Files\\cacaoweb\\cacaoweb.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"12128:TCP"= 12128:TCP:BitComet 12128 TCP
"12128:UDP"= 12128:UDP:BitComet 12128 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2007 21:21 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.4.2008 16:53 78416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.2.2009 17:32 142592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [19.2.2010 20:43 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.4.2008 16:53 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.9.2008 18:31 246520]
S2 gupdate1caa1c0485e21a;Služba Google Update (gupdate1caa1c0485e21a);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 17:22 133104]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp --> c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\d:\program files\Garena\safedrv.sys --> d:\program files\Garena\safedrv.sys [?]
S3 maz550c;maz550c;c:\windows\system32\drivers\maz550c.sys [16.1.2009 20:04 24784]
S3 maz550m;maz550m;c:\windows\system32\drivers\maz550m.sys [16.1.2009 20:04 25044]
S3 maz550u;maz550u;c:\windows\system32\drivers\maz550u.sys [16.1.2009 20:04 55424]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.10.2010 18:56 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.10.2010 18:56 8320]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [18.8.2004 14:00 14336]
S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [8.7.2005 11:43 143232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [8.10.2010 16:57 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PNKBSTRB
*NewlyCreated* - PNKBSTRK
*Deregistered* - project
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-09 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\program files\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-02-24 07:25]
.
2011-04-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
2011-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://tudosearch.com/index.php?q=
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://games.icq.com/online/online2/pirate_poppers/PiratePoppers.1.0.0.32.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-10 17:24
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
cacaoweb = "c:\program files\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?es??????????????????P???????????????P???P???????????P?\?P???G???????G?????????????( ??????Service Pack 3?????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
.
[HKEY_USERS\S-1-5-21-606747145-1390067357-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:55,72,42,94,ee,b9,f8,10,68,e7,b0,db,8a,12,c9,e5,97,22,51,47,38,
58,eb,8e,15,b6,42,d6,43,20,6c,ce,e5,ac,74,f1,6b,17,24,1b,cb,c0,51,cc,88,f7,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-04-10 17:26:28
ComboFix-quarantined-files.txt 2011-04-10 15:26
ComboFix2.txt 2011-02-19 10:08
ComboFix3.txt 2010-12-14 19:28
ComboFix4.txt 2010-12-14 18:55
ComboFix5.txt 2011-04-10 15:18
.
Před spuštěním: 9 348 104 192
Po spuštění: 9 651 683 328
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 7D62FF50C2A456041A3123A76B8C4F46
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej maší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Folder::
c:\program files\cacaoweb
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cacaoweb"=-
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
ComboFix 11-04-10.01 - PC 10.04.2011 22:11:10.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1295 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1229 [VPS 081031-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Data aplikací\cacaoweb
c:\documents and settings\PC\Data aplikací\cacaoweb\adstorage.db
c:\documents and settings\PC\Data aplikací\cacaoweb\storage.db
c:\program files\cacaoweb
c:\program files\cacaoweb\cacaoweb.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-10 do 2011-04-10 )))))))))))))))))))))))))))))))
.
.
2011-04-10 07:58 . 2011-04-10 07:58 -------- d-----w- c:\documents and settings\PC\Data aplikací\Digiarty
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\PC\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-09 21:43 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- C:\rsit
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- c:\program files\trend micro
2011-03-27 19:16 . 2011-03-27 19:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\DDMSettings
2011-03-22 14:22 . 2011-03-22 14:22 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\Ubisoft
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ubisoft
2011-03-20 09:56 . 2011-03-20 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\documents and settings\PC\Data aplikací\PunkBuster
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\program files\Ubisoft
2011-03-16 18:20 . 2011-03-16 18:20 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Browser Plugin
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 18:29 . 2008-01-20 10:28 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:29 . 2009-03-16 16:13 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:29 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-20 09:14 . 2008-01-20 10:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-19 17:03 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-02-09 13:53 . 2004-08-18 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-10-07 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2008-03-08 19:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-09-26 15:06 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-09-26 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 20:58 . 2010-09-17 10:17 87608 ----a-w- c:\documents and settings\PC\Data aplikací\inst.exe
2011-01-25 20:58 . 2010-09-17 10:17 47360 ----a-w- c:\documents and settings\PC\Data aplikací\pcouffin.sys
2011-01-21 14:44 . 2004-08-18 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-10_15.24.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-10 16:27 . 2011-04-10 16:27 16384 c:\windows\Temp\Perflib_Perfdata_c48.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c9a6357b-25cc-4bcf-96c1-78736985d412}"= "mscoree.dll" [2009-11-06 297808]
.
[HKEY_CLASSES_ROOT\clsid\{c9a6357b-25cc-4bcf-96c1-78736985d412}]
[HKEY_CLASSES_ROOT\SearchBar.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-03-31 399736]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-02 2216960]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2010-02-15 417792]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-10-30 274608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-3-22 393216]
Xfire.lnk - j:\program files\Xfire\Xfire.exe [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Orbit.lnk - d:\program files\Orbitdownloader\orbitdm.exe [2010-7-20 1690824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Age of EmpiresI\\Empires.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"12128:TCP"= 12128:TCP:BitComet 12128 TCP
"12128:UDP"= 12128:UDP:BitComet 12128 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2007 21:21 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.4.2008 16:53 78416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.2.2009 17:32 142592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [19.2.2010 20:43 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.4.2008 16:53 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.9.2008 18:31 246520]
S2 gupdate1caa1c0485e21a;Služba Google Update (gupdate1caa1c0485e21a);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 17:22 133104]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp --> c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\d:\program files\Garena\safedrv.sys --> d:\program files\Garena\safedrv.sys [?]
S3 maz550c;maz550c;c:\windows\system32\drivers\maz550c.sys [16.1.2009 20:04 24784]
S3 maz550m;maz550m;c:\windows\system32\drivers\maz550m.sys [16.1.2009 20:04 25044]
S3 maz550u;maz550u;c:\windows\system32\drivers\maz550u.sys [16.1.2009 20:04 55424]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.10.2010 18:56 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.10.2010 18:56 8320]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [18.8.2004 14:00 14336]
S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [8.7.2005 11:43 143232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [8.10.2010 16:57 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PNKBSTRB
*NewlyCreated* - PNKBSTRK
*Deregistered* - project
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-09 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\program files\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-02-24 07:25]
.
2011-04-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
2011-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://tudosearch.com/index.php?q=
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://games.icq.com/online/online2/pirate_poppers/PiratePoppers.1.0.0.32.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-10 22:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
.
[HKEY_USERS\S-1-5-21-606747145-1390067357-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:55,72,42,94,ee,b9,f8,10,68,e7,b0,db,8a,12,c9,e5,97,22,51,47,38,
58,eb,8e,15,b6,42,d6,43,20,6c,ce,e5,ac,74,f1,6b,17,24,1b,cb,c0,51,cc,88,f7,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-04-10 22:17:25
ComboFix-quarantined-files.txt 2011-04-10 20:17
ComboFix2.txt 2011-04-10 15:26
ComboFix3.txt 2011-02-19 10:08
ComboFix4.txt 2010-12-14 19:28
ComboFix5.txt 2011-04-10 20:04
.
Před spuštěním: 9 742 974 976
Po spuštění: 9 767 583 744
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9DD5976239A7BCAA7BCEC70F515913D7
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1295 [GMT 2:00]
Spuštěný z: c:\documents and settings\PC\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\PC\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1229 [VPS 081031-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PC\Data aplikací\cacaoweb
c:\documents and settings\PC\Data aplikací\cacaoweb\adstorage.db
c:\documents and settings\PC\Data aplikací\cacaoweb\storage.db
c:\program files\cacaoweb
c:\program files\cacaoweb\cacaoweb.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-10 do 2011-04-10 )))))))))))))))))))))))))))))))
.
.
2011-04-10 07:58 . 2011-04-10 07:58 -------- d-----w- c:\documents and settings\PC\Data aplikací\Digiarty
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\PC\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-09 21:43 . 2011-04-09 21:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-09 21:43 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- C:\rsit
2011-04-09 19:11 . 2011-04-09 19:11 -------- d-----w- c:\program files\trend micro
2011-03-27 19:16 . 2011-03-27 19:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\DDMSettings
2011-03-22 14:22 . 2011-03-22 14:22 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\GamePlayLabs Plugin
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\PC\Data aplikací\Ubisoft
2011-03-20 10:16 . 2011-03-20 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ubisoft
2011-03-20 09:56 . 2011-03-20 10:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\documents and settings\PC\Data aplikací\PunkBuster
2011-03-20 09:14 . 2011-03-20 09:14 -------- d-----w- c:\program files\Ubisoft
2011-03-16 18:20 . 2011-03-16 18:20 -------- d-----w- c:\documents and settings\PC\Local Settings\Data aplikací\Browser Plugin
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-10 18:29 . 2008-01-20 10:28 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-10 18:29 . 2009-03-16 16:13 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-10 18:29 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-20 09:14 . 2008-01-20 10:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-19 17:03 . 2008-01-20 10:28 214520 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-02-09 13:53 . 2004-08-18 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-10-07 08:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2008-03-08 19:35 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-02 07:58 . 2007-09-26 15:06 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2007-09-26 15:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-25 20:58 . 2010-09-17 10:17 87608 ----a-w- c:\documents and settings\PC\Data aplikací\inst.exe
2011-01-25 20:58 . 2010-09-17 10:17 47360 ----a-w- c:\documents and settings\PC\Data aplikací\pcouffin.sys
2011-01-21 14:44 . 2004-08-18 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-10_15.24.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-10 16:27 . 2011-04-10 16:27 16384 c:\windows\Temp\Perflib_Perfdata_c48.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c9a6357b-25cc-4bcf-96c1-78736985d412}"= "mscoree.dll" [2009-11-06 297808]
.
[HKEY_CLASSES_ROOT\clsid\{c9a6357b-25cc-4bcf-96c1-78736985d412}]
[HKEY_CLASSES_ROOT\SearchBar.Toolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-03-31 399736]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-30 32768]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-11-02 2216960]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2010-02-15 417792]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2010-10-30 274608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-02-15 1230704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="d:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\PC\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.2.lnk - c:\program files\OpenOffice.org 2.2\program\quickstart.exe [2007-3-22 393216]
Xfire.lnk - j:\program files\Xfire\Xfire.exe [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Orbit.lnk - d:\program files\Orbitdownloader\orbitdm.exe [2010-7-20 1690824]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"d:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\World of Warcraft\\Launcher.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"d:\\Program Files\\Garena\\Garena.exe"=
"d:\\Program Files\\HLSW\\hlsw.exe"=
"d:\\Program Files\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Age of EmpiresI\\Empires.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"d:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Documents and Settings\\PC\\Plocha\\lol\\vsechno mozny\\MOJE\\Moje hry\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"12128:TCP"= 12128:TCP:BitComet 12128 TCP
"12128:UDP"= 12128:UDP:BitComet 12128 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2007 21:21 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.4.2008 16:53 78416]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.2.2009 17:32 142592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [19.2.2010 20:43 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.4.2008 16:53 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [30.9.2008 18:31 246520]
S2 gupdate1caa1c0485e21a;Služba Google Update (gupdate1caa1c0485e21a);c:\program files\Google\Update\GoogleUpdate.exe [30.1.2010 17:22 133104]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\Cheat Engine\dbk32.sys --> c:\program files\Cheat Engine\dbk32.sys [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp --> c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\d:\program files\Garena\safedrv.sys --> d:\program files\Garena\safedrv.sys [?]
S3 maz550c;maz550c;c:\windows\system32\drivers\maz550c.sys [16.1.2009 20:04 24784]
S3 maz550m;maz550m;c:\windows\system32\drivers\maz550m.sys [16.1.2009 20:04 25044]
S3 maz550u;maz550u;c:\windows\system32\drivers\maz550u.sys [16.1.2009 20:04 55424]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [4.10.2010 18:56 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [4.10.2010 18:56 8320]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [18.8.2004 14:00 14336]
S3 PAC7311;VGA SoC PC-Camer@;c:\windows\system32\drivers\PA707UCM.SYS [8.7.2005 11:43 143232]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [8.10.2010 16:57 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PNKBSTRB
*NewlyCreated* - PNKBSTRK
*Deregistered* - project
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 15:22]
.
2011-04-09 c:\windows\Tasks\Norton Security Scan for PC.job
- c:\program files\Norton Security Scan\Engine\3.0.0.103\Nss.exe [2011-02-24 07:25]
.
2011-04-10 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
2011-04-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1390067357-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uDefault_Search_URL = hxxp://tudosearch.com/index.php?q=
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://search.qip.ru
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {49E67060-2C0D-415E-94C7-52A49F73B2F1} - hxxp://games.icq.com/online/online2/pirate_poppers/PiratePoppers.1.0.0.32.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-10 22:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\AKB260.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,42,d8,d0,79,fc,a2,4b,93,1e,f3,\
.
[HKEY_USERS\S-1-5-21-606747145-1390067357-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:55,72,42,94,ee,b9,f8,10,68,e7,b0,db,8a,12,c9,e5,97,22,51,47,38,
58,eb,8e,15,b6,42,d6,43,20,6c,ce,e5,ac,74,f1,6b,17,24,1b,cb,c0,51,cc,88,f7,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-04-10 22:17:25
ComboFix-quarantined-files.txt 2011-04-10 20:17
ComboFix2.txt 2011-04-10 15:26
ComboFix3.txt 2011-02-19 10:08
ComboFix4.txt 2010-12-14 19:28
ComboFix5.txt 2011-04-10 20:04
.
Před spuštěním: 9 742 974 976
Po spuštění: 9 767 583 744
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9DD5976239A7BCAA7BCEC70F515913D7
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
venca008
- Návštěvník
- Příspěvky: 57
- Registrován: 13 pro 2010 20:59
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
stále musím čekat 5 minut a zobrazuje se mi instalačka TrayApp 
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu . Děkuji
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?