VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

MS-DOS

https://forum.viry.cz:443/viewtopic.php?t=100424

Stránka 1 z 1

MS-DOS

Napsal: 24 dub 2010 13:29
od To3@s
Ahoj, mam mensi (teda dufam) problem :
po spusteni OP mi naskoci tabulka :
C:/WINDOWS/system32/msupdte.exe
NTVDM CPU obsahuje neplatnu instrukciu
CS:0fa8 IP:0227 OP: 63 6f 6d 23 61
Mohli by ste mi poradit co urobit aby mi to uz nevyskakovalo?
Dakujem :D

Re: MS-DOS

Napsal: 24 dub 2010 14:27
od To3@s
OTL logfile created on: 24. 4. 2010 15:00:16 - Run 1
OTL by OldTimer - Version 3.2.2.0 Folder = C:\Documents and Settings\Martin\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

511,00 Mb Total Physical Memory | 163,00 Mb Available Physical Memory | 32,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,88 Gb Total Space | 9,47 Gb Free Space | 18,61% Space Free | Partition Type: NTFS
Drive D: | 98,16 Gb Total Space | 89,39 Gb Free Space | 91,07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARTIN-5121321B
Current User Name: Martin
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.24 14:57:40 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
PRC - [2010.04.03 16:35:25 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.03.19 21:30:35 | 000,319,792 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2009.11.07 20:58:31 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2009.11.07 20:58:31 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2008.12.26 22:17:22 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.06.04 11:21:12 | 051,316,170 | ---- | M] ( ) -- C:\Program Files\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
PRC - [2006.11.03 16:49:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (SafeList) ==========

MOD - [2010.04.24 14:57:40 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
MOD - [2010.04.24 14:20:38 | 000,087,040 | RHS- | M] () -- C:\Documents and Settings\Martin\Local Settings\Temp\nodqq0.dll


========== Win32 Services (SafeList) ==========

SRV - [2009.11.07 20:58:31 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.04.02 12:47:04 | 000,234,888 | ---- | M] () [Auto | Stopped] -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2008.12.26 22:17:22 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2007.10.11 07:25:14 | 000,122,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2006.11.03 16:49:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2010.01.30 21:27:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.11.07 20:58:31 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2009.11.07 20:58:31 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2009.10.30 16:13:45 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2009.09.28 21:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.09.17 10:55:00 | 006,132,576 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.07.24 00:29:16 | 000,047,744 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vserial.sys -- (vserial)
DRV - [2008.07.24 00:29:16 | 000,015,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vsb.sys -- (vsbus)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.11.21 01:09:22 | 000,104,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.05.05 16:51:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvport.sys -- (nvport)
DRV - [2006.03.29 06:19:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.5
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.08 21:38:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.03 16:35:32 | 000,000,000 | ---D | M]

[2009.05.08 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Extensions
[2010.04.22 15:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\yx1valrp.default\extensions
[2009.08.28 12:11:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\yx1valrp.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.04.24 10:41:05 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.03.26 12:33:13 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010.03.26 12:33:13 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2010.03.26 12:33:13 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010.03.26 12:33:13 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010.03.26 12:33:13 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010.03.26 12:33:13 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2001.10.25 15:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Microsoft WinUpdate] C:\WINDOWS\system32\msupdte.exe ()
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004..\Run: [cdoosoft] C:\DOCUME~1\Martin\LOCALS~1\Temp\herss.exe File not found
O4 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004..\Run: [nod32] C:\Documents and Settings\Martin\Local Settings\Temp\nodqq.exe ()
O4 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found
O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found
O4 - Startup: C:\Documents and Settings\Martin\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools: = 0
O7 - HKU\S-1-5-21-725345543-1085031214-1606980848-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\DisableRegistryTools\ShowInfoTip: = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset )
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\imon.dll (Eset )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Martin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Martin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.08 11:29:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.24 15:00:32 | 000,000,059 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010.04.24 15:00:34 | 000,000,059 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{05ccd79c-aab1-11de-bbeb-000b6adf997b}\Shell\AutoRun\command - "" = G:\pcxis.exe -- File not found
O33 - MountPoints2\{05ccd79c-aab1-11de-bbeb-000b6adf997b}\Shell\open\Command - "" = G:\pcxis.exe -- File not found
O33 - MountPoints2\{11c3b4cc-4435-11de-ba24-000b6adf997b}\Shell\AutoRun\command - "" = H:\pcxis.exe -- File not found
O33 - MountPoints2\{11c3b4cc-4435-11de-ba24-000b6adf997b}\Shell\open\Command - "" = H:\pcxis.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.05.08 11:27:25 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Unable to start service SrService!

========== Files/Folders - Created Within 7 Days ==========

[2010.04.24 14:56:04 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
[2010.04.22 19:36:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Martin\Plocha\IMT_Smile_-__2010__Odysea_dva
[1996.11.18 11:00:00 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\IMPLODE.DLL
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2010.04.24 15:09:51 | 000,000,059 | RHS- | M] () -- C:\autorun.inf
[2010.04.24 14:57:40 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Martin\Plocha\OTL.exe
[2010.04.24 14:23:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.04.24 14:20:43 | 000,200,712 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.04.24 14:20:32 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.24 14:20:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.24 14:20:23 | 535,678,976 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.24 11:13:08 | 005,242,880 | -H-- | M] () -- C:\Documents and Settings\Martin\NTUSER.DAT
[2010.04.24 11:12:36 | 004,284,358 | -H-- | M] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\IconCache.db
[2010.04.24 11:07:02 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\Skype.lnk
[2010.04.23 22:03:04 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\Martin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.23 19:55:20 | 000,128,000 | RHS- | M] () -- C:\twhvna.exe
[2010.04.23 14:51:20 | 000,000,497 | ---- | M] () -- C:\WINDOWS\System32\msupdte.exe
[2010.04.22 20:21:12 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[2010.04.21 18:09:18 | 000,023,552 | ---- | M] () -- C:\Documents and Settings\Martin\Plocha\Grecka lit.doc
[2010.04.20 20:30:32 | 000,127,488 | RHS- | M] () -- C:\utcddeq.exe
[2010.04.18 18:30:53 | 000,128,000 | RHS- | M] () -- C:\r3fhr.exe
[2010.04.18 17:24:47 | 000,000,150 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat
[2010.04.18 16:36:43 | 000,000,771 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.18 16:36:43 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.18 16:36:43 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.04.17 18:33:12 | 000,127,488 | RHS- | M] () -- C:\lhhr8.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.23 19:56:01 | 000,128,000 | RHS- | C] () -- C:\twhvna.exe
[2010.04.23 14:51:20 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\msupdte.exe
[2010.04.21 18:11:50 | 000,128,512 | RHS- | C] () -- C:\vgyn6ewc.exe
[2010.04.21 18:10:38 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Martin\Plocha\Grecka lit.doc
[2010.04.21 14:02:25 | 000,127,488 | RHS- | C] () -- C:\utcddeq.exe
[2010.04.18 18:31:26 | 000,128,000 | RHS- | C] () -- C:\r3fhr.exe
[2010.04.17 18:33:46 | 000,127,488 | RHS- | C] () -- C:\lhhr8.exe
[2010.04.01 15:31:43 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010.03.13 20:18:48 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2010.01.30 21:27:55 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.11.29 20:08:49 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009.11.07 21:00:18 | 000,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys
[2009.10.30 16:13:45 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2009.05.22 16:19:59 | 000,000,244 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.09 12:51:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.08 13:15:01 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009.05.08 13:15:01 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009.05.08 13:15:01 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009.05.08 13:15:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009.05.08 13:09:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2009.05.08 13:05:29 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2009.05.08 11:46:28 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.05.08 11:46:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009.05.08 11:46:26 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.05.08 11:46:26 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.05.08 11:46:25 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.05.08 11:46:25 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.05.08 11:46:19 | 000,001,341 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.12.26 22:17:22 | 000,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2008.12.22 13:23:55 | 000,000,177 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008.07.24 00:29:16 | 000,047,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\vserial.sys
[2008.07.24 00:29:16 | 000,015,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\vsb.sys
[2006.10.10 00:12:14 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.10.22 06:43:44 | 000,498,176 | ---- | C] () -- C:\WINDOWS\System32\Synapse.dll
[2004.03.18 23:51:56 | 000,159,744 | R--- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004.03.18 23:51:16 | 000,843,776 | R--- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2000.06.24 06:10:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\TSLV.dll
[2000.03.23 16:30:18 | 000,181,760 | ---- | C] () -- C:\WINDOWS\System32\IANGEL32.DLL
[1997.08.28 10:53:10 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\mapirtf.dll
[1996.08.20 15:08:46 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\angel32.dll

========== LOP Check ==========

[2009.09.01 14:25:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2010.01.30 21:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.10.24 20:11:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2009.09.01 14:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Canneverbe_Limited
[2010.01.30 21:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\DAEMON Tools Lite
[2010.04.01 11:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Desktopicon
[2009.10.24 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ESET
[2009.05.23 10:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\FormEdik
[2009.12.12 21:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\GetRight
[2010.04.24 14:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ICQ
[2009.08.11 20:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\IEPro
[2009.05.08 12:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mikrotik
[2009.08.24 10:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\MiniDm
[2009.11.23 21:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\TeamViewer
[2010.04.24 15:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\uTorrent
[2010.02.04 12:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\World-Loom
[2010.04.24 14:23:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.12.19 14:23:26 | 000,040,960 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2010.03.19 21:30:35 | 000,319,792 | ---- | M] (BitTorrent, Inc.)
"ICQ" = "C:\Program Files\ICQ6.5\ICQ.exe" silent -- [2009.11.16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"cdoosoft" = C:\DOCUME~1\Martin\LOCALS~1\Temp\herss.exe -- File not found
"nod32" = C:\DOCUME~1\Martin\LOCALS~1\Temp\nodqq.exe -- [2010.04.23 19:55:20 | 000,128,000 | RHS- | M] ()

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.04.10 12:19:11 | 000,117,248 | RHS- | M] () -- C:\ba.exe
[2010.04.13 14:16:32 | 000,117,760 | RHS- | M] () -- C:\chxnxyx.exe
[2010.04.16 16:43:37 | 000,126,976 | RHS- | M] () -- C:\dqm.exe
[2010.04.10 18:04:49 | 000,116,224 | RHS- | M] () -- C:\img8hi.exe
[2010.04.17 18:33:12 | 000,127,488 | RHS- | M] () -- C:\lhhr8.exe
[2010.04.18 18:30:53 | 000,128,000 | RHS- | M] () -- C:\r3fhr.exe
[2010.04.23 19:55:20 | 000,128,000 | RHS- | M] () -- C:\twhvna.exe
[2010.04.20 20:30:32 | 000,127,488 | RHS- | M] () -- C:\utcddeq.exe
[2010.04.22 20:21:12 | 000,128,512 | RHS- | M] () -- C:\vgyn6ewc.exe
[2010.04.06 16:48:22 | 000,117,248 | RHS- | M] () -- C:\ysyjq1bs.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.08.22 16:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Adobe
[2009.09.01 14:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Canneverbe_Limited
[2010.01.30 21:36:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\DAEMON Tools Lite
[2010.04.01 11:14:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Desktopicon
[2009.10.29 15:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\DivX
[2009.10.24 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ESET
[2009.05.23 10:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\FormEdik
[2009.12.12 21:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\GetRight
[2010.02.18 22:04:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\HP
[2010.04.15 15:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\HPAppData
[2010.04.24 14:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\ICQ
[2009.05.08 12:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Identities
[2009.08.11 20:15:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\IEPro
[2009.05.08 12:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Macromedia
[2009.11.03 14:54:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Martin\Data aplikací\Microsoft
[2009.05.08 12:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mikrotik
[2009.08.24 10:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\MiniDm
[2009.05.08 12:17:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Mozilla
[2010.01.01 14:52:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\NCH Software
[2009.05.08 12:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Nero
[2009.08.24 10:44:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Real
[2010.04.24 11:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Skype
[2010.04.24 11:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\skypePM
[2009.05.08 12:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Sun
[2009.11.23 21:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\TeamViewer
[2010.04.24 15:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\uTorrent
[2010.04.17 12:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\Winamp
[2009.05.08 12:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\WinRAR
[2010.02.04 12:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Martin\Data aplikací\World-Loom

< %APPDATA%\*.exe /s >
[2010.04.01 11:14:24 | 000,031,836 | ---- | M] () -- C:\Documents and Settings\Martin\Data aplikací\Desktopicon\uninst.exe
[2009.09.28 13:04:21 | 001,924,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Martin\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe


< MD5 for: AGP440.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.12.19 14:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.12.26 23:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.12.14 16:44:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.12.14 16:44:25 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.12.14 16:43:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.12.14 16:43:33 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B3D65E8F4D9EC988FA17060F21AC445B -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.12.14 16:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.12.14 16:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.12.19 14:29:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:40 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.01.30 21:27:55 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.05.08 13:03:30 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009.05.08 13:03:30 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009.05.08 13:03:30 | 000,475,136 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:40 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010.04.23 14:51:20 | 000,000,497 | ---- | M] () -- C:\WINDOWS\system32\msupdte.exe
[2010.04.24 14:20:43 | 000,200,712 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >
Extras.rar
(6.65 KiB) Staženo 123 x

Re: MS-DOS

Napsal: 24 dub 2010 15:00
od To3@s
Po dokonceni mi Notepad nespustilo naskocila chyba :
notepad.exe- Vstupni bod nebyl nalezen
bod procedury MSVCR0._except_handler4_common sa nepodarilo v dynamicky propojovane knihovne vmsvcrt.dll nalezt.


log :

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Microsoft WinUpdate deleted successfully.
C:\WINDOWS\system32\msupdte.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-725345543-1085031214-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft deleted successfully.
Registry value HKEY_USERS\S-1-5-21-725345543-1085031214-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 deleted successfully.
C:\Documents and Settings\Martin\Local Settings\Temp\nodqq.exe moved successfully.
C:\autorun.inf moved successfully.
C:\twhvna.exe moved successfully.
C:\vgyn6ewc.exe moved successfully.
C:\utcddeq.exe moved successfully.
C:\r3fhr.exe moved successfully.
C:\lhhr8.exe moved successfully.
C:\ba.exe moved successfully.
C:\chxnxyx.exe moved successfully.
C:\dqm.exe moved successfully.
C:\img8hi.exe moved successfully.
C:\ysyjq1bs.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cdoosoft not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nod32 not found.
========== COMMANDS ==========
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.2.0 log created on 04242010_155201

Re: MS-DOS

Napsal: 26 dub 2010 20:20
od To3@s
ComboFix 10-04-21.01 - Martin . 04. 2010 21:08:59.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.203 [GMT 2:00]
Running from: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2010-03-26 to 2010-04-26 )))))))))))))))))))))))))))))))
.

2010-04-26 18:52 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-04-26 18:15 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-04-26 16:54 . 2009-07-31 04:30 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-04-26 14:14 . 2010-04-26 14:14 -------- d-----w- c:\program files\MSXML 4.0
2010-04-26 13:46 . 2010-02-24 11:57 457216 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-24 13:52 . 2010-04-24 13:52 -------- d-----w- C:\_OTL
2010-04-17 10:24 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-04-17 10:24 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-04-17 10:24 . 2010-04-17 10:24 -------- d-----w- c:\windows\Logs
2010-04-17 10:22 . 2010-04-17 10:27 -------- d-----w- c:\program files\Winamp
2010-04-10 19:29 . 2008-05-07 05:38 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-04-10 19:29 . 2010-04-10 19:29 -------- d-----w- c:\program files\Nokia
2010-04-10 19:29 . 2010-04-10 19:29 -------- d-----w- c:\program files\ODEON
2010-04-01 14:04 . 2010-04-01 14:07 -------- d-----w- c:\program files\GRETECH
2010-04-01 13:31 . 2002-01-05 03:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-04-01 13:31 . 2003-08-07 13:01 237568 ----a-w- c:\windows\system32\lame_enc.dll
2010-04-01 13:31 . 2002-01-05 04:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2010-04-01 13:31 . 2010-04-01 13:31 -------- d-----w- c:\program files\AML Products
2010-04-01 09:12 . 2010-04-01 09:12 -------- d-----w- c:\program files\FreeTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-24 17:12 . 2010-03-13 16:20 -------- d-----w- c:\program files\The KMPlayer
2010-04-09 15:11 . 2009-05-23 08:30 -------- d-----w- c:\program files\FormEdik
2010-03-28 07:07 . 2001-10-25 13:00 83850 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 07:07 . 2001-10-25 13:00 441248 ----a-w- c:\windows\system32\perfh005.dat
2010-03-27 11:56 . 2010-02-01 19:17 -------- d-----w- c:\program files\Valve
2010-03-19 19:30 . 2009-08-28 10:04 -------- d-----w- c:\program files\uTorrent
2010-03-14 14:13 . 2010-03-14 14:09 -------- d-----w- c:\program files\Hero Editor
2010-03-14 14:08 . 2010-03-14 14:08 249856 ------w- c:\windows\Setup1.exe
2010-03-14 14:08 . 2010-03-14 14:08 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-03-14 13:58 . 2010-03-14 13:40 -------- d-----w- c:\program files\Diablo II
2010-03-11 12:36 . 2008-08-26 07:27 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2008-12-14 14:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2008-12-14 14:35 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-10 13:25 . 2009-10-24 18:11 -------- d-----w- c:\program files\ESET
2010-02-24 11:57 . 2008-12-14 14:45 457216 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-04 10:15 . 2010-02-04 10:15 4096 ----a-w- c:\windows\d3dx.dat
2010-01-30 19:27 . 2010-01-30 19:27 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

------- Sigcheck -------

[-] 2008-12-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-12-19 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[-] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[-] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[-] 2008-12-19 . 56C2494C8E340FAB9ADB51B06023381A . 2351232 . . [5.1.2600.5657] . . c:\windows\system32\ntoskrnl.exe

[-] 2008-12-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2008-12-19 . D39127310CBAD1485EC5001A4ED1D853 . 1486336 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-12-26 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2008-12-19 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[-] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[-] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[-] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[-] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[-] 2008-12-26 . 16B9C1DBE5BB1157CE55CE7860A4F123 . 2228096 . . [5.1.2600.5657] . . c:\windows\system32\ntkrnlpa.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-04-25_15.24.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-30 14:45 . 2008-09-30 14:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2010-04-26 19:06 . 2010-04-26 19:06 16384 c:\windows\Temp\Perflib_Perfdata_1c4.dat
+ 2009-08-06 17:24 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 53472 c:\windows\system32\wuauclt.exe
+ 2008-04-14 06:52 . 2009-06-25 08:42 54272 c:\windows\system32\wdigest.dll
+ 2008-12-14 14:44 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
+ 2009-05-08 09:30 . 2007-07-27 08:41 26488 c:\windows\system32\spupdsvc.exe
- 2009-05-08 09:29 . 2007-11-30 12:39 18296 c:\windows\system32\spmsg.dll
+ 2009-05-08 09:29 . 2008-07-09 07:36 18296 c:\windows\system32\spmsg.dll
+ 2010-04-25 15:37 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2008-04-14 06:51 . 2009-06-25 08:42 56832 c:\windows\system32\secur32.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 44544 c:\windows\system32\pngfilt.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 44544 c:\windows\system32\pngfilt.dll
+ 2001-10-25 13:00 . 2009-11-27 16:09 28672 c:\windows\system32\msvidc32.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 11264 c:\windows\system32\msrle32.dll
+ 2008-04-14 06:51 . 2009-11-27 16:09 11264 c:\windows\system32\msrle32.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 52224 c:\windows\system32\msfeedsbs.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 27648 c:\windows\system32\jsproxy.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 27648 c:\windows\system32\jsproxy.dll
+ 2008-04-14 06:51 . 2009-11-27 16:09 48128 c:\windows\system32\iyuv_32.dll
- 2008-08-25 07:38 . 2008-08-25 07:38 13824 c:\windows\system32\ieudinit.exe
+ 2008-08-25 07:38 . 2010-03-10 13:17 13824 c:\windows\system32\ieudinit.exe
- 2008-08-26 07:26 . 2008-08-26 07:26 44544 c:\windows\system32\iernonce.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 44544 c:\windows\system32\iernonce.dll
+ 2008-08-25 07:36 . 2010-03-10 13:17 70656 c:\windows\system32\ie4uinit.exe
- 2008-08-25 07:36 . 2008-08-25 07:36 70656 c:\windows\system32\ie4uinit.exe
+ 2008-08-26 07:26 . 2010-03-11 12:36 63488 c:\windows\system32\icardie.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 63488 c:\windows\system32\icardie.dll
+ 2008-04-13 22:01 . 2009-06-24 10:28 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2009-05-08 09:25 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2008-04-14 06:52 . 2009-06-25 08:42 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2008-04-14 06:51 . 2009-06-25 08:42 56832 c:\windows\system32\dllcache\secur32.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2001-10-25 13:00 . 2009-11-27 16:09 28672 c:\windows\system32\dllcache\msvidc32.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-04-14 06:51 . 2009-11-27 16:09 11264 c:\windows\system32\dllcache\msrle32.dll
- 2009-05-08 09:29 . 2008-08-26 08:26 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-05-08 09:29 . 2010-03-11 12:36 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-04-13 22:01 . 2009-06-24 10:28 92928 c:\windows\system32\dllcache\ksecdd.sys
+ 2008-08-26 07:26 . 2010-03-11 12:36 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-05-08 09:29 . 2010-03-10 13:17 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-05-08 09:29 . 2008-08-25 08:38 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-08-26 07:26 . 2010-03-11 12:36 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-12-14 14:35 . 2008-12-14 14:35 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2008-12-14 14:35 . 2010-03-11 12:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2008-08-25 07:36 . 2010-03-10 13:17 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-25 07:36 . 2008-08-25 07:36 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-05-08 09:29 . 2008-08-26 08:26 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-05-08 09:29 . 2010-03-11 12:36 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-12-14 14:35 . 2008-12-14 14:35 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-12-14 14:35 . 2010-03-11 12:36 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-04-14 06:51 . 2009-08-06 17:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2010-01-13 14:02 . 2010-01-13 14:02 86016 c:\windows\system32\dllcache\cabview.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2008-04-14 06:51 . 2009-11-27 16:09 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2008-04-14 06:51 . 2009-07-17 19:04 58880 c:\windows\system32\dllcache\atl.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 58880 c:\windows\system32\dllcache\atl.dll
+ 2008-04-14 06:51 . 2009-08-06 17:24 96480 c:\windows\system32\cdm.dll
+ 2008-12-19 12:22 . 2010-01-13 14:02 86016 c:\windows\system32\cabview.dll
+ 2008-04-14 06:51 . 2009-11-27 16:09 84992 c:\windows\system32\avifil32.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 84992 c:\windows\system32\avifil32.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 58880 c:\windows\system32\atl.dll
+ 2008-04-14 06:51 . 2009-07-17 19:04 58880 c:\windows\system32\atl.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 90112 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Web.RegularExpressions.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Drawing.Design.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Configuration.Install.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Vsa.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.VisualBasic.Vsa.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Build.Utilities.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Build.Framework.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\ISymWrapper.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\IEHost.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\CustomMarshalers.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\cscompmgd.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Accessibility.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2008-05-27 23:30 . 2008-05-27 23:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-04-26 14:14 . 2010-04-26 14:14 32768 c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2010-04-26 16:56 . 2008-08-26 07:27 44544 c:\windows\ie7updates\KB980182-IE7\pngfilt.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 52224 c:\windows\ie7updates\KB980182-IE7\msfeedsbs.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 27648 c:\windows\ie7updates\KB980182-IE7\jsproxy.dll
+ 2010-04-26 16:56 . 2008-08-25 07:38 13824 c:\windows\ie7updates\KB980182-IE7\ieudinit.exe
+ 2010-04-26 16:56 . 2008-08-26 07:26 44544 c:\windows\ie7updates\KB980182-IE7\iernonce.dll
+ 2010-04-26 16:57 . 2008-12-14 14:35 78336 c:\windows\ie7updates\KB980182-IE7\ieencode.dll
+ 2010-04-26 16:56 . 2008-08-25 07:36 70656 c:\windows\ie7updates\KB980182-IE7\ie4uinit.exe
+ 2010-04-26 16:56 . 2008-08-26 07:26 63488 c:\windows\ie7updates\KB980182-IE7\icardie.dll
+ 2010-04-26 16:56 . 2008-12-14 14:35 17408 c:\windows\ie7updates\KB980182-IE7\corpol.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7814c39a\System.Drawing.Design.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_a58b37d5\CustomMarshalers.dll
+ 2008-05-05 05:25 . 2008-05-05 05:25 3072 c:\windows\system32\xpsp4res.dll
+ 2001-10-24 11:25 . 2009-11-27 16:09 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft_VsaVb.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.VisualC.Dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\IIEHost.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\IEExecRemote.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 209632 c:\windows\system32\wuweb.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 327896 c:\windows\system32\wucltui.dll
+ 2009-05-08 09:25 . 2009-08-06 17:23 575704 c:\windows\system32\wuapi.dll
+ 2008-12-14 14:39 . 2009-07-13 21:43 286208 c:\windows\system32\wmpdxm.dll
+ 2008-12-14 14:38 . 2008-06-18 03:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2008-12-19 12:29 . 2009-12-24 07:04 177664 c:\windows\system32\wintrust.dll
+ 2008-04-14 06:52 . 2008-12-16 12:32 354304 c:\windows\system32\winhttp.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 354304 c:\windows\system32\winhttp.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 233472 c:\windows\system32\webcheck.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 233472 c:\windows\system32\webcheck.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 105984 c:\windows\system32\url.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 105984 c:\windows\system32\url.dll
+ 2008-04-14 06:51 . 2009-06-25 08:42 147456 c:\windows\system32\schannel.dll
+ 2008-04-14 06:51 . 2009-04-15 14:54 585216 c:\windows\system32\rpcrt4.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 102912 c:\windows\system32\occache.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 102912 c:\windows\system32\occache.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 271360 c:\windows\system32\oakley.dll
+ 2008-04-14 06:51 . 2009-10-13 10:34 271360 c:\windows\system32\oakley.dll
+ 2008-04-14 06:51 . 2009-08-05 09:01 205312 c:\windows\system32\mswebdvd.dll
+ 2008-12-14 14:43 . 2009-09-11 14:15 136704 c:\windows\system32\msv1_0.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 671232 c:\windows\system32\mstime.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 671232 c:\windows\system32\mstime.dll
+ 2008-12-14 14:38 . 2006-12-04 14:21 414720 c:\windows\system32\msscp.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 193024 c:\windows\system32\msrating.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 193024 c:\windows\system32\msrating.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 477696 c:\windows\system32\mshtmled.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 477696 c:\windows\system32\mshtmled.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 459264 c:\windows\system32\msfeeds.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 459264 c:\windows\system32\msfeeds.dll
+ 2008-12-14 14:43 . 2009-06-26 09:42 729088 c:\windows\system32\lsasrv.dll
- 2008-12-14 14:38 . 2008-12-14 14:38 100864 c:\windows\system32\logagent.exe
+ 2008-12-14 14:38 . 2008-06-17 23:09 100864 c:\windows\system32\logagent.exe
+ 2008-04-14 06:51 . 2009-06-25 08:42 301568 c:\windows\system32\kerberos.dll
- 2008-12-14 14:44 . 2008-12-14 14:44 512000 c:\windows\system32\jscript.dll
+ 2008-12-14 14:44 . 2009-08-13 15:04 512000 c:\windows\system32\jscript.dll
- 2009-05-08 09:25 . 2008-04-14 06:51 691712 c:\windows\system32\inetcomm.dll
+ 2009-05-08 09:25 . 2008-04-11 19:06 691712 c:\windows\system32\inetcomm.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 268288 c:\windows\system32\iertutil.dll
+ 2008-12-19 12:23 . 2010-03-11 12:36 192512 c:\windows\system32\iepeers.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 385024 c:\windows\system32\iedkcs32.dll
+ 2008-06-23 15:42 . 2010-03-11 12:36 380928 c:\windows\system32\ieapfltr.dll
+ 2008-08-23 04:54 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll
- 2008-08-23 04:54 . 2008-08-23 04:54 161792 c:\windows\system32\ieakui.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 230400 c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 230400 c:\windows\system32\ieaksie.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 153088 c:\windows\system32\ieakeng.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 153088 c:\windows\system32\ieakeng.dll
+ 2008-04-14 06:51 . 2008-10-23 12:42 286720 c:\windows\system32\gdi32.dll
- 2009-05-08 11:04 . 2009-05-09 10:37 282928 c:\windows\system32\FNTCACHE.DAT
+ 2009-05-08 11:04 . 2010-04-26 17:37 282928 c:\windows\system32\FNTCACHE.DAT
- 2008-08-26 07:26 . 2008-08-26 07:26 133120 c:\windows\system32\extmgr.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 133120 c:\windows\system32\extmgr.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 214528 c:\windows\system32\dxtrans.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 214528 c:\windows\system32\dxtrans.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 347136 c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 347136 c:\windows\system32\dxtmsft.dll
+ 2008-12-14 14:45 . 2010-01-01 07:58 353792 c:\windows\system32\drivers\srv.sys
+ 2009-05-08 09:25 . 2009-08-06 17:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2009-05-08 09:25 . 2009-08-06 17:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2009-05-08 09:25 . 2009-08-06 17:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2008-12-14 14:39 . 2009-07-13 21:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-12-14 14:38 . 2008-06-18 03:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2009-12-24 07:04 . 2009-12-24 07:04 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 06:52 . 2008-12-16 12:32 354304 c:\windows\system32\dllcache\winhttp.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 354304 c:\windows\system32\dllcache\winhttp.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 105984 c:\windows\system32\dllcache\url.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-14 14:38 . 2007-06-27 13:31 317952 c:\windows\system32\dllcache\unregmp2.exe
+ 2009-05-08 09:25 . 2009-06-21 21:48 153088 c:\windows\system32\dllcache\triedit.dll
- 2009-05-08 09:25 . 2008-04-14 06:52 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-12-14 14:45 . 2010-01-01 07:58 353792 c:\windows\system32\dllcache\srv.sys
+ 2008-04-14 06:51 . 2009-06-25 08:42 147456 c:\windows\system32\dllcache\schannel.dll
+ 2008-04-14 06:51 . 2009-04-15 14:54 585216 c:\windows\system32\dllcache\rpcrt4.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 06:51 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 271360 c:\windows\system32\dllcache\oakley.dll
+ 2008-04-14 06:51 . 2009-08-05 09:01 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2008-12-14 14:43 . 2009-09-11 14:15 136704 c:\windows\system32\dllcache\msv1_0.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-12-14 14:38 . 2006-12-04 14:21 414720 c:\windows\system32\dllcache\msscp.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-08-26 07:27 . 2010-03-11 12:36 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 07:27 . 2008-08-26 07:27 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2009-05-08 09:29 . 2008-08-26 08:26 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-05-08 09:29 . 2010-03-11 12:36 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-14 14:43 . 2009-06-26 09:42 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2008-12-14 14:38 . 2008-06-17 23:09 100864 c:\windows\system32\dllcache\logagent.exe
- 2008-12-14 14:38 . 2008-12-14 14:38 100864 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 06:51 . 2009-06-25 08:42 301568 c:\windows\system32\dllcache\kerberos.dll
+ 2008-12-14 14:44 . 2009-08-13 15:04 512000 c:\windows\system32\dllcache\jscript.dll
- 2008-12-14 14:44 . 2008-12-14 14:44 512000 c:\windows\system32\dllcache\jscript.dll
- 2009-05-08 09:25 . 2008-04-14 06:51 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-05-08 09:25 . 2008-04-11 19:06 691712 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-05-08 09:24 . 2010-02-23 05:20 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2009-05-08 09:29 . 2010-03-11 12:36 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2010-03-11 12:36 . 2010-03-11 12:36 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-05-08 09:29 . 2010-03-11 12:36 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-08-23 04:54 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-08-23 04:54 . 2008-08-23 04:54 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 06:51 . 2008-10-23 12:42 286720 c:\windows\system32\dllcache\gdi32.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 124928 c:\windows\system32\dllcache\advpack.dll
+ 2008-08-26 07:26 . 2010-03-11 12:36 124928 c:\windows\system32\advpack.dll
- 2008-08-26 07:26 . 2008-08-26 07:26 124928 c:\windows\system32\advpack.dll
+ 2009-08-08 00:35 . 2009-08-08 00:35 819016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Web.Services.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 884736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Web.Mobile.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 261120 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Transactions.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.ServiceProcess.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Security.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 299008 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Runtime.Remoting.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Messaging.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Management.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.EnterpriseServices.Wrapper.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.EnterpriseServices.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Drawing.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.DirectoryServices.Protocols.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.DirectoryServices.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 933888 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Deployment.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 741376 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Data.SqlXml.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 483840 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Data.OracleClient.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.configuration.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\sysglobl.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 671744 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.VisualBasic.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.VisualBasic.Compatibility.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.JScript.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Build.Tasks.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\Microsoft.Build.Engine.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\AspNetMMCExt.dll
- 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2008-05-27 22:49 . 2008-05-27 22:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2008-05-27 23:30 . 2008-05-27 23:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-04-26 14:14 . 2010-04-26 14:14 432640 c:\windows\Installer\3ba271.msi
+ 2008-12-14 14:38 . 2007-06-27 13:31 317952 c:\windows\inf\unregmp2.exe
+ 2010-04-26 16:56 . 2008-08-26 07:27 826368 c:\windows\ie7updates\KB980182-IE7\wininet.dll
+ 2010-04-26 16:56 . 2008-08-26 07:27 233472 c:\windows\ie7updates\KB980182-IE7\webcheck.dll
+ 2010-04-26 16:56 . 2008-08-26 07:27 105984 c:\windows\ie7updates\KB980182-IE7\url.dll
+ 2010-04-26 16:57 . 2009-05-26 11:40 391032 c:\windows\ie7updates\KB980182-IE7\spuninst\updspapi.dll
+ 2010-04-26 16:57 . 2009-05-26 11:40 233848 c:\windows\ie7updates\KB980182-IE7\spuninst\spuninst.exe
+ 2010-04-26 16:56 . 2008-08-26 07:27 102912 c:\windows\ie7updates\KB980182-IE7\occache.dll
+ 2010-04-26 16:56 . 2008-08-26 07:27 671232 c:\windows\ie7updates\KB980182-IE7\mstime.dll
+ 2010-04-26 16:56 . 2008-08-26 07:27 193024 c:\windows\ie7updates\KB980182-IE7\msrating.dll
+ 2010-04-26 16:56 . 2008-08-26 07:27 477696 c:\windows\ie7updates\KB980182-IE7\mshtmled.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 459264 c:\windows\ie7updates\KB980182-IE7\msfeeds.dll
+ 2010-04-26 16:56 . 2008-08-23 04:56 635848 c:\windows\ie7updates\KB980182-IE7\iexplore.exe
+ 2010-04-26 16:56 . 2008-08-26 07:26 267776 c:\windows\ie7updates\KB980182-IE7\iertutil.dll
+ 2010-04-26 16:56 . 2008-12-19 12:23 275968 c:\windows\ie7updates\KB980182-IE7\iepeers.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 384512 c:\windows\ie7updates\KB980182-IE7\iedkcs32.dll
+ 2010-04-26 16:56 . 2008-08-26 08:26 383488 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dll
+ 2010-04-26 16:56 . 2008-08-23 04:54 161792 c:\windows\ie7updates\KB980182-IE7\ieakui.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 230400 c:\windows\ie7updates\KB980182-IE7\ieaksie.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 153088 c:\windows\ie7updates\KB980182-IE7\ieakeng.dll
+ 2010-04-26 16:57 . 2008-08-26 07:26 133120 c:\windows\ie7updates\KB980182-IE7\extmgr.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 214528 c:\windows\ie7updates\KB980182-IE7\dxtrans.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 347136 c:\windows\ie7updates\KB980182-IE7\dxtmsft.dll
+ 2010-04-26 16:56 . 2008-08-26 07:26 124928 c:\windows\ie7updates\KB980182-IE7\advpack.dll
+ 2010-04-26 13:46 . 2010-02-24 11:57 457216 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-04-26 18:56 . 2010-04-26 18:56 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_04d6db5b\System.Drawing.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_798cb406\System.Drawing.Design.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_3c9aa030\CustomMarshalers.dll
+ 2008-09-30 14:42 . 2008-09-30 14:42 1286152 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2009-05-08 09:25 . 2009-08-06 17:23 1929952 c:\windows\system32\wuaueng.dll
+ 2008-12-14 14:39 . 2008-06-18 03:03 2458112 c:\windows\system32\WMVCore.dll
+ 2008-12-14 14:45 . 2009-08-14 16:00 1859712 c:\windows\system32\win32k.sys
+ 2008-08-26 07:27 . 2010-03-11 12:36 1168384 c:\windows\system32\urlmon.dll
+ 2008-12-14 14:44 . 2009-07-31 04:30 1447424 c:\windows\system32\msxml6.dll
+ 2008-09-30 14:43 . 2008-09-30 14:43 1286152 c:\windows\system32\msxml4.dll
+ 2008-12-19 12:25 . 2009-07-31 04:30 1172480 c:\windows\system32\msxml3.dll
+ 2008-08-27 12:57 . 2010-03-11 12:36 3599872 c:\windows\system32\mshtml.dll
+ 2008-10-03 16:26 . 2010-03-11 12:36 6067200 c:\windows\system32\ieframe.dll
+ 2007-04-17 08:32 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2009-05-08 09:25 . 2009-08-06 17:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2008-12-14 14:39 . 2008-06-18 03:03 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-12-14 14:45 . 2009-08-14 16:00 1859712 c:\windows\system32\dllcache\win32k.sys
+ 2008-08-26 07:27 . 2010-03-11 12:36 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-12-14 14:44 . 2009-07-31 04:30 1447424 c:\windows\system32\dllcache\msxml6.dll
+ 2009-05-08 09:25 . 2009-07-10 13:28 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2008-08-27 12:57 . 2010-03-11 12:36 3599872 c:\windows\system32\dllcache\mshtml.dll
+ 2009-05-08 09:25 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe
- 2009-05-08 09:25 . 2008-08-21 13:44 3558912 c:\windows\system32\dllcache\moviemk.exe
+ 2009-05-08 09:29 . 2010-03-11 12:36 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2009-05-08 09:29 . 2009-06-29 08:33 2452872 c:\windows\system32\dllcache\ieapfltr.dat
+ 2009-08-08 00:35 . 2009-08-08 00:35 5849920 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-08 00:35 . 2009-08-08 00:35 4345856 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 2068480 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.XML.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 5013504 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Windows.Forms.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 5431296 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Web.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 3076096 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 5070848 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Design.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 3036160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\System.Data.dll
+ 2010-04-26 18:59 . 2007-10-23 21:17 4444160 c:\windows\Microsoft.NET\Framework\v2.0.50727\GAC15058\mscorlib.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2008-05-27 23:35 . 2008-05-27 23:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2008-05-27 22:48 . 2008-05-27 22:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2008-05-27 22:43 . 2008-05-27 22:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2009-08-09 21:32 . 2009-08-09 21:32 5288960 c:\windows\Installer\47ef01.msp
+ 2010-04-26 16:56 . 2008-08-26 07:27 1159680 c:\windows\ie7updates\KB980182-IE7\urlmon.dll
+ 2010-04-26 16:56 . 2008-08-27 12:57 3593216 c:\windows\ie7updates\KB980182-IE7\mshtml.dll
+ 2010-04-26 16:56 . 2008-10-03 16:26 6066176 c:\windows\ie7updates\KB980182-IE7\ieframe.dll
+ 2010-04-26 16:56 . 2007-04-17 08:32 2455488 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dat
+ 2010-04-26 18:56 . 2010-04-26 18:56 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_fa7627ae\System.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_488dc3ae\System.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b5f57a0d\System.Xml.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_09d342a7\System.Xml.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_331d4ac8\System.Windows.Forms.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_034e524e\System.Windows.Forms.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3ccbf706\System.Drawing.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9032d891\System.Design.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_369123e7\System.Design.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a7d53437\mscorlib.dll
+ 2010-04-26 18:57 . 2010-04-26 18:57 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3691692d\mscorlib.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-05-08 09:31 . 2009-05-08 09:31 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2009-05-08 09:31 . 2009-05-08 09:31 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-04-26 18:56 . 2010-04-26 18:56 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2008-12-19 12:29 . 2009-07-13 21:43 10841088 c:\windows\system32\wmp.dll
+ 2009-07-13 21:43 . 2009-07-13 21:43 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2009-08-10 19:08 . 2009-08-10 19:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp
+ 2010-04-26 18:55 . 2010-04-26 18:55 17254912 c:\windows\Installer\47ef00.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2009-04-02 10:47 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-03-19 319792]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-11-07 949376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-12-19 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]

c:\documents and settings\Martin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-8-24 101784]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
2008-12-26 20:17 77312 ----a-w- c:\windows\arpwrmsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-12-19 12:23 40960 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 11:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 02:30 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 14:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-09-17 08:55 13574144 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-09-17 08:55 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-09-17 08:55 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2008-04-11 06:16 1276416 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-04-21 12:39 24264488 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-07-25 03:23 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-01-12 20:02 37888 ----a-w- c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 14:50 866584 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [7. 11. 2009 21:00 15424]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [30. 10. 2009 16:13 33824]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 16:49 13592]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30. 1. 2010 21:27 691696]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [28. 8. 2009 12:11 234888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2010-03-11 12:36 124928 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-04-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 14:50]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Connection Wizard,ShellNext = hxxp://www.gamingharbor.com/confirmPixel.do?p. ... 16&admin=1
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\yx1valrp.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-26 21:14
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(708)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\imon.dll
.
Completion time: 2010-04-26 21:16:38
ComboFix-quarantined-files.txt 2010-04-26 19:16
ComboFix2.txt 2010-04-25 15:27

Pre-Run: Volných bajtů: 24 238 497 792
Post-Run: Volných bajtů: 24 235 679 744

- - End Of File - - 3DCA66BA6C535786725E40ECD65124EA
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz