comodo blokuje příchozí spojení na svchost

Zpráva

detor · #1 Příspěvek od **detor** » 01 čer 2011 04:04

Zdravím. V událostech comoda firewallu jsem objevil zablokování příchozího spojení z různejch ip adres na c:\windows\system32\svchost.exe pokaždé na stejný cílový port 62290, protokol UDP. Děje se tak několikrát denně. Svchost jsem nechal projet na virustotal.com a tady je výsledek:
http://www.virustotal.com/file-scan/rep ... 1306879732
1/42 antivirů detekovalo trojan, ale lidi se v názorech pod tím testem nemůžou shodnout jestli je to malware nebo goodware. Zajímal by mě váš názor, mám si dělat starosti?

#2 Příspěvek od **motji** » 01 čer 2011 08:58

Hezké dopoledne

Vložte log ze Rsitu, viz můj pdopis.

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

detor · #3 Příspěvek od **detor** » 01 čer 2011 16:45

Dobrý den. Tady je.

Logfile of random's system information tool 1.08 (written by random/random)
Run by GuruI at 2011-06-01 17:42:55
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 207 GB (87%) free of 238 GB
Total RAM: 2046 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:15, on 1.6.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Totalcmd\TOTALCMD.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\Downloads\nesetříděno\RSIT.exe
C:\Program Files\trend micro\GuruI.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CPNJVTC - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\CPNJVTC.exe (file missing)
O23 - Service: CZYOEEEWMM - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\CZYOEEEWMM.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: F - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\F.exe (file missing)
O23 - Service: IFRDG - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\IFRDG.exe (file missing)
O23 - Service: KOADRSS - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\KOADRSS.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\Windows\system32\PrintCtrl.exe
O23 - Service: QMRVU - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\QMRVU.exe (file missing)
O23 - Service: SDE - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\SDE.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TABUF - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\TABUF.exe (file missing)
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: YNENX - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\YNENX.exe (file missing)
O23 - Service: YOTUNEAL - Unknown owner - C:\Users\GuruI\AppData\Local\Temp\YOTUNEAL.exe (file missing)

--
End of file - 5473 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-11 61440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-02 9808488]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-05-09 2552648]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2010-11-06 1866864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-31 17:51:13 ----D---- C:\Program Files\D3DOverrider
2011-05-30 01:08:42 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-30 00:25:33 ----A---- C:\Windows\system32\urlmon.dll
2011-05-30 00:25:33 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-05-30 00:25:33 ----A---- C:\Windows\system32\msls31.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\wininet.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\wextract.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\webcheck.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\vbscript.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\url.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\pngfilt.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\occache.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\msrating.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\mshtmler.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\mshtmled.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\mshtml.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\mshta.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\msfeedssync.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\msfeeds.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\licmgr10.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\jsproxy.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\jscript9.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\jscript.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\inseng.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\imgutil.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iexpress.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieUnatt.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieui.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iesysprep.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iesetup.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iertutil.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iernonce.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iepeers.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieframe.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\iedkcs32.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieapfltr.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieakui.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieaksie.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ieakeng.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\ie4uinit.exe
2011-05-30 00:25:32 ----A---- C:\Windows\system32\icardie.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\dxtrans.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\dxtmsft.dll
2011-05-30 00:25:32 ----A---- C:\Windows\system32\admparse.dll
2011-05-30 00:22:14 ----D---- C:\Windows\system32\SPReview
2011-05-30 00:21:47 ----D---- C:\Windows\system32\EventProviders
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmstorfltres.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmictimeprovider.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmicsvc.exe
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmicres.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\VmdCoinstall.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmbusres.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\vmbuspipe.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\VmbusCoinstaller.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\IcCoinstall.dll
2011-05-30 00:19:00 ----A---- C:\Windows\system32\drivers\winhv.sys
2011-05-30 00:19:00 ----A---- C:\Windows\system32\drivers\vmstorfl.sys
2011-05-30 00:19:00 ----A---- C:\Windows\system32\drivers\VMBusHID.sys
2011-05-30 00:19:00 ----A---- C:\Windows\system32\drivers\vmbus.sys
2011-05-30 00:19:00 ----A---- C:\Windows\system32\drivers\storvsc.sys
2011-05-30 00:18:59 ----A---- C:\Windows\system32\WSDApi.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\tquery.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\PresentationHost.exe
2011-05-30 00:18:59 ----A---- C:\Windows\system32\mssvp.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\mssrch.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\mssphtb.dll
2011-05-30 00:18:59 ----A---- C:\Windows\system32\drivers\vms3cap.sys
2011-05-30 00:18:56 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-05-30 00:18:56 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2011-05-30 00:18:55 ----A---- C:\Windows\system32\umb.dll
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-30 00:18:55 ----A---- C:\Windows\system32\drivers\umbus.sys
2011-05-30 00:18:54 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-05-30 00:18:52 ----A---- C:\Windows\system32\drivers\sbp2port.sys
2011-05-30 00:18:51 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-05-30 00:18:51 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-05-30 00:18:50 ----A---- C:\Windows\system32\MPSSVC.dll
2011-05-30 00:18:50 ----A---- C:\Windows\system32\FirewallControlPanel.dll
2011-05-30 00:18:50 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2011-05-30 00:18:48 ----A---- C:\Windows\system32\netfxperf.dll
2011-05-30 00:18:48 ----A---- C:\Windows\system32\mscories.dll
2011-05-30 00:18:48 ----A---- C:\Windows\system32\mscorier.dll
2011-05-30 00:18:48 ----A---- C:\Windows\system32\mscoree.dll
2011-05-30 00:18:48 ----A---- C:\Windows\system32\dfshim.dll
2011-05-30 00:18:47 ----A---- C:\Windows\system32\Narrator.exe
2011-05-30 00:18:47 ----A---- C:\Windows\system32\NAPHLPR.DLL
2011-05-30 00:18:47 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2011-05-30 00:18:47 ----A---- C:\Windows\system32\drivers\msahci.sys
2011-05-30 00:18:47 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-05-30 00:18:46 ----A---- C:\Windows\system32\winhttp.dll
2011-05-30 00:18:46 ----A---- C:\Windows\system32\drivers\msdsm.sys
2011-05-30 00:18:46 ----A---- C:\Windows\system32\drivers\mpio.sys
2011-05-30 00:18:45 ----A---- C:\Windows\system32\zipfldr.dll
2011-05-30 00:18:45 ----A---- C:\Windows\system32\wwanprotdim.dll
2011-05-30 00:18:45 ----A---- C:\Windows\system32\wwanconn.dll
2011-05-30 00:18:45 ----A---- C:\Windows\system32\wusa.exe
2011-05-30 00:18:45 ----A---- C:\Windows\system32\wsdchngr.dll
2011-05-30 00:18:45 ----A---- C:\Windows\system32\wpd_ci.dll
2011-05-30 00:18:45 ----A---- C:\Windows\system32\drivers\scsiport.sys
2011-05-30 00:18:45 ----A---- C:\Windows\system32\CertEnroll.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\wpdshext.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-05-30 00:18:44 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-05-30 00:18:44 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2011-05-30 00:18:44 ----A---- C:\Windows\system32\wkssvc.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\PortableDeviceStatus.dll
2011-05-30 00:18:44 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wucltux.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\WMADMOD.DLL
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wlanui.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wlanpref.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wlanmsm.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wlangpui.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wintrust.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\winsrv.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\winlogon.exe
2011-05-30 00:18:43 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wimserv.exe
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wimgapi.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\webservices.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\webio.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\wbemcomn.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\ReAgentc.exe
2011-05-30 00:18:43 ----A---- C:\Windows\system32\ReAgent.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\framedynos.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\framedyn.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\fphc.dll
2011-05-30 00:18:43 ----A---- C:\Windows\system32\drivers\afd.sys
2011-05-30 00:18:42 ----A---- C:\Windows\system32\WebClnt.dll
2011-05-30 00:18:42 ----A---- C:\Windows\system32\wcncsvc.dll
2011-05-30 00:18:42 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-05-30 00:18:42 ----A---- C:\Windows\system32\davclnt.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wuwebv.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wups2.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wups.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wudriver.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wuaueng.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wuauclt.exe
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wuapp.exe
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wuapi.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\ws2_32.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wpdwcn.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wmpmde.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\WinSAT.exe
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wiaservc.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wiarpc.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\wiadefui.dll
2011-05-30 00:18:41 ----A---- C:\Windows\system32\audiodev.dll
2011-05-30 00:18:40 ----A---- C:\Windows\twain_32.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\WsmSvc.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\WPDSp.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\wkscli.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\WinSATAPI.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\wiavideo.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\VSSVC.exe
2011-05-30 00:18:39 ----A---- C:\Windows\system32\vssapi.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\vdsutil.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\vds.exe
2011-05-30 00:18:39 ----A---- C:\Windows\system32\VAN.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\mswsock.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\MSVidCtl.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\msvidc32.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\msvfw32.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\msrle32.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\mciavi32.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\iccvid.dll
2011-05-30 00:18:39 ----A---- C:\Windows\system32\drivers\usbrpm.sys
2011-05-30 00:18:39 ----A---- C:\Windows\system32\avifil32.dll
2011-05-30 00:18:38 ----A---- C:\Windows\system32\vdsbas.dll
2011-05-30 00:18:38 ----A---- C:\Windows\system32\cca.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\usp10.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\userinit.exe
2011-05-30 00:18:37 ----A---- C:\Windows\system32\userenv.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\usercpl.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\user32.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\upnp.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\unimdmat.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\umpo.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\UIRibbon.dll
2011-05-30 00:18:37 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys
2011-05-30 00:18:37 ----A---- C:\Windows\system32\drivers\USBCAMD.sys
2011-05-30 00:18:37 ----A---- C:\Windows\system32\djoin.exe
2011-05-30 00:18:36 ----A---- C:\Windows\system32\UserAccountControlSettings.dll
2011-05-30 00:18:36 ----A---- C:\Windows\system32\tzutil.exe
2011-05-30 00:18:36 ----A---- C:\Windows\system32\twext.dll
2011-05-30 00:18:36 ----A---- C:\Windows\system32\drivers\udfs.sys
2011-05-30 00:18:36 ----A---- C:\Windows\system32\drivers\tunnel.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\wavemsp.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\w32tm.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\TRAPI.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\thumbcache.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\themeui.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\themecpl.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\termmgr.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\taskschd.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\taskmgr.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\taskhost.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\taskeng.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\taskbarcpl.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\tapisrv.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\takeown.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\tabcal.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\schedsvc.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\schedcli.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\netiougc.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\netiohlp.dll
2011-05-30 00:18:35 ----A---- C:\Windows\system32\MultiDigiMon.exe
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\tdx.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\tdi.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\rdpdr.sys
2011-05-30 00:18:35 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-05-30 00:18:34 ----A---- C:\Windows\system32\wtsapi32.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\wisptis.exe
2011-05-30 00:18:34 ----A---- C:\Windows\system32\tsgqec.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\termsrv.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\TabSvc.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\SessEnv.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\remotepg.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\regapi.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\rdpencom.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\rdpdd.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\rdpd3d.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\perfts.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\mstscax.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\input.dll
2011-05-30 00:18:34 ----A---- C:\Windows\system32\aaclient.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\winsta.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\utildll.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\TSWorkspace.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\RDPENCDD.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\rdpclip.exe
2011-05-30 00:18:33 ----A---- C:\Windows\system32\mstsc.exe
2011-05-30 00:18:33 ----A---- C:\Windows\system32\mstask.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\lsm.exe
2011-05-30 00:18:33 ----A---- C:\Windows\system32\icaapi.dll
2011-05-30 00:18:33 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2011-05-30 00:18:33 ----A---- C:\Windows\system32\drivers\RDPCDD.sys
2011-05-30 00:18:32 ----A---- C:\Windows\system32\wksprt.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\umrdp.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\tsmf.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\tskill.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\tsdiscon.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\tscon.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\tscfgwmi.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\taskcomp.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\shadow.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rwinsta.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\reset.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rdpwsx.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rdprefdrvapi.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\RDPREFDD.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rdpendp.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rdpcorekmts.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\rdpcfgex.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\qwinsta.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\quser.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\query.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\qprocess.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\qappsrv.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\msutb.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\msg.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\logoff.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\chgusr.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\chgport.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\chglogon.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\change.exe
2011-05-30 00:18:32 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2011-05-30 00:18:32 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2011-05-30 00:18:32 ----A---- C:\Windows\system32\drivers\tdpipe.sys
2011-05-30 00:18:32 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2011-05-30 00:18:31 ----A---- C:\Windows\system32\tlscsp.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\systemcpl.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\syssetup.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\sysclass.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\syncui.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\sxs.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\srcore.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\spopk.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\spbcd.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\rstrui.exe
2011-05-30 00:18:31 ----A---- C:\Windows\system32\rdpcore.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\PortableDeviceSyncProvider.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\lsmproxy.dll
2011-05-30 00:18:31 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-05-30 00:18:30 ----A---- C:\Windows\system32\wsqmcons.exe
2011-05-30 00:18:30 ----A---- C:\Windows\system32\wsnmp32.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\WavDest.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\sud.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\stobject.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\sscore.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\srvsvc.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\srvcli.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\sqmapi.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\sqlcese30.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\spp.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\SmiEngine.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\inetmib1.dll
2011-05-30 00:18:30 ----A---- C:\Windows\system32\drivers\storport.sys
2011-05-30 00:18:30 ----A---- C:\Windows\system32\drivers\scfilter.sys
2011-05-30 00:18:30 ----A---- C:\Windows\system32\certprop.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\sisbkup.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shwebsvc.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shunimpl.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shsvcs.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shlwapi.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shimgvw.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shgina.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\shell32.dll
2011-05-30 00:18:29 ----A---- C:\Windows\system32\basecsp.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\unattend.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\spwizui.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\spreview.exe
2011-05-30 00:18:28 ----A---- C:\Windows\system32\spinstall.exe
2011-05-30 00:18:28 ----A---- C:\Windows\system32\shsetup.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\shdocvw.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\shacct.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\setupcln.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\setupcl.exe
2011-05-30 00:18:28 ----A---- C:\Windows\system32\setupapi.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\sethc.exe
2011-05-30 00:18:28 ----A---- C:\Windows\system32\comctl32.dll
2011-05-30 00:18:28 ----A---- C:\Windows\system32\ActionQueue.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\wscapi.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\vaultsvc.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\Vault.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\TSpkg.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sppuinotify.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sppsvc.exe
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sppinst.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sppcomapi.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sppc.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\slwga.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\slui.exe
2011-05-30 00:18:27 ----A---- C:\Windows\system32\schtasks.exe
2011-05-30 00:18:27 ----A---- C:\Windows\system32\schannel.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\SearchFolder.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sdrsvc.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\sdengin2.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\scavengeui.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\scansetting.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\nltest.exe
2011-05-30 00:18:27 ----A---- C:\Windows\system32\netlogon.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\msv1_0.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\manage-bde.exe
2011-05-30 00:18:27 ----A---- C:\Windows\system32\fveapi.dll
2011-05-30 00:18:27 ----A---- C:\Windows\system32\credssp.dll
2011-05-30 00:18:26 ----A---- C:\Windows\system32\sppobjs.dll
2011-05-30 00:18:26 ----A---- C:\Windows\system32\secproc.dll
2011-05-30 00:18:26 ----A---- C:\Windows\system32\sdclt.exe
2011-05-30 00:18:26 ----A---- C:\Windows\system32\scecli.dll
2011-05-30 00:18:26 ----A---- C:\Windows\system32\RMActivate.exe
2011-05-30 00:18:26 ----A---- C:\Windows\system32\repair-bde.exe
2011-05-30 00:18:26 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-05-30 00:18:24 ----A---- C:\Windows\system32\uxlib.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\sysmain.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\srrstr.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\spwizres.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\spwizeng.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\secproc_isv.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-05-30 00:18:24 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-05-30 00:18:24 ----A---- C:\Windows\system32\logoncli.dll
2011-05-30 00:18:24 ----A---- C:\Windows\system32\CertPolEng.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\WinSCard.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\sppwinob.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\sharemediacpl.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\scesrv.dll
2011-05-30 00:18:23 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-05-30 00:18:22 ----A---- C:\Windows\system32\vpnikeapi.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\runonce.exe
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rtutils.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rpchttp.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\RpcRtRemote.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rpcrt4.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\Robocopy.exe
2011-05-30 00:18:22 ----A---- C:\Windows\system32\riched32.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\riched20.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\RelPost.exe
2011-05-30 00:18:22 ----A---- C:\Windows\system32\recovery.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\recdisc.exe
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rastls.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rastapi.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rasppp.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\rasmans.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\raschap.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\mprddm.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\iprtrmgr.dll
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\wanarp.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\rmcast.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\rdyboost.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\drivers\ndiswan.sys
2011-05-30 00:18:22 ----A---- C:\Windows\system32\cmstp.exe
2011-05-30 00:18:21 ----A---- C:\Windows\system32\vpnike.dll
2011-05-30 00:18:21 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2011-05-30 00:18:21 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2011-05-30 00:18:21 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2011-05-30 00:18:21 ----A---- C:\Windows\system32\RacEngn.dll
2011-05-30 00:18:21 ----A---- C:\Windows\system32\msdrm.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\wvc.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\wpccpl.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\WMPhoto.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\wdscore.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\wdc.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\unlodctr.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\sppnp.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\spoolsv.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\qedit.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\proquota.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\propsys.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\profsvc.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\profprov.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\prncache.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\PrintBrmUi.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\powercpl.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\PnPUnattend.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\PkgMgr.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\pifmgr.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\photowiz.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\perfmon.exe
2011-05-30 00:18:20 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\pdhui.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\hgprint.dll
2011-05-30 00:18:20 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-05-30 00:18:19 ----A---- C:\Windows\system32\win32spl.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\relog.exe
2011-05-30 00:18:19 ----A---- C:\Windows\system32\puiobj.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\prnfldr.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\printui.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\PrintIsolationProxy.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\pla.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\pdh.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\ntprint.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\logman.exe
2011-05-30 00:18:19 ----A---- C:\Windows\system32\localspl.dll
2011-05-30 00:18:19 ----A---- C:\Windows\system32\inetpp.dll
2011-05-30 00:18:18 ----A---- C:\Windows\system32\PushPrinterConnections.exe
2011-05-30 00:18:18 ----A---- C:\Windows\system32\prntvpt.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\OnLineIDCpl.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\onexui.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\onex.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\olepro32.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\oleaut32.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\ocsetup.exe
2011-05-30 00:18:17 ----A---- C:\Windows\system32\ocsetapi.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\drivers\csc.sys
2011-05-30 00:18:17 ----A---- C:\Windows\system32\cscui.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\cscsvc.dll
2011-05-30 00:18:17 ----A---- C:\Windows\system32\CscMig.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\ntshrui.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\ntlanman.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\ntdll.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\nslookup.exe
2011-05-30 00:18:16 ----A---- C:\Windows\system32\nshwfp.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\nlasvc.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\nlaapi.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\networkmap.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\networkexplorer.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\netcenter.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\ncsi.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-05-30 00:18:16 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2011-05-30 00:18:16 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-05-30 00:18:16 ----A---- C:\Windows\system32\dosx.exe
2011-05-30 00:18:16 ----A---- C:\Windows\system32\cscobj.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\cscdll.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\cscapi.dll
2011-05-30 00:18:16 ----A---- C:\Windows\system32\BFE.DLL
2011-05-30 00:18:16 ----A---- C:\Windows\system32\asycfilt.dll
2011-05-30 00:18:15 ----A---- C:\Windows\system32\pnidui.dll
2011-05-30 00:18:15 ----A---- C:\Windows\system32\netutils.dll
2011-05-30 00:18:15 ----A---- C:\Windows\system32\netshell.dll
2011-05-30 00:18:15 ----A---- C:\Windows\system32\netplwiz.dll
2011-05-30 00:18:15 ----A---- C:\Windows\system32\netjoin.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\netcfgx.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\netcfg.exe
2011-05-30 00:18:14 ----A---- C:\Windows\system32\netbtugc.exe
2011-05-30 00:18:14 ----A---- C:\Windows\system32\netapi32.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\net1.exe
2011-05-30 00:18:14 ----A---- C:\Windows\system32\ncryptui.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\nci.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-05-30 00:18:14 ----A---- C:\Windows\system32\drivers\netio.sys
2011-05-30 00:18:14 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-05-30 00:18:14 ----A---- C:\Windows\system32\drivers\ndisuio.sys
2011-05-30 00:18:14 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QUTIL.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QSHVHOST.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QCLIPROV.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\QAGENT.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\nshipsec.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\netdiagfx.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\napdsnap.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\KMSVC.DLL
2011-05-30 00:18:13 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\iasrecst.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\iasrad.dll
2011-05-30 00:18:13 ----A---- C:\Windows\system32\iasacct.dll
2011-05-30 00:18:12 ----A---- C:\Windows\system32\mydocs.dll
2011-05-30 00:18:12 ----A---- C:\Windows\system32\msxml6.dll
2011-05-30 00:18:12 ----A---- C:\Windows\system32\msxml3.dll
2011-05-30 00:18:12 ----A---- C:\Windows\system32\mcbuilder.exe
2011-05-30 00:18:12 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-05-30 00:18:11 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2011-05-30 00:18:11 ----A---- C:\Windows\system32\msinfo32.exe
2011-05-30 00:18:11 ----A---- C:\Windows\system32\msieftp.dll
2011-05-30 00:18:11 ----A---- C:\Windows\system32\msftedit.dll
2011-05-30 00:18:11 ----A---- C:\Windows\system32\msconfig.exe
2011-05-30 00:18:11 ----A---- C:\Windows\system32\msasn1.dll
2011-05-30 00:18:11 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2011-05-30 00:18:11 ----A---- C:\Windows\system32\mprapi.dll
2011-05-30 00:18:11 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2011-05-30 00:18:10 ----A---- C:\Windows\system32\WMVCORE.DLL
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmpsrcwp.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmpshell.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmpps.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\WMPEncEn.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmpeffects.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmpdxm.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmdrmnet.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\wmdrmdev.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\SyncCenter.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\SensorsCpl.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\mobsync.exe
2011-05-30 00:18:10 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\MFPlay.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\mfds.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\mfc40u.dll
2011-05-30 00:18:10 ----A---- C:\Windows\system32\mfc40.dll
2011-05-30 00:18:09 ----A---- C:\Windows\system32\wmploc.DLL
2011-05-30 00:18:09 ----A---- C:\Windows\system32\wmdrmsdk.dll
2011-05-30 00:18:09 ----A---- C:\Windows\system32\msscp.dll
2011-05-30 00:18:09 ----A---- C:\Windows\system32\msnetobj.dll
2011-05-30 00:18:09 ----A---- C:\Windows\system32\logagent.exe
2011-05-30 00:18:09 ----A---- C:\Windows\system32\drmmgrtn.dll
2011-05-30 00:18:09 ----A---- C:\Windows\system32\blackbox.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\wmp.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\spwmp.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-05-30 00:18:08 ----A---- C:\Windows\system32\odbcconf.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\migisol.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\mf.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\mapistub.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\mapi32.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\dxmasf.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-05-30 00:18:08 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-05-30 00:18:07 ----A---- C:\Windows\system32\odbctrac.dll
2011-05-30 00:18:07 ----A---- C:\Windows\system32\mcmde.dll
2011-05-30 00:18:07 ----A---- C:\Windows\system32\mblctr.exe
2011-05-30 00:18:06 ----A---- C:\Windows\system32\Wldap32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\sspisrv.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\sspicli.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\secur32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\odbcjt32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\odbccp32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\odbc32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\nrpsrv.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\msorcl32.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\MdSched.exe
2011-05-30 00:18:06 ----A---- C:\Windows\system32\luainstall.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\lsasrv.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\lpremove.exe
2011-05-30 00:18:06 ----A---- C:\Windows\system32\lpksetup.exe
2011-05-30 00:18:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2011-05-30 00:18:06 ----A---- C:\Windows\system32\defaultlocationcpl.dll
2011-05-30 00:18:06 ----A---- C:\Windows\system32\consent.exe
2011-05-30 00:18:06 ----A---- C:\Windows\system32\appinfo.dll
2011-05-30 00:18:03 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2011-05-30 00:18:01 ----A---- C:\Windows\system32\wshirda.dll
2011-05-30 00:18:01 ----A---- C:\Windows\system32\KernelBase.dll
2011-05-30 00:18:01 ----A---- C:\Windows\system32\kernel32.dll
2011-05-30 00:18:01 ----A---- C:\Windows\system32\iTVData.dll
2011-05-30 00:18:01 ----A---- C:\Windows\system32\isoburn.exe
2011-05-30 00:18:01 ----A---- C:\Windows\system32\drivers\ks.sys
2011-05-30 00:18:00 ----A---- C:\Windows\system32\nlsbres.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\MuiUnattend.exe
2011-05-30 00:18:00 ----A---- C:\Windows\system32\msihnd.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\msiexec.exe
2011-05-30 00:18:00 ----A---- C:\Windows\system32\msi.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\imm32.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\imapi2.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\dbghelp.dll
2011-05-30 00:18:00 ----A---- C:\Windows\system32\dbgeng.dll
2011-05-30 00:17:57 ----A---- C:\Windows\system32\mscms.dll
2011-05-30 00:17:56 ----A---- C:\Windows\system32\tzres.dll
2011-05-30 00:17:56 ----A---- C:\Windows\system32\KBDUS.DLL
2011-05-30 00:17:56 ----A---- C:\Windows\system32\KBDSF.DLL
2011-05-30 00:17:56 ----A---- C:\Windows\system32\kbdlk41a.dll
2011-05-30 00:17:56 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-05-30 00:17:56 ----A---- C:\Windows\system32\C_ISCII.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDUGHR1.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDTURME.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDTUQ.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDTUF.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDTAJIK.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDSG.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDPO.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDNEPR.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDMON.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDMAORI.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDLT1.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINTEL.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINTAM.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINORI.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINMAR.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINKAN.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINHIN.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDINBEN.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDGR1.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDGKL.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDGEO.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDCZ1.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDBULG.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDBLR.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\KBDBASH.DLL
2011-05-30 00:17:55 ----A---- C:\Windows\system32\iscsium.dll
2011-05-30 00:17:55 ----A---- C:\Windows\system32\iscsicli.exe
2011-05-30 00:17:55 ----A---- C:\Windows\system32\elsTrans.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\provsvc.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\ListSvc.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\itircl.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\imapi2fs.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\httpapi.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\hgcpl.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\hbaapi.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\halmacpi.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\halacpi.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\hal.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\drivers\hwpolicy.sys
2011-05-30 00:17:54 ----A---- C:\Windows\system32\drivers\http.sys
2011-05-30 00:17:54 ----A---- C:\Windows\system32\ActionCenterCPL.dll
2011-05-30 00:17:54 ----A---- C:\Windows\system32\ActionCenter.dll
2011-05-30 00:17:50 ----A---- C:\Windows\system32\gpsvc.dll
2011-05-30 00:17:50 ----A---- C:\Windows\system32\gdi32.dll
2011-05-30 00:17:50 ----A---- C:\Windows\system32\gameux.dll
2011-05-30 00:17:49 ----A---- C:\Windows\system32\gpprefcl.dll
2011-05-30 00:17:49 ----A---- C:\Windows\system32\appmgr.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\t2embed.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\scrptadm.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\resutils.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\muifontsetup.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\ifsutil.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\FXSTIFF.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\FXSSVC.exe
2011-05-30 00:17:48 ----A---- C:\Windows\system32\FXSMON.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\ftp.exe
2011-05-30 00:17:48 ----A---- C:\Windows\system32\fontext.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\fms.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\findstr.exe
2011-05-30 00:17:48 ----A---- C:\Windows\system32\fdeploy.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\fde.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\clusapi.dll
2011-05-30 00:17:48 ----A---- C:\Windows\system32\AdmTmpl.dll
2011-05-30 00:17:47 ----A---- C:\Windows\system32\untfs.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\wevtsvc.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-05-30 00:17:46 ----A---- C:\Windows\system32\werconcpl.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\wer.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\mspbda.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\msdri.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\Mcx2Svc.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\Faultrep.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\evr.dll
2011-05-30 00:17:46 ----A---- C:\Windows\system32\eudcedit.exe
2011-05-30 00:17:46 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\esent.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\efscore.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\eapphost.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\eappgnui.dll
2011-05-30 00:17:45 ----A---- C:\Windows\system32\eapp3hst.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\DxpTaskSync.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\DXPTaskRingtone.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\DXP.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dskquoui.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\drvstore.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dot3ui.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dot3svc.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dot3msm.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dot3cfg.dll
2011-05-30 00:17:44 ----A---- C:\Windows\system32\dot3api.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\vfwwdm32.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\samsrv.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\quartz.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\qdvd.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\qdv.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\qcap.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\qasf.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\msdmo.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\mciqtz32.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\dxgi.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\dpnaddr.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\dnscmmc.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\Display.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\diskraid.exe
2011-05-30 00:17:43 ----A---- C:\Windows\system32\diskpart.exe
2011-05-30 00:17:43 ----A---- C:\Windows\system32\d3d9.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\d3d11.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\d3d10level9.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-30 00:17:43 ----A---- C:\Windows\system32\amstream.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\setupugc.exe
2011-05-30 00:17:42 ----A---- C:\Windows\system32\samcli.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dxdiagn.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dwmredir.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dsauth.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dpx.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\DiagCpl.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dhcpcore.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\dfrgui.exe
2011-05-30 00:17:42 ----A---- C:\Windows\system32\DevicePairingFolder.dll
2011-05-30 00:17:42 ----A---- C:\Windows\system32\DeviceCenter.dll
2011-05-30 00:17:41 ----A---- C:\Windows\system32\tsbyuv.dll
2011-05-30 00:17:41 ----A---- C:\Windows\system32\msyuv.dll
2011-05-30 00:17:41 ----A---- C:\Windows\system32\iyuv_32.dll
2011-05-30 00:17:41 ----A---- C:\Windows\system32\dwmcore.dll
2011-05-30 00:17:40 ----A---- C:\Windows\system32\WUDFx.dll
2011-05-30 00:17:40 ----A---- C:\Windows\system32\WUDFSvc.dll
2011-05-30 00:17:40 ----A---- C:\Windows\system32\WUDFPlatform.dll
2011-05-30 00:17:40 ----A---- C:\Windows\system32\WUDFHost.exe
2011-05-30 00:17:40 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2011-05-30 00:17:40 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2011-05-30 00:17:40 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2011-05-30 00:17:40 ----A---- C:\Windows\system32\dps.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\OpcServices.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\netid.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\mimefilt.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\localsec.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\imagehlp.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\cryptui.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\cryptsvc.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\crypt32.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\credui.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\conhost.exe
2011-05-30 00:17:38 ----A---- C:\Windows\system32\comdlg32.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\cmd.exe
2011-05-30 00:17:38 ----A---- C:\Windows\system32\cfgmgr32.dll
2011-05-30 00:17:38 ----A---- C:\Windows\system32\autoconv.exe
2011-05-30 00:17:37 ----A---- C:\Windows\system32\rpcss.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\olethk32.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\ole32.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\msdtctm.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\ci.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\cdosys.dll
2011-05-30 00:17:37 ----A---- C:\Windows\system32\calc.exe
2011-05-30 00:17:36 ----A---- C:\Windows\system32\xpsservices.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\wshbth.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\wbengine.exe
2011-05-30 00:17:36 ----A---- C:\Windows\system32\Query.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\mtxclu.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\diagperf.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\certmgr.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\certcli.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\cabview.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\cabinet.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\browseui.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\browser.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\browcli.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\bootres.dll
2011-05-30 00:17:36 ----A---- C:\Windows\system32\BlbEvents.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\winresume.exe
2011-05-30 00:17:35 ----A---- C:\Windows\system32\winload.exe
2011-05-30 00:17:35 ----A---- C:\Windows\system32\sdcpl.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\qmgr.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\bitsperf.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\bitsadmin.exe
2011-05-30 00:17:35 ----A---- C:\Windows\system32\biocpl.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\bcdsrv.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\bcdboot.exe
2011-05-30 00:17:35 ----A---- C:\Windows\system32\batmeter.dll
2011-05-30 00:17:35 ----A---- C:\Windows\system32\basesrv.dll
2011-05-30 00:17:35 ----A---- C:\Windows\bfsvc.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\winmm.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\SndVolSSO.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\SndVol.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\setbcdlocale.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\LogonUI.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\drivers\appid.sys
2011-05-30 00:17:34 ----A---- C:\Windows\system32\bcdedit.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\AzSqlExt.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\azroleui.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\azroles.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\AxInstSv.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\autoplay.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\autochk.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\autofmt.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\authui.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\audiosrv.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\AudioSes.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\audiodg.exe
2011-05-30 00:17:34 ----A---- C:\Windows\system32\advapi32.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\actxprxy.dll
2011-05-30 00:17:34 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-05-30 00:17:33 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2011-05-30 00:17:33 ----A---- C:\Windows\system32\wdiasqmmodule.dll
2011-05-30 00:17:33 ----A---- C:\Windows\system32\aitagent.exe
2011-05-30 00:17:33 ----A---- C:\Windows\system32\aepdu.dll
2011-05-30 00:17:33 ----A---- C:\Windows\system32\aeinv.dll
2011-05-30 00:17:33 ----A---- C:\Windows\system32\adsldp.dll
2011-05-30 00:17:33 ----A---- C:\Windows\system32\acppage.dll
2011-05-30 00:17:32 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2011-05-30 00:17:32 ----A---- C:\Windows\system32\apphelp.dll
2011-05-30 00:17:32 ----A---- C:\Windows\system32\activeds.dll
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\volmgr.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\pci.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\hidusb.sys
2011-05-30 00:17:31 ----A---- C:\Windows\system32\drivers\hidclass.sys
2011-05-30 00:17:30 ----A---- C:\Windows\system32\srchadmin.dll
2011-05-30 00:17:30 ----A---- C:\Windows\system32\OobeFldr.dll
2011-05-30 00:17:30 ----A---- C:\Windows\system32\dsuiext.dll
2011-05-30 00:17:30 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-05-30 00:17:30 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2011-05-30 00:17:30 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-05-30 00:17:29 ----A---- C:\Windows\system32\drivers\CompositeBus.sys
2011-05-30 00:17:29 ----A---- C:\Windows\system32\drivers\cdrom.sys
2011-05-30 00:17:28 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-05-30 00:17:28 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-05-30 00:17:28 ----A---- C:\Windows\system32\drivers\acpipmi.sys
2011-05-30 00:17:28 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-05-30 00:17:28 ----A---- C:\Windows\system32\drivers\1394ohci.sys
2011-05-29 23:55:16 ----A---- C:\Windows\system32\FntCache.dll
2011-05-29 23:55:16 ----A---- C:\Windows\system32\DWrite.dll
2011-05-29 23:55:16 ----A---- C:\Windows\system32\d2d1.dll
2011-05-29 03:00:35 ----D---- C:\ProgramData\ESET
2011-05-29 03:00:35 ----D---- C:\Program Files\ESET
2011-05-29 02:41:27 ----D---- C:\Program Files\COMODO
2011-05-29 02:39:43 ----D---- C:\ProgramData\Comodo
2011-05-28 21:20:57 ----D---- C:\Program Files\DScaler
2011-05-28 20:22:17 ----D---- C:\Users\GuruI\AppData\Roaming\DScaler4
2011-05-28 20:16:04 ----A---- C:\Windows\system32\drivers\BT848.sys
2011-05-28 19:50:38 ----D---- C:\Program Files\Totalcmd
2011-05-28 13:54:14 ----AD---- C:\Windows\rundll16.exe
2011-05-28 13:54:14 ----AD---- C:\Windows\logo1_.exe
2011-05-28 04:10:16 ----AD---- C:\Windows\VDLL.DLL
2011-05-28 04:10:16 ----AD---- C:\Windows\system32\runouce.exe
2011-05-28 04:10:16 ----AD---- C:\Windows\RUNDL132.EXE
2011-05-28 04:10:16 ----AD---- C:\Windows\logo_1.exe
2011-05-28 04:06:10 ----A---- C:\Windows\system32\msvcr80.dll
2011-05-28 04:06:09 ----A---- C:\Windows\system32\msvcp80.dll
2011-05-28 04:06:08 ----A---- C:\Windows\system32\eEmpty.exe
2011-05-28 04:06:04 ----D---- C:\Program Files\Common Files\MicroWorld
2011-05-28 04:06:01 ----D---- C:\ProgramData\MicroWorld
2011-05-28 03:08:37 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-05-28 03:08:37 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-05-28 03:08:37 ----A---- C:\Windows\system32\drivers\srv.sys
2011-05-28 03:08:24 ----A---- C:\Windows\system32\prevhost.exe
2011-05-28 03:08:21 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-05-28 03:08:21 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-05-28 03:08:21 ----A---- C:\Windows\system32\dnsapi.dll
2011-05-28 03:08:20 ----A---- C:\Windows\system32\fontsub.dll
2011-05-28 03:08:20 ----A---- C:\Windows\system32\atmlib.dll
2011-05-28 03:08:20 ----A---- C:\Windows\system32\atmfd.dll
2011-05-28 03:07:57 ----A---- C:\Windows\system32\kerberos.dll
2011-05-28 03:07:50 ----A---- C:\Windows\system32\win32k.sys
2011-05-28 03:07:46 ----A---- C:\Windows\system32\WFS.exe
2011-05-28 03:07:46 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-05-28 03:07:44 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-28 03:07:41 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-28 03:07:40 ----A---- C:\Windows\system32\CPFilters.dll
2011-05-28 03:07:39 ----A---- C:\Windows\system32\sbe.dll
2011-05-28 03:07:39 ----A---- C:\Windows\system32\EncDec.dll
2011-05-28 03:07:37 ----A---- C:\Windows\explorer.exe
2011-05-28 03:07:30 ----A---- C:\Windows\system32\inetcomm.dll
2011-05-28 03:07:13 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-28 03:07:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-28 03:06:39 ----A---- C:\Windows\system32\mfc42.dll
2011-05-28 03:06:38 ----A---- C:\Windows\system32\mfc42u.dll
2011-05-28 03:06:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-05-28 03:06:28 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-05-28 03:06:28 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-05-28 03:06:27 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-05-28 03:06:15 ----A---- C:\Windows\system32\poqexec.exe
2011-05-28 03:05:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-28 03:05:32 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-28 03:05:31 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-05-28 03:05:31 ----A---- C:\Windows\system32\cdd.dll
2011-05-07 16:17:46 ----A---- C:\Windows\system32\drivers\inspect.sys
2011-05-02 20:36:44 ----A---- C:\Windows\system32\drivers\cmdhlp.sys
2011-05-02 20:36:42 ----A---- C:\Windows\system32\drivers\cmdGuard.sys
2011-05-02 20:36:42 ----A---- C:\Windows\system32\drivers\cmderd.sys
2011-05-02 20:36:04 ----A---- C:\Windows\system32\guard32.dll

======List of files/folders modified in the last 1 months======

2011-06-01 17:43:07 ----D---- C:\Windows\Prefetch
2011-06-01 17:42:57 ----D---- C:\Program Files\trend micro
2011-06-01 17:42:25 ----D---- C:\Windows\Temp
2011-06-01 17:37:06 ----D---- C:\Windows\inf
2011-06-01 17:37:06 ----AD---- C:\Windows\System32
2011-06-01 17:37:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-01 17:35:46 ----D---- C:\Windows\system32\config
2011-06-01 17:31:51 ----D---- C:\Windows
2011-06-01 05:24:57 ----D---- C:\Users\GuruI\AppData\Roaming\Media Player Classic
2011-06-01 05:24:56 ----D---- C:\Users\GuruI\AppData\Roaming\uTorrent
2011-06-01 03:43:15 ----D---- C:\Program Files\PeerBlock
2011-05-31 20:22:45 ----D---- C:\Windows\rescache
2011-05-31 17:51:26 ----RD---- C:\Program Files
2011-05-30 21:25:25 ----D---- C:\Windows\Microsoft.NET
2011-05-30 21:24:51 ----RSD---- C:\Windows\assembly
2011-05-30 20:45:06 ----D---- C:\Windows\winsxs
2011-05-30 03:57:37 ----D---- C:\Users\GuruI\AppData\Roaming\GHISLER
2011-05-30 03:37:51 ----SHD---- C:\System Volume Information
2011-05-30 03:32:01 ----D---- C:\Windows\system32\catroot2
2011-05-30 03:32:01 ----D---- C:\Windows\system32\catroot
2011-05-30 02:27:42 ----D---- C:\Windows\system32\drivers
2011-05-30 02:19:41 ----D---- C:\Windows\Logs
2011-05-30 00:43:04 ----D---- C:\Windows\system32\DriverStore
2011-05-30 00:39:20 ----D---- C:\Program Files\Windows Sidebar
2011-05-30 00:39:20 ----D---- C:\Program Files\Windows Mail
2011-05-30 00:39:20 ----D---- C:\Program Files\DVD Maker
2011-05-30 00:39:16 ----D---- C:\Program Files\Windows Portable Devices
2011-05-30 00:39:16 ----D---- C:\Program Files\Windows Media Player
2011-05-30 00:39:16 ----D---- C:\Program Files\Internet Explorer
2011-05-30 00:39:15 ----D---- C:\Program Files\Windows Photo Viewer
2011-05-30 00:39:15 ----D---- C:\Program Files\Windows Journal
2011-05-30 00:39:14 ----D---- C:\Windows\servicing
2011-05-30 00:39:14 ----D---- C:\Windows\ehome
2011-05-30 00:39:14 ----D---- C:\Program Files\Windows Defender
2011-05-30 00:39:12 ----D---- C:\Windows\system32\oobe
2011-05-30 00:39:12 ----D---- C:\Windows\system32\en-US
2011-05-30 00:39:12 ----D---- C:\Windows\system32\da-DK
2011-05-30 00:39:12 ----D---- C:\Windows\PolicyDefinitions
2011-05-30 00:39:11 ----D---- C:\Windows\system32\sysprep
2011-05-30 00:39:11 ----D---- C:\Windows\system32\Setup
2011-05-30 00:39:11 ----D---- C:\Windows\system32\migration
2011-05-30 00:39:11 ----D---- C:\Windows\system32\cs
2011-05-30 00:39:11 ----D---- C:\Windows\system32\AdvancedInstallers
2011-05-30 00:39:10 ----D---- C:\Windows\system32\cs-CZ
2011-05-30 00:39:09 ----D---- C:\Windows\system32\sppui
2011-05-30 00:39:09 ----D---- C:\Windows\system32\manifeststore
2011-05-30 00:39:09 ----D---- C:\Windows\system32\es-ES
2011-05-30 00:39:09 ----D---- C:\Windows\system32\drivers\cs-CZ
2011-05-30 00:39:08 ----D---- C:\Windows\system32\wbem
2011-05-30 00:39:08 ----D---- C:\Windows\system32\migwiz
2011-05-30 00:39:08 ----D---- C:\Windows\system32\Dism
2011-05-30 00:38:53 ----RSD---- C:\Windows\Fonts
2011-05-30 00:38:53 ----D---- C:\Windows\AppPatch
2011-05-30 00:38:38 ----D---- C:\Windows\system32\Boot
2011-05-30 00:35:06 ----A---- C:\Windows\system32\msclmd.dll
2011-05-30 00:26:34 ----SHD---- C:\Windows\Installer
2011-05-30 00:26:34 ----D---- C:\Program Files\Common Files\microsoft shared
2011-05-29 15:52:59 ----D---- C:\Program Files\uTorrent
2011-05-29 03:54:00 ----D---- C:\Program Files\Mozilla Thunderbird
2011-05-29 03:23:17 ----D---- C:\Program Files\CCleaner
2011-05-29 03:00:35 ----HD---- C:\ProgramData
2011-05-29 02:34:27 ----D---- C:\Windows\system32\Tasks
2011-05-28 21:18:42 ----D---- C:\Program Files\Combined Community Codec Pack
2011-05-28 20:56:19 ----D---- C:\Users\GuruI\AppData\Roaming\Winamp
2011-05-28 20:56:19 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-05-28 20:56:14 ----D---- C:\Windows\debug
2011-05-28 20:08:57 ----D---- C:\Windows\system32\drivers\etc
2011-05-28 19:02:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-28 04:06:04 ----D---- C:\Program Files\Common Files
2011-05-28 03:19:36 ----D---- C:\Program Files\Mozilla Firefox
2011-05-24 19:14:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-11-28 170464]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-11-28 600928]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-05-02 238960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-05-02 37592]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-05-07 82400]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2010-11-26 231248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 BT848;Conexant's BtPCI WDM Video Capture; C:\Windows\system32\DRIVERS\BT848.sys [2011-05-28 371349]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-11-02 3228712]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-23 43008]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 arusb_win7;Service For TP-LINK Wireless N Adapter; C:\Windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys [2005-12-18 8801]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 1053288]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 cmdagent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-05-09 1779792]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2009-06-16 77824]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CPNJVTC;CPNJVTC; C:\Users\GuruI\AppData\Local\Temp\CPNJVTC.exe []
S3 CZYOEEEWMM;CZYOEEEWMM; C:\Users\GuruI\AppData\Local\Temp\CZYOEEEWMM.exe []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 F;F; C:\Users\GuruI\AppData\Local\Temp\F.exe []
S3 IFRDG;IFRDG; C:\Users\GuruI\AppData\Local\Temp\IFRDG.exe []
S3 KOADRSS;KOADRSS; C:\Users\GuruI\AppData\Local\Temp\KOADRSS.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QMRVU;QMRVU; C:\Users\GuruI\AppData\Local\Temp\QMRVU.exe []
S3 SDE;SDE; C:\Users\GuruI\AppData\Local\Temp\SDE.exe []
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TABUF;TABUF; C:\Users\GuruI\AppData\Local\Temp\TABUF.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
S3 YNENX;YNENX; C:\Users\GuruI\AppData\Local\Temp\YNENX.exe []
S3 YOTUNEAL;YOTUNEAL; C:\Users\GuruI\AppData\Local\Temp\YOTUNEAL.exe []
S4 UmRdpService;Přesměrovač portů uživatelského režimu služby Vzdálená plocha; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#4 Příspěvek od **motji** » 01 čer 2011 16:48

Nepouštěl jste proces explorer nebo jiný podobný program? Ještě počkám na ten mbam.

detor · #5 Příspěvek od **detor** » 01 čer 2011 17:35

Explorer jsem nespouštěl a MBAM nic nenašel.

#6 Příspěvek od **motji** » 01 čer 2011 18:02

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

detor · #7 Příspěvek od **detor** » 01 čer 2011 20:25

Tady je log z combofixu. Když jsem po scanu combofixu znovu zapnul comodo firewall tak comodo zahlásil "byla nalezena škodlivá položka" malware c:\windows\nircmd.exe , tak jsem dal smazat.

ComboFix 11-06-01.03 - GuruI 01.06.2011 21:00:49.1.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1368 [GMT 2:00]
Spuštěný z: c:\users\GuruI\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
ADS - system32: deleted 12 bytes in 1 streams.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-01 do 2011-06-01 )))))))))))))))))))))))))))))))
.
.
2011-06-01 19:08 . 2011-06-01 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-31 15:51 . 2011-05-31 15:51 -------- d-----w- c:\program files\D3DOverrider
2011-05-31 15:27 . 2011-05-24 17:12 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9AC09B7-43E5-4AB6-A26B-31418869DBBE}\mpengine.dll
2011-05-29 23:08 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-29 22:22 . 2011-05-29 22:22 -------- d-----w- c:\windows\system32\SPReview
2011-05-29 22:21 . 2011-05-29 22:21 -------- d-----w- c:\windows\system32\EventProviders
2011-05-29 22:18 . 2010-11-20 12:21 458752 ----a-w- c:\windows\system32\WSDApi.dll
2011-05-29 22:17 . 2010-11-20 12:19 481792 ----a-w- c:\windows\system32\mscms.dll
2011-05-29 21:55 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-05-29 21:55 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-05-29 21:55 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-05-29 01:00 . 2011-06-01 15:42 -------- d-----w- c:\program files\ESET
2011-05-29 00:41 . 2011-05-29 00:41 -------- d-----w- c:\program files\COMODO
2011-05-29 00:39 . 2011-05-29 18:59 -------- d-----w- c:\programdata\Comodo
2011-05-29 00:03 . 2011-05-29 00:33 281888 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-05-28 19:20 . 2011-05-28 19:44 -------- d-----w- c:\program files\DScaler
2011-05-28 18:22 . 2011-05-28 19:20 -------- d-----w- c:\users\GuruI\AppData\Roaming\DScaler4
2011-05-28 18:16 . 2011-05-28 18:16 371349 ----a-w- c:\windows\system32\drivers\BT848.sys
2011-05-28 17:50 . 2011-05-28 17:52 -------- d-----w- c:\program files\Totalcmd
2011-05-28 11:54 . 2011-05-28 11:54 -------- d---a-w- c:\windows\rundll16.exe
2011-05-28 11:54 . 2011-05-28 11:54 -------- d---a-w- c:\windows\logo1_.exe
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\VDLL.DLL
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\system32\runouce.exe
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\logo_1.exe
2011-05-28 02:06 . 2011-05-28 02:06 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-05-28 02:06 . 2011-05-28 02:06 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-05-28 02:06 . 2011-05-28 02:06 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-05-28 02:06 . 2011-05-28 02:06 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-05-28 02:06 . 2011-05-28 02:06 -------- d-----w- c:\programdata\MicroWorld
2011-05-28 01:28 . 2011-05-28 01:28 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 01:19 . 2011-05-28 01:19 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-28 01:19 . 2011-05-28 01:19 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-28 01:19 . 2011-05-28 01:19 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-28 01:19 . 2011-05-28 01:19 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-28 01:19 . 2011-05-28 01:19 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-28 01:19 . 2011-05-28 01:19 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-28 01:19 . 2011-05-28 01:19 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-28 01:19 . 2011-05-28 01:19 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-28 01:08 . 2011-02-23 04:48 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-05-28 01:08 . 2011-02-23 04:48 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-05-28 01:08 . 2011-02-23 04:47 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-05-28 01:08 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-28 01:08 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-28 01:08 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-05-28 01:08 . 2011-02-19 06:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-05-28 01:08 . 2011-02-19 04:34 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-05-28 01:08 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2011-05-28 01:06 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-05-28 01:06 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-05-28 01:06 . 2011-02-23 04:47 223232 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-28 01:06 . 2011-02-23 04:47 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-28 01:06 . 2011-02-23 04:47 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-28 01:06 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-05-28 01:06 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-28 01:05 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-28 01:05 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-05-28 01:05 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-05-28 01:05 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2011-05-07 14:17 . 2011-05-07 14:17 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 22:35 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-29 22:25 . 2011-05-29 22:25 203776 ----a-w- c:\windows\system32\webcheck.dll
2011-05-29 07:11 . 2010-11-28 17:20 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-11-28 17:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-28 11:55 . 2011-05-28 11:54 9639183 ----a-w- c:\windows\REGBK00.ZIP
2011-05-24 17:14 . 2010-11-24 17:47 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 18:36 . 2011-05-02 18:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-02 18:36 . 2011-05-02 18:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-05-02 18:36 . 2011-05-02 18:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-02 18:36 . 2011-05-02 18:36 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-28 01:19 . 2011-05-28 01:19 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-06 1866864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-05-09 2552648]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 arusb_win7;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
R3 CPNJVTC;CPNJVTC;c:\users\GuruI\AppData\Local\Temp\CPNJVTC.exe [x]
R3 CZYOEEEWMM;CZYOEEEWMM;c:\users\GuruI\AppData\Local\Temp\CZYOEEEWMM.exe [x]
R3 F;F;c:\users\GuruI\AppData\Local\Temp\F.exe [x]
R3 IFRDG;IFRDG;c:\users\GuruI\AppData\Local\Temp\IFRDG.exe [x]
R3 KOADRSS;KOADRSS;c:\users\GuruI\AppData\Local\Temp\KOADRSS.exe [x]
R3 QMRVU;QMRVU;c:\users\GuruI\AppData\Local\Temp\QMRVU.exe [x]
R3 SDE;SDE;c:\users\GuruI\AppData\Local\Temp\SDE.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TABUF;TABUF;c:\users\GuruI\AppData\Local\Temp\TABUF.exe [x]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 13:24 1053288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
R3 YNENX;YNENX;c:\users\GuruI\AppData\Local\Temp\YNENX.exe [x]
R3 YOTUNEAL;YOTUNEAL;c:\users\GuruI\AppData\Local\Temp\YOTUNEAL.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-02 238960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-02 37592]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
S2 BT848;Conexant's BtPCI WDM Video Capture;c:\windows\system32\DRIVERS\BT848.sys [2011-05-28 371349]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-06-16 77824]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
.
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.ftp - 62.209.202.19
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 62.209.202.19
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 62.209.202.19
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 62.209.202.19
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 62.209.202.19
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(916)
c:\windows\system32\guard32.dll
.
Celkový čas: 2011-06-01 21:12:22
ComboFix-quarantined-files.txt 2011-06-01 19:12
.
Před spuštěním: Volných bajtů: 217 137 963 008
Po spuštění: Volných bajtů: 217 021 419 520
.
- - End Of File - - 6C4AC70317416FC92C82D493CEEC1173

#8 Příspěvek od **motji** » 01 čer 2011 22:15

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
CPNJVTC
CZYOEEEWMM
F
IFRDG
KOADRSS
QMRVU
SDE
TABUF
YNENX
 YOTUNEAL

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

detor · #9 Příspěvek od **detor** » 01 čer 2011 22:46

ComboFix 11-06-01.03 - GuruI 01.06.2011 23:30:10.2.1 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1160 [GMT 2:00]
Spuštěný z: c:\users\GuruI\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\GuruI\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CPNJVTC
-------\Service_CZYOEEEWMM
-------\Service_F
-------\Service_IFRDG
-------\Service_KOADRSS
-------\Service_QMRVU
-------\Service_SDE
-------\Service_TABUF
-------\Service_YNENX
-------\Service_YOTUNEAL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-01 do 2011-06-01 )))))))))))))))))))))))))))))))
.
.
2011-05-31 15:51 . 2011-05-31 15:51 -------- d-----w- c:\program files\D3DOverrider
2011-05-31 15:27 . 2011-05-24 17:12 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9AC09B7-43E5-4AB6-A26B-31418869DBBE}\mpengine.dll
2011-05-29 23:08 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-29 22:22 . 2011-05-29 22:22 -------- d-----w- c:\windows\system32\SPReview
2011-05-29 22:21 . 2011-05-29 22:21 -------- d-----w- c:\windows\system32\EventProviders
2011-05-29 22:18 . 2010-11-20 12:21 458752 ----a-w- c:\windows\system32\WSDApi.dll
2011-05-29 22:17 . 2010-11-20 12:19 481792 ----a-w- c:\windows\system32\mscms.dll
2011-05-29 21:55 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-05-29 21:55 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-05-29 21:55 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-05-29 01:00 . 2011-06-01 15:42 -------- d-----w- c:\program files\ESET
2011-05-29 00:41 . 2011-05-29 00:41 -------- d-----w- c:\program files\COMODO
2011-05-29 00:39 . 2011-05-29 18:59 -------- d-----w- c:\programdata\Comodo
2011-05-29 00:03 . 2011-05-29 00:33 281888 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-05-28 19:20 . 2011-05-28 19:44 -------- d-----w- c:\program files\DScaler
2011-05-28 18:22 . 2011-05-28 19:20 -------- d-----w- c:\users\GuruI\AppData\Roaming\DScaler4
2011-05-28 18:16 . 2011-05-28 18:16 371349 ----a-w- c:\windows\system32\drivers\BT848.sys
2011-05-28 17:50 . 2011-05-28 17:52 -------- d-----w- c:\program files\Totalcmd
2011-05-28 11:54 . 2011-05-28 11:54 -------- d---a-w- c:\windows\rundll16.exe
2011-05-28 11:54 . 2011-05-28 11:54 -------- d---a-w- c:\windows\logo1_.exe
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\VDLL.DLL
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\system32\runouce.exe
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-05-28 02:10 . 2011-05-28 02:10 -------- d---a-w- c:\windows\logo_1.exe
2011-05-28 02:06 . 2011-05-28 02:06 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-05-28 02:06 . 2011-05-28 02:06 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-05-28 02:06 . 2011-05-28 02:06 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-05-28 02:06 . 2011-05-28 02:06 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-05-28 02:06 . 2011-05-28 02:06 -------- d-----w- c:\programdata\MicroWorld
2011-05-28 01:28 . 2011-05-28 01:28 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-28 01:19 . 2011-05-28 01:19 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-28 01:19 . 2011-05-28 01:19 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-28 01:19 . 2011-05-28 01:19 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-28 01:19 . 2011-05-28 01:19 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-28 01:19 . 2011-05-28 01:19 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-28 01:19 . 2011-05-28 01:19 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-28 01:19 . 2011-05-28 01:19 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-28 01:19 . 2011-05-28 01:19 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-28 01:08 . 2011-02-23 04:48 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-05-28 01:08 . 2011-02-23 04:48 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-05-28 01:08 . 2011-02-23 04:47 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-05-28 01:08 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-05-28 01:08 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-05-28 01:08 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-05-28 01:08 . 2011-02-19 06:30 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-05-28 01:08 . 2011-02-19 04:34 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-05-28 01:08 . 2010-09-30 06:47 70656 ----a-w- c:\windows\system32\fontsub.dll
2011-05-28 01:06 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-05-28 01:06 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-05-28 01:06 . 2011-02-23 04:47 223232 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-05-28 01:06 . 2011-02-23 04:47 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-05-28 01:06 . 2011-02-23 04:47 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-05-28 01:06 . 2011-02-23 04:47 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-05-28 01:06 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-28 01:05 . 2011-04-22 19:14 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-28 01:05 . 2010-11-20 12:29 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-05-28 01:05 . 2011-02-03 05:54 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-05-28 01:05 . 2010-11-20 11:56 107520 ----a-w- c:\windows\system32\cdd.dll
2011-05-07 14:17 . 2011-05-07 14:17 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 22:35 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-05-29 22:25 . 2011-05-29 22:25 203776 ----a-w- c:\windows\system32\webcheck.dll
2011-05-29 07:11 . 2010-11-28 17:20 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 07:11 . 2010-11-28 17:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-28 11:55 . 2011-05-28 11:54 9639183 ----a-w- c:\windows\REGBK00.ZIP
2011-05-24 17:14 . 2010-11-24 17:47 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 18:36 . 2011-05-02 18:36 37592 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-05-02 18:36 . 2011-05-02 18:36 238960 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-05-02 18:36 . 2011-05-02 18:36 19088 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-05-02 18:36 . 2011-05-02 18:36 284744 ----a-w- c:\windows\system32\guard32.dll
2011-05-28 01:19 . 2011-05-28 01:19 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-06 1866864]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-05-09 2552648]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 arusb_win7;Service For TP-LINK Wireless N Adapter;c:\windows\system32\DRIVERS\arusb_win7.sys [2010-06-01 612352]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service;c:\windows\system32\DRIVERS\ts_arusb.sys [2010-10-08 13:24 1053288]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-25 1343400]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2010-11-28 752128]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-05-02 238960]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-05-02 37592]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-11-28 3975088]
S2 BT848;Conexant's BtPCI WDM Video Capture;c:\windows\system32\DRIVERS\BT848.sys [2011-05-28 371349]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-06-16 77824]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-11-28 163232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]
.
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.ftp - 62.209.202.19
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 62.209.202.19
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 62.209.202.19
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 62.209.202.19
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 62.209.202.19
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-06-01 23:44:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-06-01 21:44
ComboFix2.txt 2011-06-01 19:12
.
Před spuštěním: Volných bajtů: 216 765 698 048
Po spuštění: Volných bajtů: 216 552 427 520
.
- - End Of File - - D29F676F4CBAD0AC7DA61099D1A620D2

detor · #10 Příspěvek od **detor** » 01 čer 2011 23:16

Log z OTL.txt rozdělený na 2 části.

OTL logfile created on: 1.6.2011 23:50:35 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\GuruI\Desktop
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,87% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 201,76 Gb Free Space | 86,67% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 116,97 Gb Free Space | 19,62% Space Free | Partition Type: NTFS

Computer Name: GURUI-PC | User Name: GuruI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.06.01 23:48:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\GuruI\Desktop\OTL.exe
PRC - [2011.05.28 03:19:29 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.05.09 23:17:34 | 002,552,648 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.05.09 09:38:44 | 001,779,792 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011.01.12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.12.17 07:56:10 | 003,707,808 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\Totalcmd\TOTALCMD.EXE
PRC - [2010.11.28 20:12:31 | 003,975,088 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.10.27 19:24:42 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2010.10.27 19:23:16 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2010.09.23 16:59:48 | 000,780,368 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2009.06.16 08:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) -- C:\Windows\System32\PrintCtrl.exe

========== Modules (SafeList) ==========

MOD - [2011.06.01 23:48:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\GuruI\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.05.09 09:38:44 | 001,779,792 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdagent)
SRV - [2011.01.12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.11.28 20:12:31 | 003,975,088 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.11.25 04:27:54 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.27 19:23:16 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.09.23 16:59:48 | 000,780,368 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.16 08:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\System32\PrintCtrl.exe -- (Printer Control)

========== Driver Services (SafeList) ==========

DRV - [2011.05.28 20:16:04 | 000,371,349 | ---- | M] (Illusion & Hope.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\BT848.sys -- (BT848)
DRV - [2011.05.07 16:17:46 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.05.02 20:36:44 | 000,037,592 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.05.02 20:36:42 | 000,238,960 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010.12.21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.12.21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 13:47:38 | 000,095,384 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.11.28 20:12:32 | 000,163,232 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2010.11.28 20:12:29 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2010.11.28 20:12:28 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2010.11.28 20:12:16 | 000,170,464 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2010.11.26 01:10:08 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.08 15:24:54 | 001,053,288 | ---- | M] (TamoSoft) [CommView] Atheros Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ts_arusb.sys -- (ts_arusb)
DRV - [2010.10.07 14:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.06.01 18:28:08 | 000,612,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\arusb_win7.sys -- (arusb_win7)
DRV - [2010.02.11 09:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.08.04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2009.07.23 23:02:56 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.19 06:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2005.12.18 20:42:12 | 000,008,801 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\DScaler\DSDrv4.sys -- (DSDrv4)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..extensions.enabledItems: tito@no-referrer:0.100911.11
FF - prefs.js..extensions.enabledItems: {0fed7d55-65d4-47b6-a6de-9a4adb55355f}:0.8
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {4df2d0b1-441c-423f-b7a4-f7516f170aab}:0.2.4
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..network.proxy.backup.ftp: "62.209.202.19"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "62.209.202.19"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "62.209.202.19"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "62.209.202.19"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "62.209.202.19"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "62.209.202.19"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "62.209.202.19"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "plimus.com,www.plimus.com,regnow.com,www.regnow.com,"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "62.209.202.19"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "62.209.202.19"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.28 03:19:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.28 03:57:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.05.29 03:53:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.05.29 03:00:35 | 000,000,000 | ---D | M]

[2010.11.25 01:28:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Extensions
[2010.11.25 01:28:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.31 00:07:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\extensions
[2011.05.29 03:30:30 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010.11.24 20:40:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash
[2010.11.24 20:40:56 | 000,000,000 | ---D | M] (No Referrer ( Misspelled Referer )) -- C:\Users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\extensions\tito@no-referrer
[2009.02.06 17:01:06 | 000,000,523 | ---- | M] () -- C:\Users\GuruI\AppData\Roaming\Mozilla\Firefox\Profiles\5706k61k.default\searchplugins\daemon-search.xml
[2010.11.24 20:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.24 20:49:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{1A2D0EC4-75F5-4C91-89C4-3656F6E44B68}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{3A57409D-8B6D-4624-8B83-B08B50226500}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\CLICKCUTTERFFAUTOCOPY@CLICKCUTTER.COM.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\REFSPOOF@MOZDEV.ORG.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\TITO@NO-REFERRER.XPI
() (No name found) -- C:\USERS\GURUI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5706K61K.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI
[2011.05.28 03:19:29 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010.11.24 20:49:01 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2011.05.28 03:19:32 | 000,002,208 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\heureka-cz.xml
[2011.05.28 03:19:32 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2011.05.28 03:16:34 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2011.05.28 03:19:32 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2011.05.28 03:19:32 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2011.05.28 03:19:32 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.06.01 23:38:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3232475479-1308766923-4266084698-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20 - AppInit_DLLs: (C:\Windows\System32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2011.06.01 23:48:27 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\GuruI\Desktop\OTL.exe
[2011.06.01 23:44:15 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.06.01 23:39:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.06.01 23:29:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.06.01 20:59:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.06.01 20:59:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.06.01 20:58:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.06.01 20:58:33 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.06.01 20:55:43 | 004,109,560 | R--- | C] (Swearware) -- C:\Users\GuruI\Desktop\ComboFix.exe
[2011.05.31 17:51:13 | 000,000,000 | ---D | C] -- C:\Program Files\D3DOverrider
[2011.05.30 01:08:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.05.30 00:25:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.05.30 00:25:33 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.05.30 00:25:32 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.30 00:25:32 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.05.30 00:25:32 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.05.30 00:25:32 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.05.30 00:25:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.30 00:25:32 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.30 00:25:32 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.30 00:25:32 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.30 00:25:32 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.30 00:25:32 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.05.30 00:25:32 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.05.30 00:25:32 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.05.30 00:25:32 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.05.30 00:25:32 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.05.30 00:25:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.30 00:25:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.05.30 00:25:32 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.05.30 00:25:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.05.30 00:25:32 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.05.30 00:25:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.05.30 00:25:32 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.05.30 00:25:32 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.30 00:25:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.05.30 00:25:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.05.30 00:25:32 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.05.30 00:25:32 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.05.30 00:25:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.05.30 00:25:32 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.05.30 00:25:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.05.30 00:25:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.05.30 00:25:32 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.05.30 00:25:32 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.05.30 00:25:32 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.05.30 00:25:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.05.30 00:25:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.05.30 00:25:32 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.05.30 00:25:32 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.05.30 00:22:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2011.05.30 00:21:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders

detor · #11 Příspěvek od **detor** » 01 čer 2011 23:25

[2011.05.30 00:19:00 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicsvc.exe
[2011.05.30 00:19:00 | 000,175,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmbus.sys
[2011.05.30 00:19:00 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmbusCoinstaller.dll
[2011.05.30 00:19:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VmdCoinstall.dll
[2011.05.30 00:19:00 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IcCoinstall.dll
[2011.05.30 00:19:00 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmicres.dll
[2011.05.30 00:19:00 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmictimeprovider.dll
[2011.05.30 00:19:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbusres.dll
[2011.05.30 00:19:00 | 000,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\winhv.sys
[2011.05.30 00:19:00 | 000,040,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vmstorfl.sys
[2011.05.30 00:19:00 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmstorfltres.dll
[2011.05.30 00:19:00 | 000,028,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storvsc.sys
[2011.05.30 00:19:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\VMBusHID.sys
[2011.05.30 00:19:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vmbuspipe.dll
[2011.05.30 00:18:59 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.05.30 00:18:59 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.05.30 00:18:59 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.05.30 00:18:59 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.05.30 00:18:59 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.05.30 00:18:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.05.30 00:18:59 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.05.30 00:18:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\vms3cap.sys
[2011.05.30 00:18:55 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011.05.30 00:18:55 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2011.05.30 00:18:50 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2011.05.30 00:18:50 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2011.05.30 00:18:48 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.05.30 00:18:48 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.05.30 00:18:48 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.05.30 00:18:47 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2011.05.30 00:18:47 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2011.05.30 00:18:47 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2011.05.30 00:18:47 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2011.05.30 00:18:45 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2011.05.30 00:18:45 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2011.05.30 00:18:45 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2011.05.30 00:18:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2011.05.30 00:18:45 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2011.05.30 00:18:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2011.05.30 00:18:45 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2011.05.30 00:18:44 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.05.30 00:18:44 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.05.30 00:18:44 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.05.30 00:18:44 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2011.05.30 00:18:44 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2011.05.30 00:18:43 | 002,414,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.05.30 00:18:43 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2011.05.30 00:18:43 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2011.05.30 00:18:43 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011.05.30 00:18:43 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.05.30 00:18:43 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2011.05.30 00:18:43 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2011.05.30 00:18:43 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2011.05.30 00:18:43 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2011.05.30 00:18:43 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.05.30 00:18:43 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2011.05.30 00:18:43 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2011.05.30 00:18:43 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2011.05.30 00:18:43 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2011.05.30 00:18:43 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2011.05.30 00:18:43 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.05.30 00:18:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2011.05.30 00:18:43 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2011.05.30 00:18:42 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
[2011.05.30 00:18:41 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2011.05.30 00:18:41 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.05.30 00:18:41 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.05.30 00:18:41 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2011.05.30 00:18:41 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2011.05.30 00:18:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.05.30 00:18:41 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.05.30 00:18:41 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.05.30 00:18:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.05.30 00:18:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2011.05.30 00:18:41 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.05.30 00:18:40 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2011.05.30 00:18:39 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2011.05.30 00:18:39 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2011.05.30 00:18:39 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2011.05.30 00:18:39 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2011.05.30 00:18:39 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.05.30 00:18:39 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2011.05.30 00:18:39 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.05.30 00:18:39 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.05.30 00:18:39 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.05.30 00:18:39 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2011.05.30 00:18:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2011.05.30 00:18:38 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2011.05.30 00:18:38 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VBICodec.ax
[2011.05.30 00:18:38 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSTPager.ax
[2011.05.30 00:18:38 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2011.05.30 00:18:37 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2011.05.30 00:18:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2011.05.30 00:18:37 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2011.05.30 00:18:37 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdm.tsp
[2011.05.30 00:18:37 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\upnp.dll
[2011.05.30 00:18:37 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.05.30 00:18:37 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.05.30 00:18:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011.05.30 00:18:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.05.30 00:18:37 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2011.05.30 00:18:37 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2011.05.30 00:18:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2011.05.30 00:18:37 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2011.05.30 00:18:36 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2011.05.30 00:18:36 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2011.05.30 00:18:35 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2011.05.30 00:18:35 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2011.05.30 00:18:35 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.05.30 00:18:35 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.05.30 00:18:35 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2011.05.30 00:18:35 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2011.05.30 00:18:35 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2011.05.30 00:18:35 | 000,187,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011.05.30 00:18:35 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011.05.30 00:18:35 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.05.30 00:18:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2011.05.30 00:18:35 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2011.05.30 00:18:35 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2011.05.30 00:18:35 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2011.05.30 00:18:35 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2011.05.30 00:18:35 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2011.05.30 00:18:35 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\g711codc.ax
[2011.05.30 00:18:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011.05.30 00:18:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2011.05.30 00:18:35 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2011.05.30 00:18:35 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2011.05.30 00:18:34 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2011.05.30 00:18:34 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2011.05.30 00:18:34 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2011.05.30 00:18:34 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\regapi.dll
[2011.05.30 00:18:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2011.05.30 00:18:34 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
[2011.05.30 00:18:34 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2011.05.30 00:18:34 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2011.05.30 00:18:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2011.05.30 00:18:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpclip.exe
[2011.05.30 00:18:33 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
[2011.05.30 00:18:33 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2011.05.30 00:18:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2011.05.30 00:18:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icaapi.dll
[2011.05.30 00:18:32 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.05.30 00:18:32 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2011.05.30 00:18:32 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2011.05.30 00:18:32 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2011.05.30 00:18:32 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
[2011.05.30 00:18:32 | 000,154,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscfgwmi.dll
[2011.05.30 00:18:32 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp.dll
[2011.05.30 00:18:32 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2011.05.30 00:18:32 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2011.05.30 00:18:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2011.05.30 00:18:32 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qwinsta.exe
[2011.05.30 00:18:32 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qprocess.exe
[2011.05.30 00:18:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msg.exe
[2011.05.30 00:18:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quser.exe
[2011.05.30 00:18:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tskill.exe
[2011.05.30 00:18:32 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgport.exe
[2011.05.30 00:18:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsdiscon.exe
[2011.05.30 00:18:32 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chglogon.exe
[2011.05.30 00:18:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tscon.exe
[2011.05.30 00:18:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2011.05.30 00:18:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qappsrv.exe
[2011.05.30 00:18:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoff.exe
[2011.05.30 00:18:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shadow.exe
[2011.05.30 00:18:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rwinsta.exe
[2011.05.30 00:18:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chgusr.exe
[2011.05.30 00:18:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\reset.exe
[2011.05.30 00:18:32 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\change.exe
[2011.05.30 00:18:32 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\query.exe
[2011.05.30 00:18:32 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2011.05.30 00:18:31 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2011.05.30 00:18:31 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2011.05.30 00:18:31 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.05.30 00:18:31 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
[2011.05.30 00:18:31 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.05.30 00:18:31 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2011.05.30 00:18:31 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2011.05.30 00:18:31 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
[2011.05.30 00:18:31 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2011.05.30 00:18:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2011.05.30 00:18:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2011.05.30 00:18:31 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2011.05.30 00:18:31 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2011.05.30 00:18:30 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2011.05.30 00:18:30 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2011.05.30 00:18:30 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2011.05.30 00:18:30 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2011.05.30 00:18:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2011.05.30 00:18:30 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2011.05.30 00:18:30 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2011.05.30 00:18:30 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2011.05.30 00:18:30 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2011.05.30 00:18:30 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2011.05.30 00:18:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2011.05.30 00:18:29 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2011.05.30 00:18:29 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2011.05.30 00:18:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shgina.dll
[2011.05.30 00:18:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2011.05.30 00:18:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2011.05.30 00:18:28 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2011.05.30 00:18:28 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2011.05.30 00:18:28 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2011.05.30 00:18:28 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2011.05.30 00:18:28 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2011.05.30 00:18:28 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2011.05.30 00:18:28 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2011.05.30 00:18:28 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2011.05.30 00:18:28 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2011.05.30 00:18:28 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2011.05.30 00:18:27 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2011.05.30 00:18:27 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2011.05.30 00:18:27 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netlogon.dll
[2011.05.30 00:18:27 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2011.05.30 00:18:27 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2011.05.30 00:18:27 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2011.05.30 00:18:27 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2011.05.30 00:18:27 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2011.05.30 00:18:27 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2011.05.30 00:18:27 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2011.05.30 00:18:27 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2011.05.30 00:18:27 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2011.05.30 00:18:27 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2011.05.30 00:18:27 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2011.05.30 00:18:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2011.05.30 00:18:27 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2011.05.30 00:18:26 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.05.30 00:18:26 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2011.05.30 00:18:26 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.05.30 00:18:26 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.05.30 00:18:26 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scecli.dll
[2011.05.30 00:18:26 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2011.05.30 00:18:24 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.05.30 00:18:24 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2011.05.30 00:18:24 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.05.30 00:18:24 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.05.30 00:18:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2011.05.30 00:18:24 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2011.05.30 00:18:24 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2011.05.30 00:18:24 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.05.30 00:18:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2011.05.30 00:18:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2011.05.30 00:18:23 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2011.05.30 00:18:23 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2011.05.30 00:18:23 | 000,307,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scesrv.dll
[2011.05.30 00:18:23 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.05.30 00:18:23 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSCard.dll
[2011.05.30 00:18:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.05.30 00:18:22 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
[2011.05.30 00:18:22 | 000,372,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.05.30 00:18:22 | 000,318,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.05.30 00:18:22 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2011.05.30 00:18:22 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2011.05.30 00:18:22 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2011.05.30 00:18:22 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2011.05.30 00:18:22 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2011.05.30 00:18:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rasppp.dll
[2011.05.30 00:18:22 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2011.05.30 00:18:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2011.05.30 00:18:22 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.05.30 00:18:22 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2011.05.30 00:18:22 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2011.05.30 00:18:22 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastapi.dll
[2011.05.30 00:18:22 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2011.05.30 00:18:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.05.30 00:18:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2011.05.30 00:18:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2011.05.30 00:18:21 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2011.05.30 00:18:21 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.05.30 00:18:21 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2011.05.30 00:18:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2011.05.30 00:18:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2011.05.30 00:18:21 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2011.05.30 00:18:20 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2011.05.30 00:18:20 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2011.05.30 00:18:20 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2011.05.30 00:18:20 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2011.05.30 00:18:20 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2011.05.30 00:18:20 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2011.05.30 00:18:20 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2011.05.30 00:18:20 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2011.05.30 00:18:20 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2011.05.30 00:18:20 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2011.05.30 00:18:20 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2011.05.30 00:18:20 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2011.05.30 00:18:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2011.05.30 00:18:20 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2011.05.30 00:18:20 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2011.05.30 00:18:20 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2011.05.30 00:18:20 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2011.05.30 00:18:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2011.05.30 00:18:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2011.05.30 00:18:20 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2011.05.30 00:18:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2011.05.30 00:18:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2011.05.30 00:18:19 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.05.30 00:18:19 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.05.30 00:18:19 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2011.05.30 00:18:19 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2011.05.30 00:18:19 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2011.05.30 00:18:19 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdh.dll
[2011.05.30 00:18:19 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetpp.dll
[2011.05.30 00:18:19 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2011.05.30 00:18:19 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2011.05.30 00:18:19 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2011.05.30 00:18:18 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2011.05.30 00:18:18 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PushPrinterConnections.exe
[2011.05.30 00:18:17 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2011.05.30 00:18:17 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2011.05.30 00:18:17 | 000,199,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onex.dll
[2011.05.30 00:18:17 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2011.05.30 00:18:17 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2011.05.30 00:18:17 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CscMig.dll
[2011.05.30 00:18:16 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2011.05.30 00:18:16 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2011.05.30 00:18:16 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2011.05.30 00:18:16 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011.05.30 00:18:16 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2011.05.30 00:18:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
[2011.05.30 00:18:16 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2011.05.30 00:18:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
[2011.05.30 00:18:16 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.05.30 00:18:15 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2011.05.30 00:18:15 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2011.05.30 00:18:14 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.05.30 00:18:14 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfgx.dll
[2011.05.30 00:18:14 | 000,240,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011.05.30 00:18:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2011.05.30 00:18:14 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2011.05.30 00:18:14 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2011.05.30 00:18:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2011.05.30 00:18:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2011.05.30 00:18:13 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2011.05.30 00:18:13 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2011.05.30 00:18:13 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2011.05.30 00:18:13 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2011.05.30 00:18:13 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2011.05.30 00:18:13 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2011.05.30 00:18:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.05.30 00:18:13 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2011.05.30 00:18:13 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
[2011.05.30 00:18:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2011.05.30 00:18:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2011.05.30 00:18:13 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2011.05.30 00:18:12 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2011.05.30 00:18:12 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2011.05.30 00:18:11 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2011.05.30 00:18:11 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2011.05.30 00:18:11 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2011.05.30 00:18:11 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2011.05.30 00:18:11 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2011.05.30 00:18:11 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprapi.dll
[2011.05.30 00:18:10 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.05.30 00:18:10 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2011.05.30 00:18:10 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2011.05.30 00:18:10 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2011.05.30 00:18:10 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.05.30 00:18:10 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.05.30 00:18:10 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.05.30 00:18:10 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2011.05.30 00:18:10 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2011.05.30 00:18:10 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.05.30 00:18:10 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2011.05.30 00:18:10 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2011.05.30 00:18:10 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.05.30 00:18:10 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2011.05.30 00:18:10 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2011.05.30 00:18:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2011.05.30 00:18:09 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.05.30 00:18:09 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2011.05.30 00:18:09 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2011.05.30 00:18:09 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2011.05.30 00:18:09 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2011.05.30 00:18:09 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2011.05.30 00:18:09 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.05.30 00:18:08 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.05.30 00:18:08 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2011.05.30 00:18:08 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2011.05.30 00:18:08 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2011.05.30 00:18:08 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2011.05.30 00:18:08 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2011.05.30 00:18:08 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationSettings.exe
[2011.05.30 00:18:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2011.05.30 00:18:08 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2011.05.30 00:18:08 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kstvtune.ax
[2011.05.30 00:18:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2011.05.30 00:18:08 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2011.05.30 00:18:08 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksxbar.ax
[2011.05.30 00:18:08 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2011.05.30 00:18:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbisurf.ax
[2011.05.30 00:18:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.05.30 00:18:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.05.30 00:18:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.05.30 00:18:07 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2011.05.30 00:18:07 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2011.05.30 00:18:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.05.30 00:18:06 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2011.05.30 00:18:06 | 001,038,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.05.30 00:18:06 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.05.30 00:18:06 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2011.05.30 00:18:06 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.05.30 00:18:06 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2011.05.30 00:18:06 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2011.05.30 00:18:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2011.05.30 00:18:06 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.05.30 00:18:06 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.05.30 00:18:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2011.05.30 00:18:06 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2011.05.30 00:18:06 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2011.05.30 00:18:06 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2011.05.30 00:18:01 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2011.05.30 00:18:01 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2011.05.30 00:18:01 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Kswdmcap.ax
[2011.05.30 00:18:01 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2011.05.30 00:18:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2011.05.30 00:18:00 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2011.05.30 00:18:00 | 000,854,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
[2011.05.30 00:18:00 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2011.05.30 00:18:00 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2011.05.30 00:18:00 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2011.05.30 00:18:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2011.05.30 00:18:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2011.05.30 00:18:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2011.05.30 00:17:57 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2011.05.30 00:17:56 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2011.05.30 00:17:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2011.05.30 00:17:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2011.05.30 00:17:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2011.05.30 00:17:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.05.30 00:17:55 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2011.05.30 00:17:55 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2011.05.30 00:17:55 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2011.05.30 00:17:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2011.05.30 00:17:55 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2011.05.30 00:17:55 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2011.05.30 00:17:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2011.05.30 00:17:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2011.05.30 00:17:54 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2011.05.30 00:17:54 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2011.05.30 00:17:54 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2011.05.30 00:17:54 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2011.05.30 00:17:54 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2011.05.30 00:17:54 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2011.05.30 00:17:54 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2011.05.30 00:17:54 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2011.05.30 00:17:54 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2011.05.30 00:17:54 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.05.30 00:17:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2011.05.30 00:17:50 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.05.30 00:17:49 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gpprefcl.dll
[2011.05.30 00:17:49 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appmgr.dll
[2011.05.30 00:17:48 | 000,464,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrptadm.dll
[2011.05.30 00:17:48 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AdmTmpl.dll
[2011.05.30 00:17:48 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2011.05.30 00:17:48 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\clusapi.dll
[2011.05.30 00:17:48 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2011.05.30 00:17:48 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2011.05.30 00:17:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.05.30 00:17:48 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2011.05.30 00:17:48 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\resutils.dll
[2011.05.30 00:17:48 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2011.05.30 00:17:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2011.05.30 00:17:48 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2011.05.30 00:17:48 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2011.05.30 00:17:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2011.05.30 00:17:47 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2011.05.30 00:17:46 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.05.30 00:17:46 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2011.05.30 00:17:46 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2011.05.30 00:17:46 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.05.30 00:17:46 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2011.05.30 00:17:46 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2011.05.30 00:17:46 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.05.30 00:17:46 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2011.05.30 00:17:46 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2011.05.30 00:17:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2011.05.30 00:17:45 | 001,698,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
[2011.05.30 00:17:45 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2011.05.30 00:17:45 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2011.05.30 00:17:45 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2011.05.30 00:17:45 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2011.05.30 00:17:45 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2011.05.30 00:17:44 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2011.05.30 00:17:44 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2011.05.30 00:17:44 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2011.05.30 00:17:44 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2011.05.30 00:17:44 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2011.05.30 00:17:44 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2011.05.30 00:17:44 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3api.dll
[2011.05.30 00:17:44 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2011.05.30 00:17:43 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2011.05.30 00:17:43 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.05.30 00:17:43 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.05.30 00:17:43 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2011.05.30 00:17:43 | 000,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\samsrv.dll
[2011.05.30 00:17:43 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2011.05.30 00:17:43 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2011.05.30 00:17:43 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.05.30 00:17:43 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.05.30 00:17:43 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2011.05.30 00:17:43 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2011.05.30 00:17:43 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.05.30 00:17:43 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2011.05.30 00:17:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2011.05.30 00:17:43 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2011.05.30 00:17:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2011.05.30 00:17:43 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2011.05.30 00:17:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2011.05.30 00:17:43 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2011.05.30 00:17:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2011.05.30 00:17:43 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2011.05.30 00:17:42 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2011.05.30 00:17:42 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2011.05.30 00:17:42 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2011.05.30 00:17:42 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2011.05.30 00:17:42 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2011.05.30 00:17:42 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2011.05.30 00:17:42 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2011.05.30 00:17:42 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2011.05.30 00:17:42 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2011.05.30 00:17:42 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2011.05.30 00:17:42 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2011.05.30 00:17:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2011.05.30 00:17:41 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2011.05.30 00:17:40 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2011.05.30 00:17:40 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2011.05.30 00:17:40 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2011.05.30 00:17:38 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.05.30 00:17:38 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2011.05.30 00:17:38 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2011.05.30 00:17:38 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2011.05.30 00:17:38 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.05.30 00:17:38 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
[2011.05.30 00:17:38 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2011.05.30 00:17:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.05.30 00:17:37 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2011.05.30 00:17:37 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2011.05.30 00:17:37 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2011.05.30 00:17:37 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.05.30 00:17:37 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2011.05.30 00:17:36 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2011.05.30 00:17:36 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.05.30 00:17:36 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2011.05.30 00:17:36 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Query.dll
[2011.05.30 00:17:36 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2011.05.30 00:17:36 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2011.05.30 00:17:36 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2011.05.30 00:17:36 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certcli.dll
[2011.05.30 00:17:36 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mtxclu.dll
[2011.05.30 00:17:36 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.05.30 00:17:36 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cabinet.dll
[2011.05.30 00:17:36 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2011.05.30 00:17:36 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2011.05.30 00:17:35 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2011.05.30 00:17:35 | 000,740,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
[2011.05.30 00:17:35 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.05.30 00:17:35 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.05.30 00:17:35 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2011.05.30 00:17:35 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2011.05.30 00:17:35 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2011.05.30 00:17:35 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2011.05.30 00:17:35 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2011.05.30 00:17:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2011.05.30 00:17:35 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2011.05.30 00:17:34 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2011.05.30 00:17:34 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2011.05.30 00:17:34 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2011.05.30 00:17:34 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2011.05.30 00:17:34 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2011.05.30 00:17:34 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2011.05.30 00:17:34 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2011.05.30 00:17:34 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2011.05.30 00:17:34 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2011.05.30 00:17:34 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2011.05.30 00:17:34 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2011.05.30 00:17:34 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2011.05.30 00:17:34 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.05.30 00:17:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2011.05.30 00:17:33 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2011.05.30 00:17:33 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2011.05.30 00:17:33 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2011.05.30 00:17:33 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2011.05.30 00:17:33 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2011.05.30 00:17:33 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2011.05.30 00:17:33 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2011.05.30 00:17:32 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
[2011.05.30 00:17:32 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2011.05.30 00:17:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2011.05.30 00:17:30 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2011.05.30 00:17:30 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.05.29 23:55:16 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.05.29 23:55:16 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.05.29 03:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.05.29 03:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011.05.29 03:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.05.29 02:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2011.05.29 02:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2011.05.29 02:39:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2011.05.28 21:20:57 | 000,000,000 | ---D | C] -- C:\Program Files\DScaler
[2011.05.28 21:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2011.05.28 20:22:17 | 000,000,000 | ---D | C] -- C:\Users\GuruI\AppData\Roaming\DScaler4
[2011.05.28 20:16:04 | 000,371,349 | ---- | C] (Illusion & Hope.) -- C:\Windows\System32\drivers\BT848.sys
[2011.05.28 19:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Totalcmd
[2011.05.28 13:54:14 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2011.05.28 13:54:14 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2011.05.28 04:10:16 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2011.05.28 04:10:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\runouce.exe
[2011.05.28 04:10:16 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2011.05.28 04:10:16 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2011.05.28 04:06:10 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2011.05.28 04:06:09 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2011.05.28 04:06:08 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2011.05.28 04:06:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2011.05.28 04:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2011.05.28 03:28:30 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.28 03:08:24 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2011.05.28 03:08:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.05.28 03:08:20 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.05.28 03:08:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.05.28 03:08:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.05.28 03:07:50 | 002,333,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.05.28 03:07:46 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2011.05.28 03:07:46 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2011.05.28 03:07:44 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.05.28 03:07:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.05.28 03:07:40 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.05.28 03:07:39 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.05.28 03:07:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.05.28 03:07:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.05.28 03:07:37 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.05.28 03:07:13 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.05.28 03:07:11 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.05.28 03:06:39 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.05.28 03:06:38 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.05.28 03:06:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011.05.28 03:05:43 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011.05.28 03:05:31 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.05.28 03:05:31 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.05.07 16:17:46 | 000,082,400 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys

detor · #12 Příspěvek od **detor** » 01 čer 2011 23:25

Tak ještě jedna část:-)

========== Files - Modified Within 30 Days ==========

[2011.06.01 23:48:18 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\GuruI\Desktop\OTL.exe
[2011.06.01 23:46:40 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 23:46:40 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 23:43:38 | 000,643,246 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.06.01 23:43:38 | 000,619,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.01 23:43:38 | 000,125,718 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.06.01 23:43:38 | 000,110,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.01 23:38:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.06.01 23:38:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.01 23:38:10 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.01 20:54:08 | 004,109,560 | R--- | M] (Swearware) -- C:\Users\GuruI\Desktop\ComboFix.exe
[2011.05.31 17:51:41 | 000,001,448 | ---- | M] () -- C:\Users\GuruI\Desktop\D3DOverrider – zástupce.lnk
[2011.05.30 01:36:29 | 000,001,685 | ---- | M] () -- C:\Users\GuruI\Desktop\mpc-hc.lnk
[2011.05.30 00:42:40 | 003,908,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.30 00:35:06 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2011.05.30 00:25:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.05.30 00:25:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.05.30 00:25:32 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.30 00:25:32 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.05.30 00:25:32 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.05.30 00:25:32 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.05.30 00:25:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.30 00:25:32 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.30 00:25:32 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.30 00:25:32 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.30 00:25:32 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.30 00:25:32 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.05.30 00:25:32 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.05.30 00:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.05.30 00:25:32 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.05.30 00:25:32 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.05.30 00:25:32 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.30 00:25:32 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.05.30 00:25:32 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.05.30 00:25:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.05.30 00:25:32 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.05.30 00:25:32 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.05.30 00:25:32 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.05.30 00:25:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.30 00:25:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.05.30 00:25:32 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.05.30 00:25:32 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.05.30 00:25:32 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.05.30 00:25:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.05.30 00:25:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.05.30 00:25:32 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.05.30 00:25:32 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.05.30 00:25:32 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.05.30 00:25:32 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.05.30 00:25:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.05.30 00:25:32 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.05.30 00:25:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.05.30 00:25:32 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.05.30 00:25:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.05.30 00:25:32 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.29 03:23:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.05.29 02:33:21 | 000,281,888 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2011.05.28 20:16:04 | 000,371,349 | ---- | M] (Illusion & Hope.) -- C:\Windows\System32\drivers\BT848.sys
[2011.05.28 18:44:46 | 000,044,517 | ---- | M] () -- C:\Users\GuruI\Documents\pinfect.zip
[2011.05.28 13:55:58 | 000,000,736 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20110528-200857.backup
[2011.05.28 13:55:39 | 009,639,183 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2011.05.28 13:49:34 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2011.05.28 04:06:09 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2011.05.28 04:06:08 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2011.05.28 04:06:07 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2011.05.28 03:28:30 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.05.07 16:17:46 | 000,082,400 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys

========== Files Created - No Company Name ==========

[2011.06.01 20:59:05 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.06.01 20:59:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.06.01 20:59:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.06.01 20:59:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.06.01 20:59:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.05.31 17:51:41 | 000,001,448 | ---- | C] () -- C:\Users\GuruI\Desktop\D3DOverrider – zástupce.lnk
[2011.05.30 01:36:29 | 000,001,685 | ---- | C] () -- C:\Users\GuruI\Desktop\mpc-hc.lnk
[2011.05.30 00:25:32 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.05.30 00:18:27 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2011.05.30 00:18:24 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2011.05.30 00:18:20 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2011.05.30 00:18:20 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.29 02:03:54 | 000,281,888 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.05.28 13:54:15 | 009,639,183 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2011.05.28 04:33:58 | 000,044,517 | ---- | C] () -- C:\Users\GuruI\Documents\pinfect.zip
[2011.05.28 04:06:24 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2011.05.28 03:19:37 | 000,001,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2010.12.28 21:20:23 | 000,000,047 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.23 21:46:13 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.28 03:04:36 | 000,007,619 | ---- | C] () -- C:\Users\GuruI\AppData\Local\Resmon.ResmonCfg
[2010.11.25 22:43:26 | 000,676,224 | ---- | C] () -- C:\Windows\System32\ogacheckcontrol.dll
[2010.11.25 22:42:39 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.11.25 20:36:39 | 001,391,616 | ---- | C] () -- C:\Windows\System32\ActPDF.dll
[2010.11.25 20:36:11 | 000,691,200 | ---- | C] () -- C:\Windows\System32\PrintLog.exe
[2010.11.25 20:36:11 | 000,524,288 | ---- | C] () -- C:\Windows\System32\PrtPass.exe
[2010.11.25 18:56:27 | 000,002,686 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.11.25 18:55:18 | 000,000,050 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.11.25 02:38:03 | 000,000,532 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010.11.25 01:28:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.24 19:26:28 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.02.11 07:30:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009.07.14 10:44:22 | 000,643,246 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,125,718 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 003,908,296 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,619,894 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,110,082 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.24 00:29:16 | 000,189,051 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010.11.28 22:44:52 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Acronis
[2010.11.25 02:42:59 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Canon
[2010.12.18 03:07:56 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.28 21:20:39 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\DScaler4
[2010.11.30 00:01:04 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\FLVPlayer4Free
[2011.05.30 03:57:37 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\GHISLER
[2010.11.25 20:35:59 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Iceni
[2010.11.25 20:33:25 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\IrfanView
[2010.11.25 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\LangSoft
[2010.11.25 02:38:06 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\ScanSoft
[2010.11.25 01:28:54 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Thunderbird
[2010.11.26 01:22:37 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\TrueCrypt
[2010.11.25 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\TuneUp Software
[2011.06.01 05:24:56 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\uTorrent
[2009.07.14 06:53:46 | 000,024,096 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"PeerBlock" = C:\Program Files\PeerBlock\peerblock.exe -- [2010.11.06 23:24:32 | 001,866,864 | ---- | M] (PeerBlock, LLC)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.28 22:44:52 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Acronis
[2010.12.12 05:29:57 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Adobe
[2010.11.28 01:32:15 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Ahead
[2010.11.25 20:35:54 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Aspell
[2010.11.24 19:59:06 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\ATI
[2010.11.25 02:42:59 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Canon
[2010.12.18 03:07:56 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.28 21:20:39 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\DScaler4
[2010.11.30 00:01:04 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\FLVPlayer4Free
[2011.05.30 03:57:37 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\GHISLER
[2010.11.25 20:35:59 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Iceni
[2010.11.24 19:35:30 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Identities
[2010.11.25 20:33:25 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\IrfanView
[2010.11.25 20:39:36 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\LangSoft
[2010.11.24 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Macromedia
[2010.11.28 19:20:35 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Malwarebytes
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Media Center Programs
[2011.06.01 05:24:57 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Media Player Classic
[2010.11.30 22:16:27 | 000,000,000 | --SD | M] -- C:\Users\GuruI\AppData\Roaming\Microsoft
[2010.11.24 20:36:00 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Mozilla
[2010.11.25 02:38:06 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\ScanSoft
[2010.11.25 01:28:54 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Thunderbird
[2010.11.26 01:22:37 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\TrueCrypt
[2010.11.25 18:22:48 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\TuneUp Software
[2011.06.01 05:24:56 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\uTorrent
[2011.05.28 20:56:19 | 000,000,000 | ---D | M] -- C:\Users\GuruI\AppData\Roaming\Winamp

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\System32\cryptsvc.dll
[2010.11.20 14:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\drivers\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\ERDNT\cache\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\drivers\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 14:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys

< MD5 for: NVRD32.SYS >
[2009.08.04 18:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) MD5=6F922993C8AA8BF555B0A8428AAB5731 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\Win7\sataraid\nvrd32.sys
[2009.08.04 18:44:12 | 000,139,296 | ---- | M] (NVIDIA Corporation) MD5=6F922993C8AA8BF555B0A8428AAB5731 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\WinVista\sataraid\nvrd32.sys

< MD5 for: NVSTOR.SYS >
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\drivers\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >
[2009.08.04 18:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\Win7\sataraid\nvstor32.sys
[2009.08.04 18:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\WinVista\sataraid\nvstor32.sys
[2009.08.04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\Win7\sata_ide\nvstor32.sys
[2009.08.04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\NVIDIA\nForceWinVista\15.51\English\IDE\WinVista\sata_ide\nvstor32.sys
[2009.08.04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.08.04 18:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_40ee9c3d357e7b66\nvstor32.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\ERDNT\cache\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\System32\drivers\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.11 07:32:36 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.02.11 07:32:36 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\System32\ATIDEMGX.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.06.01 23:46:40 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.01 23:46:40 | 000,014,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.30 00:25:32 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.05.30 00:25:32 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.05.30 00:25:32 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.05.30 00:42:40 | 003,908,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.05.30 00:25:32 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.05.30 00:25:32 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll
[2011.05.30 00:25:32 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.05.30 00:25:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.05.30 00:25:32 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.05.30 00:25:32 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.05.30 00:25:32 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.05.30 00:25:32 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.05.30 00:25:32 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.05.30 00:25:32 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.05.30 00:25:32 | 009,702,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2011.05.30 00:25:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.05.30 00:25:32 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.05.30 00:25:32 | 001,785,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2011.05.30 00:25:32 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.05.30 00:25:32 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.05.30 00:25:32 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.05.30 00:25:32 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.05.30 00:25:32 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.05.30 00:25:32 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.05.30 00:25:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.05.30 00:25:32 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.05.30 00:25:32 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.05.30 00:25:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.05.30 00:25:32 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.05.30 00:25:32 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.05.30 00:25:32 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.05.30 00:35:06 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2011.05.30 00:25:32 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.05.30 00:25:32 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.05.30 00:25:32 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.05.30 00:25:32 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe
[2011.05.30 00:25:32 | 012,268,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2011.05.30 00:25:32 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.05.30 00:25:32 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2011.05.30 00:25:32 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.05.30 00:25:33 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.05.30 00:25:32 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.05.30 00:25:32 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2011.06.01 23:43:38 | 000,125,718 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.06.01 23:43:38 | 000,110,082 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.01 23:43:38 | 000,643,246 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.06.01 23:43:38 | 000,619,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.01 23:43:37 | 001,494,912 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2011.05.30 00:25:32 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.05.30 00:25:33 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.05.30 00:25:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.05.30 00:25:32 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx
[2011.05.30 00:25:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.05.30 00:25:33 | 001,102,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2011.05.30 00:25:32 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.05.30 00:25:32 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll
[2011.05.30 00:25:32 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.05.30 00:25:33 | 001,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll

< End of report >

detor · #13 Příspěvek od **detor** » 01 čer 2011 23:27

Log Extras.txt

OTL Extras logfile created on: 1.6.2011 23:50:35 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\GuruI\Desktop
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 52,87% Memory free
4,00 Gb Paging File | 2,79 Gb Available in Paging File | 69,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 201,76 Gb Free Space | 86,67% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 116,97 Gb Free Space | 19,62% Space Free | Partition Type: NTFS

Computer Name: GURUI-PC | User Name: GuruI | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-3232475479-1308766923-4266084698-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{204BB4EF-68AC-454B-857E-431336B4188A}" = ESET NOD32 Antivirus
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.0.2827
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5EF44D3A-E86E-434C-8418-71E277C565DF}" = TP-LINK Wireless Client Utility
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Ultra Edition
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.4 - Czech
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek PCI Fast Ethernet Controller Driver For Vista and Win7
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.11
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2010-10-10
"DScaler 4.1.15_is1" = DScaler 4.1.15
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{EBB794ED-D282-4334-92FB-254481EFF514}" = Pro Evolution Soccer 6
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.0.1200
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 4.0.1 (x86 cs)" = Mozilla Firefox 4.0.1 (x86 cs)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"Mp3 Knife_is1" = Mp3 Knife 3.2
"Room Arranger" = Room Arranger
"SopCast" = SopCast 3.2.9
"SuperMegaSpoof_is1" = SuperMegaSpoof 2.0
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.18
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3232475479-1308766923-4266084698-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.5.2011 20:13:39 | Computer Name = GuruI-PC | Source = EventSystem | ID = 4621
Description =

Error - 29.5.2011 18:45:12 | Computer Name = GuruI-PC | Source = ESENT | ID = 215
Description = WinMail (3656) WindowsMail0: Zálohování bylo ukončeno, protože bylo
zastaveno klientem nebo protože se nezdařilo připojení ke klientovi.

Error - 29.5.2011 19:33:34 | Computer Name = GuruI-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: RootRepeal.exe, verze: 1.3.5.0, časové razítko:
0x4a842d4f Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x0012d7bd ID chybujícího procesu: 0xd24 Čas spuštění
chybující aplikace: 0x01cc1e58ceca4cac Cesta k chybující aplikaci: D:\Downloads\RootRepeal.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: 11a6179c-8a4c-11e0-83c7-0019cbd68a3f

Error - 29.5.2011 19:35:33 | Computer Name = GuruI-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: mpc-hc.exe, verze: 1.5.0.2827, časové razítko:
0x4d469b2c Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x03aeb5ed ID chybujícího procesu: 0xff4 Čas spuštění
chybující aplikace: 0x01cc1e59197f31e1 Cesta k chybující aplikaci: C:\Program Files\Combined
Community Codec Pack\MPC\mpc-hc.exe Cesta k chybujícímu modulu: unknown ID zprávy:
589a9b93-8a4c-11e0-83c7-0019cbd68a3f

Error - 29.5.2011 21:23:00 | Computer Name = GuruI-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 29.5.2011 21:23:29 | Computer Name = GuruI-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\mozbackup\dll\DelZip179.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\mozbackup\dll\DelZip179.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error - 31.5.2011 14:15:43 | Computer Name = GuruI-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro C:\Program Files\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku 3. Hodnota
MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version
v prvku assemblyIdentity je neplatná.

Error - 31.5.2011 14:16:14 | Computer Name = GuruI-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\mozbackup\dll\DelZip179.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files\mozbackup\dll\DelZip179.dll
na řádku 8. Hodnota * atributu language v prvku assemblyIdentity je neplatná.

Error - 31.5.2011 14:17:08 | Computer Name = GuruI-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu language
v prvku assemblyIdentity je neplatná.

Error - 31.5.2011 21:45:30 | Computer Name = GuruI-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: javaw.exe, verze: 6.0.220.4, časové razítko:
0x4c908d15 Název chybujícího modulu: java.dll, verze: 6.0.220.4, časové razítko:
0x4c90c109 Kód výjimky: 0xc0000005 Posun chyby: 0x00004e20 ID chybujícího procesu:
0x89c Čas spuštění chybující aplikace: 0x01cc1ffd851a622c Cesta k chybující aplikaci:
C:\Windows\System32\javaw.exe Cesta k chybujícímu modulu: C:\Program Files\Java\jre6\bin\java.dll
ID
zprávy: d461c936-8bf0-11e0-9a37-0019cbd68a3f

[ System Events ]
Error - 1.6.2011 15:01:14 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 1.6.2011 15:04:19 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 1.6.2011 15:08:09 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 1.6.2011 15:10:52 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 1.6.2011 17:30:01 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 1.6.2011 17:30:27 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 1.6.2011 17:33:34 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 1.6.2011 17:38:21 | Computer Name = GuruI-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (23:37:23, ?1.?6.?2011) bylo neočekávané.

Error - 1.6.2011 17:39:53 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 1.6.2011 17:42:47 | Computer Name = GuruI-PC | Source = Service Control Manager | ID = 7001
Description = Služba Zprostředkovatel domácích skupin závisí na službě Hostitel
poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující
chyby: %%1058

< End of report >

#14 Příspěvek od **motji** » 02 čer 2011 05:30

Ted to s počítačem vypadá jak?

detor · #15 Příspěvek od **detor** » 02 čer 2011 15:25

Firewall zatim nic nehlásí. Byl tam nějaký malware? A když mám hardwarový firewall, kde je zakázaná příchozí komunikace, to je normální, že propouští příchozí komunikaci na svchost?

VIRY.CZ

comodo blokuje příchozí spojení na svchost

comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost

Re: comodo blokuje příchozí spojení na svchost