Mam velmi pomaly pc, obcas nereguje. Spustila som spybot odstranila vsetky problemy. Avast nemozem spustit, prizapnuti vypise chybu a nemozem spustit scan.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucia Rusnakova at 2011-07-25 07:42:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 21 GB (37%) free of 57 GB
Total RAM: 447 MB (9% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 07:43, on 2011-07-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\system32\slmdmsr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\WINDOWS\system32\VTTimer .exe
C:\Program Files\Common Files\Real\Update_OB\realsched .exe
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
C:\Program Files\Synaptics\SynTP\SynTPEnh .exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lucia Rusnakova\My Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Lucia Rusnakova.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... mPSUpbO9eg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [WireLessMouse ] C:\Program Files\Multimedia Combo Set\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [DeskSpace] C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: WKCALREM.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0644773562
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8795877250
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://213.151.230.2:2222/Ctl/WinWebPush.cab
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AMService - Unknown owner - C:\WINDOWS\TEMP\mqcdef\setup.exe (file missing)
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\PROGRA~1\ALWILS~1\Avast4\ashMaiSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Unknown owner - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe
--
End of file - 11108 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At10.job
C:\WINDOWS\tasks\At11.job
C:\WINDOWS\tasks\At12.job
C:\WINDOWS\tasks\At13.job
C:\WINDOWS\tasks\At14.job
C:\WINDOWS\tasks\At15.job
C:\WINDOWS\tasks\At16.job
C:\WINDOWS\tasks\At17.job
C:\WINDOWS\tasks\At18.job
C:\WINDOWS\tasks\At19.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At20.job
C:\WINDOWS\tasks\At21.job
C:\WINDOWS\tasks\At22.job
C:\WINDOWS\tasks\At23.job
C:\WINDOWS\tasks\At24.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\At9.job
C:\WINDOWS\tasks\avast! Antivirus.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1, 6, 2, 41, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.mywebsearch.com/mywebsear ... searchfor="
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Program Files\Real\RealPlayer\browserrecord
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@joj.sk/TV_JOJ_Media_Player]
"Description"=TV JOJ Media Player
"Path"=C:\Program Files\TV JOJ Media Player\npplugin_netscape.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
np_gp.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Documents and Settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\extensions\
LAILoader@liveblockauctions.com
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
C:\Documents and Settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\searchplugins\
mywebsearch.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-02-23 370296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-02 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-02 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2011-07-12 39940]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2011-07-12 39940]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-07-12 39940]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-03 1848648]
"WireLessMouse "=C:\Program Files\Multimedia Combo Set\MouseDrv.exe [2011-07-12 39940]
"WireLessKeyboard "=C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe [2011-07-12 39940]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2011-07-12 39940]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2011-07-12 39940]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2011-07-12 39940]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2011-07-12 39940]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DeskSpace"=C:\Documents and Settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe [2011-07-12 39944]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2011-07-12 39944]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2011-07-12 39944]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HOTSYNCSHORTCUTNAME.lnk - C:\Program Files\Palm\Hotsync.exe
C:\Documents and Settings\Lucia Rusnakova\Start Menu\Programs\Startup
WKCALREM.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Real\RealPlayer\RecordingManager.exe"="C:\Program Files\Real\RealPlayer\RecordingManager.exe:*:Enabled:RealNetworks Download and Record Manager"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=serwvdrv.dll
"VIDC.WMV3"=wmv9vcm.dll
"vidc.ffds"=ff_vfw.dll
"msacm.at3"=atrac3.acm
"msacm.divxa32"=DivXa32.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
======List of files/folders created in the last 1 month======
2011-07-24 23:12:52 ----A---- C:\WINDOWS\fonts\I1s5Y.com
2011-07-23 12:38:17 ----A---- C:\Documents and Settings\All Users\Application Data\Q0T15wgEt.dat
2011-07-12 19:02:07 ----A---- C:\WINDOWS\wininit.ini
======List of files/folders modified in the last 1 month======
2011-07-25 07:43:22 ----D---- C:\Program Files\trend micro
2011-07-25 07:42:46 ----D---- C:\WINDOWS\Prefetch
2011-07-25 07:40:37 ----D---- C:\WINDOWS\temp
2011-07-25 07:18:14 ----D---- C:\WINDOWS
2011-07-25 07:17:46 ----A---- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem.txt
2011-07-24 23:13:12 ----RSD---- C:\WINDOWS\Fonts
2011-07-23 16:02:22 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-07-15 07:57:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-07-14 23:44:32 ----D---- C:\Documents and Settings\Lucia Rusnakova\Application Data\Skype
2011-07-13 20:08:08 ----D---- C:\Documents and Settings\Lucia Rusnakova\Application Data\skypePM
2011-07-12 23:53:31 ----AD---- C:\WINDOWS\system32
2011-07-12 23:48:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-12 23:47:36 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-12 23:44:57 ----D---- C:\WINDOWS\twain_32
2011-07-12 23:31:35 ----D---- C:\Documents and Settings
2011-07-12 20:03:51 ----D---- C:\Program Files\Messenger
2011-07-12 19:02:10 ----SD---- C:\WINDOWS\Tasks
2011-07-12 14:33:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-07-12 08:12:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-12 08:12:22 ----D---- C:\Program Files\Multimedia Combo Set
2011-07-12 08:12:22 ----A---- C:\WINDOWS\system32\VTtrayp.exe
2011-07-12 08:12:22 ----A---- C:\WINDOWS\system32\VTTimer.exe
2011-07-10 15:56:13 ----D---- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2011-07-08 09:17:16 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;iaStor; C:\WINDOWS\system32\drivers\iaStor.sys [2005-10-12 874240]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2005-08-18 93568]
R0 nvraid;nvraid; C:\WINDOWS\system32\drivers\nvraid.sys [2005-08-18 77056]
R0 RecAgent;RecAgent; C:\WINDOWS\system32\DRIVERS\SLDRV\RecAgent.sys [2005-10-17 14680]
R0 SiSRaid2;SiSRaid2; C:\WINDOWS\system32\drivers\SiSRaid2.sys [2005-01-11 30976]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-13 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\drivers\viamraid.sys [2005-11-23 92672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-05-05 463168]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2005-10-17 237616]
R3 Slntamr;SmartLink AMR_PCI Driver; C:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys [2005-10-17 698848]
R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2005-10-17 13248]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-17 190560]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-10-14 238464]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\LUCIAR~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-10-17 43008]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2005-10-17 1464912]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PalmUSBD;PalmUSBD; C:\WINDOWS\system32\drivers\PalmUSBD.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-01 47360]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2005-10-17 101328]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-12-08 685816]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-02 153376]
R2 olMntrService;olMntrService; C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe [2006-06-28 86016]
R2 SLService;SmartLinkService; C:\WINDOWS\system32\slmdmsr.exe [2005-10-17 61440]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 AMService;AMService; C:\WINDOWS\TEMP\mqcdef\setup.exe run []
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-01 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\PROGRA~1\ALWILS~1\Avast4\ashMaiSv.exe [2006-05-31 245808]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe []
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------
Ďakujem
Lucia
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zavireny, pomaly pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavireny, pomaly pc
Dejte ještě log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavireny, pomaly pc
Tu je log z ComboFixu:
ComboFix 11-07-24.03 - Lucia Rusnakova 2011-07-25 10:38:32.18.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.251 [GMT 1:00]
Running from: c:\documents and settings\Lucia Rusnakova\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucia Rusnakova\Local Settings\Application Data\gin.exe
c:\documents and settings\Lucia Rusnakova\WINDOWS
c:\documents and settings\Lucia Rusnakova\WINDOWS\mxfilerelatedcache.mxc2
c:\documents and settings\NetworkService\Local Settings\Application Data\permham.dll
c:\program files\Multimedia Combo Set\MouseDrv.exe
c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-23 12:31 . 2011-07-23 12:31 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTtrayp.exe
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTTimer.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2010-11-21_08.56.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-25 09:55 . 2011-07-25 09:55 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
+ 2000-02-13 04:07 . 2005-10-14 11:00 53248 c:\windows\system32\VTTimer .exe
- 2000-02-13 04:03 . 2010-11-02 22:48 60572 c:\windows\system32\perfc009.dat
+ 2000-02-13 04:03 . 2011-03-27 07:59 60572 c:\windows\system32\perfc009.dat
+ 2008-12-25 12:36 . 2010-12-20 18:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:36 . 2010-04-29 14:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:37 . 2010-04-29 14:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2008-12-25 12:37 . 2010-12-20 18:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2011-03-23 20:10 . 2011-03-23 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032320110324\index.dat
+ 2011-03-22 08:47 . 2011-03-22 22:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032220110323\index.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032120110322\index.dat
+ 2011-03-20 09:10 . 2011-03-20 15:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032020110321\index.dat
+ 2011-03-19 08:18 . 2011-03-19 16:22 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031920110320\index.dat
+ 2011-03-18 15:03 . 2011-03-18 23:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031820110319\index.dat
+ 2011-03-17 08:53 . 2011-03-17 14:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031720110318\index.dat
+ 2011-03-22 21:47 . 2011-03-22 21:48 21504 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FD1CA37A-54CD-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:50 . 2011-03-19 08:50 22528 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECCB7BEC-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:49 . 2011-03-17 09:50 11264 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E6C63024-507B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 14:07 . 2011-03-17 14:07 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D81537EA-509F-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 16:28 . 2011-03-18 16:28 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CAF8E57E-517C-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:42 . 2011-03-19 08:42 13312 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C514D11C-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:46 12800 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0701C66-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B60BA252-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:14 36864 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AAE11C78-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 23552 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666C-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:42 . 2011-03-20 15:42 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4F1FDE2-5308-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 22:36 . 2011-03-20 22:39 33280 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{91199FFC-5342-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:45 . 2011-03-19 11:46 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6F354B18-521E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 20:19 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6C46F20C-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 23040 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C31341E-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 14:35 . 2011-03-20 14:35 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CE1607A-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:26 . 2011-03-18 15:27 20992 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2A3D0294-5174-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:59 . 2011-03-21 21:00 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29EE72AA-53FE-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:25 . 2011-03-19 10:25 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2886FC8A-5213-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:05 . 2011-03-17 10:06 14848 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25B2BECC-507E-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 21:04 . 2011-03-23 21:04 15360 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2089A3A8-5591-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 16:22 . 2011-03-19 16:22 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{15518540-5245-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 21:03 . 2011-03-23 20:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2011-03-17 08:53 . 2011-03-23 20:51 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
+ 2006-04-20 20:17 . 2011-03-22 19:09 55680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
+ 2011-03-17 08:26 . 2011-03-23 21:52 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-03-17 08:25 . 2011-03-23 20:51 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-12-13 18:41 . 2011-02-11 02:28 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-03-22 20:21 . 2011-03-22 22:48 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FA633C89-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E4447661-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 23:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D76F6FBA-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:45 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C0701C65-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 22:39 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B60BA251-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 21:43 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A44480A7-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 22:04 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A098F85B-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:01 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{99670A30-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{88DD3ADB-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 16:22 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{733D1757-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 16:36 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C7674CD-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 21:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C46F20B-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 22:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{60A2FD8A-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 10:25 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{59144D27-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{530FBBE5-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{4C31341D-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 15:42 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{46DC39C7-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 08:25 . 2011-03-17 08:25 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{252FC805-5070-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1990EEA1-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 23:13 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{177DC0C7-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 10:38 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01DC2D33-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-22 08:47 . 2011-03-22 08:47 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FDFF9436-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-21 20:29 . 2011-03-21 20:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FB81AB7A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 20:21 . 2011-03-22 20:21 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FA633C8A-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 23:10 . 2011-03-18 23:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F78D5434-51B4-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F5-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F4-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:36 . 2011-03-18 16:37 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F12FB5B4-517D-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:57 . 2011-03-19 08:58 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EFA328E6-5206-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 15:15 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EC578C50-5304-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E4447662-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:22 . 2011-03-21 20:22 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E2AA8C1C-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB245-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB244-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 23:03 . 2011-03-18 23:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E01E37EC-51B3-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 14:28 . 2011-03-17 14:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DDF25E4C-50A2-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 21:44 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D76F6FBC-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 10:39 . 2011-03-17 10:39 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D65270D4-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 14:46 . 2011-03-20 14:46 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2DCCDCA-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:52 . 2011-03-23 21:52 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2B61B8C-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:33 . 2011-03-21 21:33 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CE47C956-5402-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 13:52 . 2011-03-17 13:52 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CB2233BE-509D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:31 . 2011-03-17 10:32 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C6B60BDC-5081-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 11:55 . 2011-03-19 11:55 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C3AE5B84-521F-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 21:37 . 2011-03-23 21:38 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE9744AC-5595-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 11:05 . 2011-03-19 11:05 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE30F68C-5218-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 16:12 . 2011-03-19 16:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BD47502E-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:27 . 2011-03-22 20:27 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001F-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:26 . 2011-03-22 20:27 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001E-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADF-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADE-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 09:55 . 2011-03-17 09:55 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B480DA28-507C-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:16 . 2011-03-19 12:16 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B2D93F24-5222-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666D-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:03 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A8F965FE-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 20:20 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A44480A8-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:33 . 2011-03-17 09:33 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4297E44-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 15:36 . 2011-03-19 15:36 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A1780604-523E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85E-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85C-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:06 . 2011-03-22 22:07 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A02E587C-54D0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 15:35 . 2011-03-20 15:35 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9FC8A75E-5307-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:13 . 2011-03-18 16:13 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9E3F09CA-517A-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 14:44 . 2011-03-20 14:45 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9D4AF79A-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:18 . 2011-03-19 11:18 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{987078D0-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:46 . 2011-03-23 20:46 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{95BF812C-558E-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:17 . 2011-03-21 21:17 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{94925F8E-5400-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 15:06 . 2011-03-20 15:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93E9347A-5303-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 20:11 . 2011-03-22 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93B2B472-54C0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 15:51 . 2011-03-18 15:51 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8FF1D0E4-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:33 . 2011-03-21 20:34 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8BB8C96C-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:52 . 2011-03-21 21:53 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{890ADCB8-5405-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 20:05 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{88DD3ADC-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC9-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC8-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:56 . 2011-03-17 08:57 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{842BB440-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCF-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCE-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 22:04 . 2011-03-23 22:05 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{823FBD8C-5599-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 08:47 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7B6805A6-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:22 . 2011-03-17 10:22 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{79F0B42E-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 22:10 . 2011-03-18 22:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7879E3D6-51AC-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 15:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{75B12F30-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:26 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7592B1A8-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:23 . 2011-03-21 21:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{735F3FFC-5401-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20F-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20E-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:48 . 2011-03-22 22:48 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{71A0692C-54D6-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 10:19 . 2011-03-19 10:20 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DBDC19A-5212-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 11:17 . 2011-03-19 11:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DA9E816-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4449-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4448-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56D-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56C-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:05 . 2011-03-19 10:05 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{65FF7FF4-5210-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 08:18 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{63A3F7D0-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61E0241A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:38 . 2011-03-17 09:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61B935F8-507A-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 09:21 . 2011-03-20 09:21 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60BE6082-52D3-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 19:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60A2FD8C-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:02 . 2011-03-22 20:03 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED5913A-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:32 . 2011-03-21 20:33 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED03E30-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5CAB6194-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-18 16:18 . 2011-03-18 16:18 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5BC9FCCA-517B-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:39 . 2011-03-19 08:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AF0405A-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:31 . 2011-03-17 09:31 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AEEA3EE-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:08 . 2011-03-21 21:08 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5A237E1A-53FF-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:35 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{530FBBE6-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-17 10:00 . 2011-03-17 10:00 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{51A9FCC6-507D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:27 . 2011-03-19 12:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C873206-5224-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 09:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{46DC39C8-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:58 . 2011-03-19 11:58 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CD89D58-5220-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:01 . 2011-03-22 20:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3A349088-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:17 . 2011-03-21 20:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{37D0A8B2-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 16:09 . 2011-03-19 16:09 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{35B4B87C-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 23:13 . 2011-03-17 23:13 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{32FAA68A-50EC-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:43 . 2011-03-21 21:43 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{327BBD8C-5404-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:10 . 2011-03-21 20:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{324591C4-53F7-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 19:54 . 2011-03-22 19:54 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2D33BE00-54BE-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:24 . 2011-03-21 20:24 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2C53129E-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 14:16 . 2011-03-17 14:16 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2B775534-50A1-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 10:10 . 2011-03-19 10:11 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29F78988-5211-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:12 . 2011-03-20 09:12 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28BB6276-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:48 . 2011-03-18 15:48 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{26B6E696-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 08:58 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25601466-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 13:33 . 2011-03-17 13:33 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2481BC70-509B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 20:28 . 2011-03-23 20:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1E082EB0-558C-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 10:38 . 2011-03-19 10:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{181F0C96-5215-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 09:15 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{177DC0C8-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:16 . 2011-03-20 15:16 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BB7DEBA-5305-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:46 . 2011-03-23 21:46 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{08C36C44-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 08:53 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{01DC2D34-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:19 . 2011-03-17 10:19 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{003502E8-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:57 . 2011-03-17 08:57 7028 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
- 2006-12-13 18:41 . 2010-11-12 09:06 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2000-02-13 04:07 . 2005-10-14 11:00 167936 c:\windows\system32\VTtrayp .exe
+ 2000-02-13 04:03 . 2011-03-27 07:59 397550 c:\windows\system32\perfh009.dat
- 2000-02-13 04:03 . 2010-11-02 22:48 397550 c:\windows\system32\perfh009.dat
+ 2011-03-06 07:57 . 2011-03-06 07:57 235168 c:\windows\system32\Macromed\Flash\FlashUtil10n_Plugin.exe
+ 2011-03-17 08:53 . 2011-03-23 20:46 376832 c:\windows\system32\config\systemprofile\PrivacIE\index.dat
+ 2006-04-20 19:57 . 2011-03-23 21:37 163840 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-03-22 19:09 . 2010-04-23 20:45 150938 c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1033.dat
+ 2010-11-12 11:08 . 2010-11-12 11:08 889344 c:\windows\Installer\5874f.msp
+ 2006-12-13 18:41 . 2011-02-11 02:28 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-07-18 03:21 . 2011-03-06 07:57 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-03-17 08:25 . 2011-03-23 22:04 2605056 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-22 15:45 . 2010-10-22 15:45 8444928 c:\windows\Installer\58762.msp
+ 2010-12-06 15:02 . 2010-12-06 15:02 5518848 c:\windows\Installer\58739.msp
+ 2011-01-17 16:06 . 2011-01-17 16:06 5518848 c:\windows\Installer\1241282.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeskSpace"="c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe" [2011-07-12 39944]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2011-07-12 39944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2011-07-12 39940]
"VTTrayp"="VTtrayp.exe" [2011-07-12 39940]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-12 39940]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648]
"WireLessMouse "="c:\program files\Multimedia Combo Set\MouseDrv.exe" [N/A]
"WireLessKeyboard "="c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe" [N/A]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-07-12 39940]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-07-12 39940]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2011-07-12 39940]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-12 39940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
.
c:\documents and settings\Lucia Rusnakova\Start Menu\Programs\Startup\
WKCALREM.LNK - c:\program files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-8-18 21504]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [N/A]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-06-28 86016]
S2 AMService;AMService;c:\windows\TEMP\mqcdef\setup.exe run --> c:\windows\TEMP\mqcdef\setup.exe run [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-12-08 685816]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-02 c:\windows\Tasks\avast! Antivirus.job
- c:\progra~1\ALWILS~1\Avast4\ashAvast.exe [2010-04-17 09:59]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://213.151.230.2:2222/Ctl/WinWebPush.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\documents and settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg&psa=&ind=2010081103&ptnrS=ZCfox000&si=&st=kwd&n=77cf674f&searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
.
------- File Associations -------
.
exefile="c:\documents and settings\NetworkService\Local Settings\Application Data\uja.exe" -a "%1" %*
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 10:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD600VE-07HDT0 rev.09.07D09 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84F1D439]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x84f237b8]; MOV EAX, [0x84f23834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37C5] -> \Device\Harddisk0\DR0[0x84F8A6B0]
3 CLASSPNP[0xF7625FD7] -> nt!IofCallDriver[0x804E37C5] -> \Device\00000075[0x84F2E3B8]
5 ACPI[0xF75AC620] -> nt!IofCallDriver[0x804E37C5] -> [0x84F2ED98]
\Driver\atapi[0x84F95598] -> IRP_MJ_CREATE -> 0x84F1D439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD600VE-07HDT0______________________09.07D09#5&349e391a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x84F1D27F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3860)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\slmdmsr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\VTtrayp.exe
c:\windows\system32\VTTimer.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
c:\program files\Common Files\Real\Update_OB\realsched .exe
c:\program files\Synaptics\SynTP\SynTPEnh .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
.
**************************************************************************
.
Completion time: 2011-07-25 11:22:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-25 10:22
.
Pre-Run: 22,140,317,696 bytes free
Post-Run: 22,075,256,832 bytes free
.
- - End Of File - - 33EAED8438BBC3CBA0184BD7EB163E69
ComboFix 11-07-24.03 - Lucia Rusnakova 2011-07-25 10:38:32.18.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.251 [GMT 1:00]
Running from: c:\documents and settings\Lucia Rusnakova\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucia Rusnakova\Local Settings\Application Data\gin.exe
c:\documents and settings\Lucia Rusnakova\WINDOWS
c:\documents and settings\Lucia Rusnakova\WINDOWS\mxfilerelatedcache.mxc2
c:\documents and settings\NetworkService\Local Settings\Application Data\permham.dll
c:\program files\Multimedia Combo Set\MouseDrv.exe
c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-23 12:31 . 2011-07-23 12:31 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTtrayp.exe
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTTimer.exe
.
Kód: Vybrat vše
<pre>
c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
</pre>((((((((((((((((((((((((((((( SnapShot@2010-11-21_08.56.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-25 09:55 . 2011-07-25 09:55 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
+ 2000-02-13 04:07 . 2005-10-14 11:00 53248 c:\windows\system32\VTTimer .exe
- 2000-02-13 04:03 . 2010-11-02 22:48 60572 c:\windows\system32\perfc009.dat
+ 2000-02-13 04:03 . 2011-03-27 07:59 60572 c:\windows\system32\perfc009.dat
+ 2008-12-25 12:36 . 2010-12-20 18:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:36 . 2010-04-29 14:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:37 . 2010-04-29 14:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2008-12-25 12:37 . 2010-12-20 18:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2011-03-23 20:10 . 2011-03-23 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032320110324\index.dat
+ 2011-03-22 08:47 . 2011-03-22 22:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032220110323\index.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032120110322\index.dat
+ 2011-03-20 09:10 . 2011-03-20 15:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032020110321\index.dat
+ 2011-03-19 08:18 . 2011-03-19 16:22 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031920110320\index.dat
+ 2011-03-18 15:03 . 2011-03-18 23:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031820110319\index.dat
+ 2011-03-17 08:53 . 2011-03-17 14:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031720110318\index.dat
+ 2011-03-22 21:47 . 2011-03-22 21:48 21504 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FD1CA37A-54CD-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:50 . 2011-03-19 08:50 22528 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECCB7BEC-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:49 . 2011-03-17 09:50 11264 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E6C63024-507B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 14:07 . 2011-03-17 14:07 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D81537EA-509F-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 16:28 . 2011-03-18 16:28 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CAF8E57E-517C-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:42 . 2011-03-19 08:42 13312 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C514D11C-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:46 12800 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0701C66-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B60BA252-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:14 36864 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AAE11C78-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 23552 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666C-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:42 . 2011-03-20 15:42 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4F1FDE2-5308-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 22:36 . 2011-03-20 22:39 33280 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{91199FFC-5342-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:45 . 2011-03-19 11:46 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6F354B18-521E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 20:19 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6C46F20C-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 23040 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C31341E-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 14:35 . 2011-03-20 14:35 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CE1607A-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:26 . 2011-03-18 15:27 20992 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2A3D0294-5174-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:59 . 2011-03-21 21:00 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29EE72AA-53FE-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:25 . 2011-03-19 10:25 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2886FC8A-5213-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:05 . 2011-03-17 10:06 14848 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25B2BECC-507E-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 21:04 . 2011-03-23 21:04 15360 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2089A3A8-5591-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 16:22 . 2011-03-19 16:22 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{15518540-5245-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 21:03 . 2011-03-23 20:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2011-03-17 08:53 . 2011-03-23 20:51 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
+ 2006-04-20 20:17 . 2011-03-22 19:09 55680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
+ 2011-03-17 08:26 . 2011-03-23 21:52 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-03-17 08:25 . 2011-03-23 20:51 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-12-13 18:41 . 2011-02-11 02:28 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-03-22 20:21 . 2011-03-22 22:48 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FA633C89-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E4447661-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 23:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D76F6FBA-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:45 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C0701C65-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 22:39 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B60BA251-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 21:43 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A44480A7-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 22:04 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A098F85B-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:01 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{99670A30-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{88DD3ADB-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 16:22 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{733D1757-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 16:36 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C7674CD-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 21:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C46F20B-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 22:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{60A2FD8A-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 10:25 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{59144D27-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{530FBBE5-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{4C31341D-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 15:42 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{46DC39C7-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 08:25 . 2011-03-17 08:25 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{252FC805-5070-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1990EEA1-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 23:13 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{177DC0C7-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 10:38 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01DC2D33-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-22 08:47 . 2011-03-22 08:47 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FDFF9436-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-21 20:29 . 2011-03-21 20:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FB81AB7A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 20:21 . 2011-03-22 20:21 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FA633C8A-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 23:10 . 2011-03-18 23:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F78D5434-51B4-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F5-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F4-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:36 . 2011-03-18 16:37 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F12FB5B4-517D-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:57 . 2011-03-19 08:58 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EFA328E6-5206-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 15:15 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EC578C50-5304-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E4447662-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:22 . 2011-03-21 20:22 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E2AA8C1C-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB245-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB244-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 23:03 . 2011-03-18 23:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E01E37EC-51B3-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 14:28 . 2011-03-17 14:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DDF25E4C-50A2-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 21:44 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D76F6FBC-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 10:39 . 2011-03-17 10:39 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D65270D4-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 14:46 . 2011-03-20 14:46 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2DCCDCA-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:52 . 2011-03-23 21:52 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2B61B8C-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:33 . 2011-03-21 21:33 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CE47C956-5402-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 13:52 . 2011-03-17 13:52 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CB2233BE-509D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:31 . 2011-03-17 10:32 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C6B60BDC-5081-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 11:55 . 2011-03-19 11:55 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C3AE5B84-521F-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 21:37 . 2011-03-23 21:38 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE9744AC-5595-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 11:05 . 2011-03-19 11:05 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE30F68C-5218-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 16:12 . 2011-03-19 16:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BD47502E-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:27 . 2011-03-22 20:27 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001F-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:26 . 2011-03-22 20:27 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001E-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADF-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADE-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 09:55 . 2011-03-17 09:55 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B480DA28-507C-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:16 . 2011-03-19 12:16 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B2D93F24-5222-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666D-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:03 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A8F965FE-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 20:20 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A44480A8-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:33 . 2011-03-17 09:33 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4297E44-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 15:36 . 2011-03-19 15:36 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A1780604-523E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85E-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85C-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:06 . 2011-03-22 22:07 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A02E587C-54D0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 15:35 . 2011-03-20 15:35 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9FC8A75E-5307-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:13 . 2011-03-18 16:13 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9E3F09CA-517A-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 14:44 . 2011-03-20 14:45 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9D4AF79A-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:18 . 2011-03-19 11:18 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{987078D0-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:46 . 2011-03-23 20:46 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{95BF812C-558E-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:17 . 2011-03-21 21:17 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{94925F8E-5400-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 15:06 . 2011-03-20 15:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93E9347A-5303-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 20:11 . 2011-03-22 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93B2B472-54C0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 15:51 . 2011-03-18 15:51 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8FF1D0E4-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:33 . 2011-03-21 20:34 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8BB8C96C-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:52 . 2011-03-21 21:53 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{890ADCB8-5405-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 20:05 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{88DD3ADC-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC9-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC8-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:56 . 2011-03-17 08:57 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{842BB440-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCF-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCE-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 22:04 . 2011-03-23 22:05 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{823FBD8C-5599-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 08:47 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7B6805A6-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:22 . 2011-03-17 10:22 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{79F0B42E-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 22:10 . 2011-03-18 22:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7879E3D6-51AC-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 15:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{75B12F30-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:26 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7592B1A8-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:23 . 2011-03-21 21:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{735F3FFC-5401-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20F-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20E-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:48 . 2011-03-22 22:48 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{71A0692C-54D6-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 10:19 . 2011-03-19 10:20 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DBDC19A-5212-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 11:17 . 2011-03-19 11:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DA9E816-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4449-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4448-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56D-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56C-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:05 . 2011-03-19 10:05 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{65FF7FF4-5210-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 08:18 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{63A3F7D0-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61E0241A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:38 . 2011-03-17 09:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61B935F8-507A-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 09:21 . 2011-03-20 09:21 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60BE6082-52D3-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 19:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60A2FD8C-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:02 . 2011-03-22 20:03 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED5913A-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:32 . 2011-03-21 20:33 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED03E30-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5CAB6194-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-18 16:18 . 2011-03-18 16:18 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5BC9FCCA-517B-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:39 . 2011-03-19 08:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AF0405A-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:31 . 2011-03-17 09:31 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AEEA3EE-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:08 . 2011-03-21 21:08 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5A237E1A-53FF-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:35 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{530FBBE6-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-17 10:00 . 2011-03-17 10:00 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{51A9FCC6-507D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:27 . 2011-03-19 12:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C873206-5224-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 09:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{46DC39C8-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:58 . 2011-03-19 11:58 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CD89D58-5220-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:01 . 2011-03-22 20:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3A349088-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:17 . 2011-03-21 20:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{37D0A8B2-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 16:09 . 2011-03-19 16:09 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{35B4B87C-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 23:13 . 2011-03-17 23:13 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{32FAA68A-50EC-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:43 . 2011-03-21 21:43 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{327BBD8C-5404-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:10 . 2011-03-21 20:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{324591C4-53F7-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 19:54 . 2011-03-22 19:54 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2D33BE00-54BE-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:24 . 2011-03-21 20:24 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2C53129E-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 14:16 . 2011-03-17 14:16 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2B775534-50A1-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 10:10 . 2011-03-19 10:11 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29F78988-5211-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:12 . 2011-03-20 09:12 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28BB6276-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:48 . 2011-03-18 15:48 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{26B6E696-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 08:58 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25601466-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 13:33 . 2011-03-17 13:33 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2481BC70-509B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 20:28 . 2011-03-23 20:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1E082EB0-558C-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 10:38 . 2011-03-19 10:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{181F0C96-5215-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 09:15 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{177DC0C8-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:16 . 2011-03-20 15:16 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BB7DEBA-5305-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:46 . 2011-03-23 21:46 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{08C36C44-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 08:53 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{01DC2D34-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:19 . 2011-03-17 10:19 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{003502E8-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:57 . 2011-03-17 08:57 7028 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
- 2006-12-13 18:41 . 2010-11-12 09:06 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2000-02-13 04:07 . 2005-10-14 11:00 167936 c:\windows\system32\VTtrayp .exe
+ 2000-02-13 04:03 . 2011-03-27 07:59 397550 c:\windows\system32\perfh009.dat
- 2000-02-13 04:03 . 2010-11-02 22:48 397550 c:\windows\system32\perfh009.dat
+ 2011-03-06 07:57 . 2011-03-06 07:57 235168 c:\windows\system32\Macromed\Flash\FlashUtil10n_Plugin.exe
+ 2011-03-17 08:53 . 2011-03-23 20:46 376832 c:\windows\system32\config\systemprofile\PrivacIE\index.dat
+ 2006-04-20 19:57 . 2011-03-23 21:37 163840 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-03-22 19:09 . 2010-04-23 20:45 150938 c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1033.dat
+ 2010-11-12 11:08 . 2010-11-12 11:08 889344 c:\windows\Installer\5874f.msp
+ 2006-12-13 18:41 . 2011-02-11 02:28 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-07-18 03:21 . 2011-03-06 07:57 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-03-17 08:25 . 2011-03-23 22:04 2605056 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-22 15:45 . 2010-10-22 15:45 8444928 c:\windows\Installer\58762.msp
+ 2010-12-06 15:02 . 2010-12-06 15:02 5518848 c:\windows\Installer\58739.msp
+ 2011-01-17 16:06 . 2011-01-17 16:06 5518848 c:\windows\Installer\1241282.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeskSpace"="c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe" [2011-07-12 39944]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2011-07-12 39944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2011-07-12 39940]
"VTTrayp"="VTtrayp.exe" [2011-07-12 39940]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-12 39940]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648]
"WireLessMouse "="c:\program files\Multimedia Combo Set\MouseDrv.exe" [N/A]
"WireLessKeyboard "="c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe" [N/A]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-07-12 39940]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-07-12 39940]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2011-07-12 39940]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-12 39940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
.
c:\documents and settings\Lucia Rusnakova\Start Menu\Programs\Startup\
WKCALREM.LNK - c:\program files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-8-18 21504]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [N/A]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-06-28 86016]
S2 AMService;AMService;c:\windows\TEMP\mqcdef\setup.exe run --> c:\windows\TEMP\mqcdef\setup.exe run [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-12-08 685816]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-02 c:\windows\Tasks\avast! Antivirus.job
- c:\progra~1\ALWILS~1\Avast4\ashAvast.exe [2010-04-17 09:59]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://213.151.230.2:2222/Ctl/WinWebPush.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\documents and settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg&psa=&ind=2010081103&ptnrS=ZCfox000&si=&st=kwd&n=77cf674f&searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
.
------- File Associations -------
.
exefile="c:\documents and settings\NetworkService\Local Settings\Application Data\uja.exe" -a "%1" %*
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 10:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD600VE-07HDT0 rev.09.07D09 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84F1D439]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x84f237b8]; MOV EAX, [0x84f23834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37C5] -> \Device\Harddisk0\DR0[0x84F8A6B0]
3 CLASSPNP[0xF7625FD7] -> nt!IofCallDriver[0x804E37C5] -> \Device\00000075[0x84F2E3B8]
5 ACPI[0xF75AC620] -> nt!IofCallDriver[0x804E37C5] -> [0x84F2ED98]
\Driver\atapi[0x84F95598] -> IRP_MJ_CREATE -> 0x84F1D439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD600VE-07HDT0______________________09.07D09#5&349e391a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x84F1D27F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3860)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\slmdmsr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\VTtrayp.exe
c:\windows\system32\VTTimer.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
c:\program files\Common Files\Real\Update_OB\realsched .exe
c:\program files\Synaptics\SynTP\SynTPEnh .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
.
**************************************************************************
.
Completion time: 2011-07-25 11:22:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-25 10:22
.
Pre-Run: 22,140,317,696 bytes free
Post-Run: 22,075,256,832 bytes free
.
- - End Of File - - 33EAED8438BBC3CBA0184BD7EB163E69
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavireny, pomaly pc
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\TEMP\mqcdef\setup.exe run
Driver::
AMService
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavireny, pomaly pc
Dobry den,
tak uz som to spravila, je este nieco potrebne dokoncit?
Ďakujem
tak uz som to spravila, je este nieco potrebne dokoncit?
Ďakujem
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavireny, pomaly pc
Rád bych ještě viděl log z posledního skenu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavireny, pomaly pc
ComboFix 11-07-24.03 - Lucia Rusnakova 2011-07-25 10:38:32.18.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.251 [GMT 1:00]
Running from: c:\documents and settings\Lucia Rusnakova\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucia Rusnakova\Local Settings\Application Data\gin.exe
c:\documents and settings\Lucia Rusnakova\WINDOWS
c:\documents and settings\Lucia Rusnakova\WINDOWS\mxfilerelatedcache.mxc2
c:\documents and settings\NetworkService\Local Settings\Application Data\permham.dll
c:\program files\Multimedia Combo Set\MouseDrv.exe
c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-23 12:31 . 2011-07-23 12:31 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTtrayp.exe
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTTimer.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2010-11-21_08.56.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-25 09:55 . 2011-07-25 09:55 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
+ 2000-02-13 04:07 . 2005-10-14 11:00 53248 c:\windows\system32\VTTimer .exe
- 2000-02-13 04:03 . 2010-11-02 22:48 60572 c:\windows\system32\perfc009.dat
+ 2000-02-13 04:03 . 2011-03-27 07:59 60572 c:\windows\system32\perfc009.dat
+ 2008-12-25 12:36 . 2010-12-20 18:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:36 . 2010-04-29 14:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:37 . 2010-04-29 14:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2008-12-25 12:37 . 2010-12-20 18:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2011-03-23 20:10 . 2011-03-23 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032320110324\index.dat
+ 2011-03-22 08:47 . 2011-03-22 22:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032220110323\index.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032120110322\index.dat
+ 2011-03-20 09:10 . 2011-03-20 15:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032020110321\index.dat
+ 2011-03-19 08:18 . 2011-03-19 16:22 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031920110320\index.dat
+ 2011-03-18 15:03 . 2011-03-18 23:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031820110319\index.dat
+ 2011-03-17 08:53 . 2011-03-17 14:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031720110318\index.dat
+ 2011-03-22 21:47 . 2011-03-22 21:48 21504 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FD1CA37A-54CD-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:50 . 2011-03-19 08:50 22528 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECCB7BEC-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:49 . 2011-03-17 09:50 11264 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E6C63024-507B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 14:07 . 2011-03-17 14:07 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D81537EA-509F-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 16:28 . 2011-03-18 16:28 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CAF8E57E-517C-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:42 . 2011-03-19 08:42 13312 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C514D11C-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:46 12800 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0701C66-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B60BA252-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:14 36864 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AAE11C78-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 23552 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666C-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:42 . 2011-03-20 15:42 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4F1FDE2-5308-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 22:36 . 2011-03-20 22:39 33280 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{91199FFC-5342-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:45 . 2011-03-19 11:46 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6F354B18-521E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 20:19 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6C46F20C-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 23040 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C31341E-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 14:35 . 2011-03-20 14:35 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CE1607A-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:26 . 2011-03-18 15:27 20992 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2A3D0294-5174-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:59 . 2011-03-21 21:00 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29EE72AA-53FE-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:25 . 2011-03-19 10:25 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2886FC8A-5213-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:05 . 2011-03-17 10:06 14848 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25B2BECC-507E-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 21:04 . 2011-03-23 21:04 15360 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2089A3A8-5591-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 16:22 . 2011-03-19 16:22 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{15518540-5245-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 21:03 . 2011-03-23 20:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2011-03-17 08:53 . 2011-03-23 20:51 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
+ 2006-04-20 20:17 . 2011-03-22 19:09 55680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
+ 2011-03-17 08:26 . 2011-03-23 21:52 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-03-17 08:25 . 2011-03-23 20:51 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-12-13 18:41 . 2011-02-11 02:28 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-03-22 20:21 . 2011-03-22 22:48 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FA633C89-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E4447661-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 23:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D76F6FBA-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:45 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C0701C65-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 22:39 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B60BA251-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 21:43 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A44480A7-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 22:04 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A098F85B-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:01 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{99670A30-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{88DD3ADB-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 16:22 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{733D1757-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 16:36 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C7674CD-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 21:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C46F20B-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 22:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{60A2FD8A-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 10:25 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{59144D27-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{530FBBE5-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{4C31341D-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 15:42 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{46DC39C7-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 08:25 . 2011-03-17 08:25 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{252FC805-5070-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1990EEA1-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 23:13 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{177DC0C7-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 10:38 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01DC2D33-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-22 08:47 . 2011-03-22 08:47 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FDFF9436-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-21 20:29 . 2011-03-21 20:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FB81AB7A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 20:21 . 2011-03-22 20:21 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FA633C8A-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 23:10 . 2011-03-18 23:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F78D5434-51B4-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F5-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F4-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:36 . 2011-03-18 16:37 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F12FB5B4-517D-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:57 . 2011-03-19 08:58 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EFA328E6-5206-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 15:15 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EC578C50-5304-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E4447662-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:22 . 2011-03-21 20:22 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E2AA8C1C-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB245-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB244-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 23:03 . 2011-03-18 23:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E01E37EC-51B3-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 14:28 . 2011-03-17 14:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DDF25E4C-50A2-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 21:44 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D76F6FBC-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 10:39 . 2011-03-17 10:39 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D65270D4-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 14:46 . 2011-03-20 14:46 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2DCCDCA-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:52 . 2011-03-23 21:52 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2B61B8C-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:33 . 2011-03-21 21:33 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CE47C956-5402-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 13:52 . 2011-03-17 13:52 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CB2233BE-509D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:31 . 2011-03-17 10:32 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C6B60BDC-5081-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 11:55 . 2011-03-19 11:55 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C3AE5B84-521F-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 21:37 . 2011-03-23 21:38 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE9744AC-5595-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 11:05 . 2011-03-19 11:05 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE30F68C-5218-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 16:12 . 2011-03-19 16:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BD47502E-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:27 . 2011-03-22 20:27 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001F-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:26 . 2011-03-22 20:27 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001E-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADF-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADE-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 09:55 . 2011-03-17 09:55 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B480DA28-507C-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:16 . 2011-03-19 12:16 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B2D93F24-5222-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666D-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:03 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A8F965FE-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 20:20 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A44480A8-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:33 . 2011-03-17 09:33 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4297E44-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 15:36 . 2011-03-19 15:36 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A1780604-523E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85E-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85C-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:06 . 2011-03-22 22:07 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A02E587C-54D0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 15:35 . 2011-03-20 15:35 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9FC8A75E-5307-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:13 . 2011-03-18 16:13 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9E3F09CA-517A-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 14:44 . 2011-03-20 14:45 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9D4AF79A-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:18 . 2011-03-19 11:18 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{987078D0-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:46 . 2011-03-23 20:46 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{95BF812C-558E-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:17 . 2011-03-21 21:17 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{94925F8E-5400-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 15:06 . 2011-03-20 15:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93E9347A-5303-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 20:11 . 2011-03-22 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93B2B472-54C0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 15:51 . 2011-03-18 15:51 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8FF1D0E4-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:33 . 2011-03-21 20:34 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8BB8C96C-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:52 . 2011-03-21 21:53 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{890ADCB8-5405-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 20:05 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{88DD3ADC-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC9-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC8-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:56 . 2011-03-17 08:57 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{842BB440-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCF-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCE-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 22:04 . 2011-03-23 22:05 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{823FBD8C-5599-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 08:47 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7B6805A6-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:22 . 2011-03-17 10:22 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{79F0B42E-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 22:10 . 2011-03-18 22:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7879E3D6-51AC-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 15:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{75B12F30-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:26 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7592B1A8-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:23 . 2011-03-21 21:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{735F3FFC-5401-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20F-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20E-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:48 . 2011-03-22 22:48 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{71A0692C-54D6-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 10:19 . 2011-03-19 10:20 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DBDC19A-5212-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 11:17 . 2011-03-19 11:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DA9E816-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4449-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4448-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56D-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56C-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:05 . 2011-03-19 10:05 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{65FF7FF4-5210-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 08:18 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{63A3F7D0-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61E0241A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:38 . 2011-03-17 09:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61B935F8-507A-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 09:21 . 2011-03-20 09:21 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60BE6082-52D3-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 19:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60A2FD8C-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:02 . 2011-03-22 20:03 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED5913A-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:32 . 2011-03-21 20:33 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED03E30-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5CAB6194-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-18 16:18 . 2011-03-18 16:18 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5BC9FCCA-517B-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:39 . 2011-03-19 08:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AF0405A-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:31 . 2011-03-17 09:31 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AEEA3EE-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:08 . 2011-03-21 21:08 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5A237E1A-53FF-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:35 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{530FBBE6-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-17 10:00 . 2011-03-17 10:00 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{51A9FCC6-507D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:27 . 2011-03-19 12:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C873206-5224-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 09:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{46DC39C8-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:58 . 2011-03-19 11:58 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CD89D58-5220-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:01 . 2011-03-22 20:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3A349088-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:17 . 2011-03-21 20:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{37D0A8B2-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 16:09 . 2011-03-19 16:09 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{35B4B87C-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 23:13 . 2011-03-17 23:13 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{32FAA68A-50EC-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:43 . 2011-03-21 21:43 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{327BBD8C-5404-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:10 . 2011-03-21 20:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{324591C4-53F7-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 19:54 . 2011-03-22 19:54 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2D33BE00-54BE-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:24 . 2011-03-21 20:24 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2C53129E-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 14:16 . 2011-03-17 14:16 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2B775534-50A1-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 10:10 . 2011-03-19 10:11 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29F78988-5211-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:12 . 2011-03-20 09:12 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28BB6276-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:48 . 2011-03-18 15:48 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{26B6E696-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 08:58 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25601466-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 13:33 . 2011-03-17 13:33 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2481BC70-509B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 20:28 . 2011-03-23 20:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1E082EB0-558C-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 10:38 . 2011-03-19 10:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{181F0C96-5215-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 09:15 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{177DC0C8-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:16 . 2011-03-20 15:16 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BB7DEBA-5305-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:46 . 2011-03-23 21:46 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{08C36C44-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 08:53 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{01DC2D34-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:19 . 2011-03-17 10:19 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{003502E8-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:57 . 2011-03-17 08:57 7028 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
- 2006-12-13 18:41 . 2010-11-12 09:06 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2000-02-13 04:07 . 2005-10-14 11:00 167936 c:\windows\system32\VTtrayp .exe
+ 2000-02-13 04:03 . 2011-03-27 07:59 397550 c:\windows\system32\perfh009.dat
- 2000-02-13 04:03 . 2010-11-02 22:48 397550 c:\windows\system32\perfh009.dat
+ 2011-03-06 07:57 . 2011-03-06 07:57 235168 c:\windows\system32\Macromed\Flash\FlashUtil10n_Plugin.exe
+ 2011-03-17 08:53 . 2011-03-23 20:46 376832 c:\windows\system32\config\systemprofile\PrivacIE\index.dat
+ 2006-04-20 19:57 . 2011-03-23 21:37 163840 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-03-22 19:09 . 2010-04-23 20:45 150938 c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1033.dat
+ 2010-11-12 11:08 . 2010-11-12 11:08 889344 c:\windows\Installer\5874f.msp
+ 2006-12-13 18:41 . 2011-02-11 02:28 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-07-18 03:21 . 2011-03-06 07:57 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-03-17 08:25 . 2011-03-23 22:04 2605056 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-22 15:45 . 2010-10-22 15:45 8444928 c:\windows\Installer\58762.msp
+ 2010-12-06 15:02 . 2010-12-06 15:02 5518848 c:\windows\Installer\58739.msp
+ 2011-01-17 16:06 . 2011-01-17 16:06 5518848 c:\windows\Installer\1241282.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeskSpace"="c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe" [2011-07-12 39944]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2011-07-12 39944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2011-07-12 39940]
"VTTrayp"="VTtrayp.exe" [2011-07-12 39940]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-12 39940]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648]
"WireLessMouse "="c:\program files\Multimedia Combo Set\MouseDrv.exe" [N/A]
"WireLessKeyboard "="c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe" [N/A]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-07-12 39940]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-07-12 39940]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2011-07-12 39940]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-12 39940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
.
c:\documents and settings\Lucia Rusnakova\Start Menu\Programs\Startup\
WKCALREM.LNK - c:\program files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-8-18 21504]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [N/A]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-06-28 86016]
S2 AMService;AMService;c:\windows\TEMP\mqcdef\setup.exe run --> c:\windows\TEMP\mqcdef\setup.exe run [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-12-08 685816]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-02 c:\windows\Tasks\avast! Antivirus.job
- c:\progra~1\ALWILS~1\Avast4\ashAvast.exe [2010-04-17 09:59]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://213.151.230.2:2222/Ctl/WinWebPush.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\documents and settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg&psa=&ind=2010081103&ptnrS=ZCfox000&si=&st=kwd&n=77cf674f&searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
.
------- File Associations -------
.
exefile="c:\documents and settings\NetworkService\Local Settings\Application Data\uja.exe" -a "%1" %*
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 10:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD600VE-07HDT0 rev.09.07D09 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84F1D439]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x84f237b8]; MOV EAX, [0x84f23834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37C5] -> \Device\Harddisk0\DR0[0x84F8A6B0]
3 CLASSPNP[0xF7625FD7] -> nt!IofCallDriver[0x804E37C5] -> \Device\00000075[0x84F2E3B8]
5 ACPI[0xF75AC620] -> nt!IofCallDriver[0x804E37C5] -> [0x84F2ED98]
\Driver\atapi[0x84F95598] -> IRP_MJ_CREATE -> 0x84F1D439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD600VE-07HDT0______________________09.07D09#5&349e391a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x84F1D27F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3860)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\slmdmsr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\VTtrayp.exe
c:\windows\system32\VTTimer.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
c:\program files\Common Files\Real\Update_OB\realsched .exe
c:\program files\Synaptics\SynTP\SynTPEnh .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
.
**************************************************************************
.
Completion time: 2011-07-25 11:22:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-25 10:22
.
Pre-Run: 22,140,317,696 bytes free
Post-Run: 22,075,256,832 bytes free
.
- - End Of File - - 33EAED8438BBC3CBA0184BD7EB163E69
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.251 [GMT 1:00]
Running from: c:\documents and settings\Lucia Rusnakova\Desktop\ComboFix.exe
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucia Rusnakova\Local Settings\Application Data\gin.exe
c:\documents and settings\Lucia Rusnakova\WINDOWS
c:\documents and settings\Lucia Rusnakova\WINDOWS\mxfilerelatedcache.mxc2
c:\documents and settings\NetworkService\Local Settings\Application Data\permham.dll
c:\program files\Multimedia Combo Set\MouseDrv.exe
c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-23 12:31 . 2011-07-23 12:31 -------- d-sh--w- c:\documents and settings\NetworkService\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTtrayp.exe
2011-07-12 07:12 . 2000-02-13 04:07 39940 ----a-w- c:\windows\system32\VTTimer.exe
.
Kód: Vybrat vše
<pre>
c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
</pre>((((((((((((((((((((((((((((( SnapShot@2010-11-21_08.56.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-25 09:55 . 2011-07-25 09:55 16384 c:\windows\temp\Perflib_Perfdata_61c.dat
+ 2000-02-13 04:07 . 2005-10-14 11:00 53248 c:\windows\system32\VTTimer .exe
- 2000-02-13 04:03 . 2010-11-02 22:48 60572 c:\windows\system32\perfc009.dat
+ 2000-02-13 04:03 . 2011-03-27 07:59 60572 c:\windows\system32\perfc009.dat
+ 2008-12-25 12:36 . 2010-12-20 18:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:36 . 2010-04-29 14:39 38224 c:\windows\system32\drivers\mbamswissarmy.sys
- 2008-12-25 12:37 . 2010-04-29 14:39 20952 c:\windows\system32\drivers\mbam.sys
+ 2008-12-25 12:37 . 2010-12-20 18:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2011-03-23 20:10 . 2011-03-23 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032320110324\index.dat
+ 2011-03-22 08:47 . 2011-03-22 22:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032220110323\index.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032120110322\index.dat
+ 2011-03-20 09:10 . 2011-03-20 15:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011032020110321\index.dat
+ 2011-03-19 08:18 . 2011-03-19 16:22 49152 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031920110320\index.dat
+ 2011-03-18 15:03 . 2011-03-18 23:10 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031820110319\index.dat
+ 2011-03-17 08:53 . 2011-03-17 14:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011031720110318\index.dat
+ 2011-03-22 21:47 . 2011-03-22 21:48 21504 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FD1CA37A-54CD-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:50 . 2011-03-19 08:50 22528 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECCB7BEC-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:49 . 2011-03-17 09:50 11264 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E6C63024-507B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 14:07 . 2011-03-17 14:07 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D81537EA-509F-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 16:28 . 2011-03-18 16:28 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CAF8E57E-517C-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:42 . 2011-03-19 08:42 13312 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C514D11C-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:46 12800 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C0701C66-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 14:39 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B60BA252-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:14 36864 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AAE11C78-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 23552 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666C-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:42 . 2011-03-20 15:42 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4F1FDE2-5308-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 22:36 . 2011-03-20 22:39 33280 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{91199FFC-5342-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:45 . 2011-03-19 11:46 20480 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6F354B18-521E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 20:19 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6C46F20C-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 23040 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C31341E-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 14:35 . 2011-03-20 14:35 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CE1607A-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:26 . 2011-03-18 15:27 20992 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2A3D0294-5174-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:59 . 2011-03-21 21:00 11776 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29EE72AA-53FE-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:25 . 2011-03-19 10:25 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2886FC8A-5213-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:05 . 2011-03-17 10:06 14848 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25B2BECC-507E-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 21:04 . 2011-03-23 21:04 15360 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2089A3A8-5591-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 16:22 . 2011-03-19 16:22 12288 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{15518540-5245-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 21:03 . 2011-03-23 20:51 32768 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
+ 2011-03-17 08:53 . 2011-03-23 20:51 16384 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
+ 2006-04-20 20:17 . 2011-03-22 19:09 55680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
+ 2011-03-17 08:26 . 2011-03-23 21:52 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
+ 2011-03-17 08:25 . 2011-03-23 20:51 49152 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-12-13 18:41 . 2011-02-11 02:28 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 23040 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 27136 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 11264 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 12288 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2011-03-22 20:21 . 2011-03-22 22:48 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{FA633C89-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E4447661-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 23:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{D76F6FBA-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-22 08:45 . 2011-03-22 08:45 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{C0701C65-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-20 14:38 . 2011-03-20 22:39 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B60BA251-52FF-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 21:43 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A44480A7-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 22:04 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{A098F85B-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:01 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{99670A30-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 21:52 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{88DD3ADB-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 16:22 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{733D1757-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 16:36 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C7674CD-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-22 20:17 . 2011-03-22 21:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{6C46F20B-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 22:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{60A2FD8A-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 10:25 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{59144D27-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:47 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{530FBBE5-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-22 19:05 . 2011-03-22 19:05 3584 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{4C31341D-54B7-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 15:42 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{46DC39C7-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 08:25 . 2011-03-17 08:25 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{252FC805-5070-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{1990EEA1-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 23:13 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{177DC0C7-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 10:38 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{01DC2D33-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-22 08:47 . 2011-03-22 08:47 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FDFF9436-5460-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-21 20:29 . 2011-03-21 20:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FB81AB7A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 20:21 . 2011-03-22 20:21 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{FA633C8A-54C1-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 23:10 . 2011-03-18 23:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F78D5434-51B4-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F5-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F5B932F4-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:36 . 2011-03-18 16:37 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{F12FB5B4-517D-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:57 . 2011-03-19 08:58 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EFA328E6-5206-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 15:15 . 2011-03-20 15:16 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{EC578C50-5304-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 18:33 . 2011-03-22 18:33 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E4447662-54B2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:22 . 2011-03-21 20:22 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E2AA8C1C-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB245-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-20 09:10 . 2011-03-20 09:10 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E0EFB244-52D1-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 23:03 . 2011-03-18 23:03 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E01E37EC-51B3-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 14:28 . 2011-03-17 14:29 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{DDF25E4C-50A2-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 21:44 . 2011-03-18 21:44 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D76F6FBC-51A8-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-17 10:39 . 2011-03-17 10:39 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D65270D4-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 14:46 . 2011-03-20 14:46 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2DCCDCA-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:52 . 2011-03-23 21:52 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{D2B61B8C-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:33 . 2011-03-21 21:33 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CE47C956-5402-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 13:52 . 2011-03-17 13:52 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{CB2233BE-509D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:31 . 2011-03-17 10:32 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C6B60BDC-5081-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 11:55 . 2011-03-19 11:55 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{C3AE5B84-521F-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 21:37 . 2011-03-23 21:38 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE9744AC-5595-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 11:05 . 2011-03-19 11:05 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BE30F68C-5218-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 16:12 . 2011-03-19 16:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BD47502E-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:27 . 2011-03-22 20:27 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001F-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:26 . 2011-03-22 20:27 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{BA47001E-54C2-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADF-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:11 . 2011-03-23 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B8E08ADE-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 09:55 . 2011-03-17 09:55 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B480DA28-507C-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:16 . 2011-03-19 12:16 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{B2D93F24-5222-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:38 . 2011-03-17 10:38 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{AA2D666D-5082-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 15:01 . 2011-03-18 15:03 8192 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A8F965FE-5170-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:20 . 2011-03-21 20:20 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A44480A8-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:33 . 2011-03-17 09:33 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A4297E44-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 15:36 . 2011-03-19 15:36 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A1780604-523E-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85E-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 20:10 . 2011-03-23 20:10 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A098F85C-5589-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:06 . 2011-03-22 22:07 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{A02E587C-54D0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-20 15:35 . 2011-03-20 15:35 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9FC8A75E-5307-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 16:13 . 2011-03-18 16:13 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9E3F09CA-517A-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 14:44 . 2011-03-20 14:45 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{9D4AF79A-5300-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:18 . 2011-03-19 11:18 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{987078D0-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 20:46 . 2011-03-23 20:46 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{95BF812C-558E-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-21 21:17 . 2011-03-21 21:17 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{94925F8E-5400-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-20 15:06 . 2011-03-20 15:06 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93E9347A-5303-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 20:11 . 2011-03-22 20:11 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{93B2B472-54C0-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-18 15:51 . 2011-03-18 15:51 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8FF1D0E4-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:33 . 2011-03-21 20:34 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{8BB8C96C-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:52 . 2011-03-21 21:53 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{890ADCB8-5405-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:05 . 2011-03-21 20:05 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{88DD3ADC-53F6-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC9-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:14 . 2011-03-23 21:14 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{86E91BC8-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:56 . 2011-03-17 08:57 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{842BB440-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCF-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{83817CCE-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-23 22:04 . 2011-03-23 22:05 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{823FBD8C-5599-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 08:47 . 2011-03-19 08:47 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7B6805A6-5205-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 10:22 . 2011-03-17 10:22 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{79F0B42E-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-18 22:10 . 2011-03-18 22:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7879E3D6-51AC-11E0-AA64-00C0A8B00F43}.dat
+ 2011-03-18 15:21 . 2011-03-18 15:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{75B12F30-5173-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-21 20:26 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{7592B1A8-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 21:23 . 2011-03-21 21:23 8704 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{735F3FFC-5401-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20F-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-23 21:13 . 2011-03-23 21:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{72C8E20E-5592-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-22 22:48 . 2011-03-22 22:48 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{71A0692C-54D6-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-19 10:19 . 2011-03-19 10:20 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DBDC19A-5212-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 11:17 . 2011-03-19 11:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6DA9E816-521A-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4449-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 09:44 . 2011-03-19 09:44 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6D9C4448-520D-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:26 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56D-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{68D9E56C-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 10:05 . 2011-03-19 10:05 9728 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{65FF7FF4-5210-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-19 08:17 . 2011-03-19 08:18 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{63A3F7D0-5201-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 9216 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61E0241A-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 09:38 . 2011-03-17 09:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{61B935F8-507A-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 09:21 . 2011-03-20 09:21 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60BE6082-52D3-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-22 19:12 . 2011-03-22 19:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{60A2FD8C-54B8-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-22 20:02 . 2011-03-22 20:03 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED5913A-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:32 . 2011-03-21 20:33 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5ED03E30-53FA-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:25 . 2011-03-21 20:25 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5CAB6194-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-18 16:18 . 2011-03-18 16:18 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5BC9FCCA-517B-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-19 08:39 . 2011-03-19 08:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AF0405A-5204-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:31 . 2011-03-17 09:31 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5AEEA3EE-5079-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:08 . 2011-03-21 21:08 6656 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{5A237E1A-53FF-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 08:35 . 2011-03-22 08:35 7168 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{530FBBE6-545F-11E0-AA68-00C0A8B00F43}.dat
+ 2011-03-17 10:00 . 2011-03-17 10:00 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{51A9FCC6-507D-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 12:27 . 2011-03-19 12:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{4C873206-5224-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:13 . 2011-03-20 09:13 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{46DC39C8-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-19 11:58 . 2011-03-19 11:58 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3CD89D58-5220-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-22 20:01 . 2011-03-22 20:02 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{3A349088-54BF-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:17 . 2011-03-21 20:17 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{37D0A8B2-53F8-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-19 16:09 . 2011-03-19 16:09 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{35B4B87C-5243-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 23:13 . 2011-03-17 23:13 4096 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{32FAA68A-50EC-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-21 21:43 . 2011-03-21 21:43 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{327BBD8C-5404-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-21 20:10 . 2011-03-21 20:10 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{324591C4-53F7-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-22 19:54 . 2011-03-22 19:54 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2D33BE00-54BE-11E0-AA69-00C0A8B00F43}.dat
+ 2011-03-21 20:24 . 2011-03-21 20:24 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2C53129E-53F9-11E0-AA67-00C0A8B00F43}.dat
+ 2011-03-17 14:16 . 2011-03-17 14:16 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2B775534-50A1-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-19 10:10 . 2011-03-19 10:11 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{29F78988-5211-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-20 09:12 . 2011-03-20 09:12 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{28BB6276-52D2-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-18 15:48 . 2011-03-18 15:48 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{26B6E696-5177-11E0-AA63-00C0A8B00F43}.dat
+ 2011-03-20 08:57 . 2011-03-20 08:58 4608 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{25601466-52D0-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-17 13:33 . 2011-03-17 13:33 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{2481BC70-509B-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-23 20:28 . 2011-03-23 20:28 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{1E082EB0-558C-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-19 10:38 . 2011-03-19 10:39 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{181F0C96-5215-11E0-AA65-00C0A8B00F43}.dat
+ 2011-03-17 09:15 . 2011-03-17 09:15 5632 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{177DC0C8-5077-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-20 15:16 . 2011-03-20 15:16 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BB7DEBA-5305-11E0-AA66-00C0A8B00F43}.dat
+ 2011-03-23 21:46 . 2011-03-23 21:46 5120 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{08C36C44-5597-11E0-AA6A-00C0A8B00F43}.dat
+ 2011-03-17 08:53 . 2011-03-17 08:53 6144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{01DC2D34-5074-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 10:19 . 2011-03-17 10:19 7680 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{003502E8-5080-11E0-AA62-00C0A8B00F43}.dat
+ 2011-03-17 08:57 . 2011-03-17 08:57 7028 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat
- 2006-12-13 18:41 . 2010-11-12 09:06 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 4096 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2000-02-13 04:07 . 2005-10-14 11:00 167936 c:\windows\system32\VTtrayp .exe
+ 2000-02-13 04:03 . 2011-03-27 07:59 397550 c:\windows\system32\perfh009.dat
- 2000-02-13 04:03 . 2010-11-02 22:48 397550 c:\windows\system32\perfh009.dat
+ 2011-03-06 07:57 . 2011-03-06 07:57 235168 c:\windows\system32\Macromed\Flash\FlashUtil10n_Plugin.exe
+ 2011-03-17 08:53 . 2011-03-23 20:46 376832 c:\windows\system32\config\systemprofile\PrivacIE\index.dat
+ 2006-04-20 19:57 . 2011-03-23 21:37 163840 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-03-22 19:09 . 2010-04-23 20:45 150938 c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1033.dat
+ 2010-11-12 11:08 . 2010-11-12 11:08 889344 c:\windows\Installer\5874f.msp
+ 2006-12-13 18:41 . 2011-02-11 02:28 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 409600 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 286720 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 249856 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 794624 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2006-12-13 18:41 . 2010-11-12 09:06 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2006-12-13 18:41 . 2011-02-11 02:28 135168 c:\windows\Installer\{91120409-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-07-18 03:21 . 2011-03-06 07:57 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-03-17 08:25 . 2011-03-23 22:04 2605056 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-10-22 15:45 . 2010-10-22 15:45 8444928 c:\windows\Installer\58762.msp
+ 2010-12-06 15:02 . 2010-12-06 15:02 5518848 c:\windows\Installer\58739.msp
+ 2011-01-17 16:06 . 2011-01-17 16:06 5518848 c:\windows\Installer\1241282.msp
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DeskSpace"="c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace .exe" [2011-07-12 39944]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2011-07-12 39944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2011-07-12 39940]
"VTTrayp"="VTtrayp.exe" [2011-07-12 39940]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-12 39940]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648]
"WireLessMouse "="c:\program files\Multimedia Combo Set\MouseDrv.exe" [N/A]
"WireLessKeyboard "="c:\program files\Multimedia Combo Set\PS2USBKbdDrv.exe" [N/A]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2011-07-12 39940]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-07-12 39940]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2011-07-12 39940]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-12 39940]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
.
c:\documents and settings\Lucia Rusnakova\Start Menu\Programs\Startup\
WKCALREM.LNK - c:\program files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-8-18 21504]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [N/A]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprecovr \SystemRoot\sprecovr.txt
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
R2 olMntrService;olMntrService;c:\program files\Olivetti\ANY_WAY\olMntrService.exe [2006-06-28 86016]
S2 AMService;AMService;c:\windows\TEMP\mqcdef\setup.exe run --> c:\windows\TEMP\mqcdef\setup.exe run [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-12-08 685816]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-02 c:\windows\Tasks\avast! Antivirus.job
- c:\progra~1\ALWILS~1\Avast4\ashAvast.exe [2010-04-17 09:59]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-01 08:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://213.151.230.2:2222/Ctl/WinWebPush.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\documents and settings\Lucia Rusnakova\Application Data\Mozilla\Firefox\Profiles\51uh23wh.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZCfox000&ptb=WZ.C8UZOr8WlmPSUpbO9eg&psa=&ind=2010081103&ptnrS=ZCfox000&si=&st=kwd&n=77cf674f&searchfor=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
.
.
------- File Associations -------
.
exefile="c:\documents and settings\NetworkService\Local Settings\Application Data\uja.exe" -a "%1" %*
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 10:58
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD600VE-07HDT0 rev.09.07D09 -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x84F1D439]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x84f237b8]; MOV EAX, [0x84f23834]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 nt!IofCallDriver[0x804E37C5] -> \Device\Harddisk0\DR0[0x84F8A6B0]
3 CLASSPNP[0xF7625FD7] -> nt!IofCallDriver[0x804E37C5] -> \Device\00000075[0x84F2E3B8]
5 ACPI[0xF75AC620] -> nt!IofCallDriver[0x804E37C5] -> [0x84F2ED98]
\Driver\atapi[0x84F95598] -> IRP_MJ_CREATE -> 0x84F1D439
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskWDC_WD600VE-07HDT0______________________09.07D09#5&349e391a&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\atapi DriverStartIo -> 0x84F1D27F
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c5,13,32,47,83,59,9a,4a,ab,a0,b8,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3860)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\slmdmsr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\VTtrayp.exe
c:\windows\system32\VTTimer.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager .exe
c:\program files\Common Files\Real\Update_OB\realsched .exe
c:\program files\Synaptics\SynTP\SynTPEnh .exe
c:\windows\system32\VTTimer .exe
c:\windows\system32\VTtrayp .exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
c:\documents and settings\Lucia Rusnakova\Desktop\3D_Cube_DeskSpace_v1.5.1\DeskSpace v1.5.1\deskspace.exe
.
**************************************************************************
.
Completion time: 2011-07-25 11:22:37 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-25 10:22
.
Pre-Run: 22,140,317,696 bytes free
Post-Run: 22,075,256,832 bytes free
.
- - End Of File - - 33EAED8438BBC3CBA0184BD7EB163E69
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavireny, pomaly pc
Ještě stáhněte a spusťte TDSSKiller: http://support.kaspersky.com/faq/?qid=208283363 . Postupujte podle kolegova návodu:
Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?