VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Koš,IE8 a jiné

https://forum.viry.cz:443/viewtopic.php?t=114993

Stránka 1 z 4

Koš,IE8 a jiné

Napsal: 29 srp 2011 18:23
od Miloš GR
Dobrý den potřeboval bych pomoci.
1) Nejde vysipat koš pořád v něm něco je i když je vlastně prázdný.
2) Nejde nainstalovat IE 8 .
3) vše co se týká internetu při startu nabízí stažení souboru index.html.

Za rady předem děkuji. Je to netbook a nemám zalohu Windows.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:01:06, on 29.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\MILOŠ-~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\cleanmgr.exe
E:\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0477262578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

--
End of file - 6430 bytes

Re: Koš,IE8 a jiné

Napsal: 29 srp 2011 19:06
od Rudy
Zdravím!
Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Je podrobnější, než HijackThis.

Re: Koš,IE8 a jiné

Napsal: 29 srp 2011 19:26
od Miloš GR
Zde je



Logfile of random's system information tool 1.09 (written by random/random)
Run by Miloš - Gruškovský at 2011-08-29 20:24:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (21%) free of 15 GB
Total RAM: 1012 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:32, on 29.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\DOCUME~1\MILOŠ-~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Opera\opera.exe
E:\RSIT.exe
C:\Program Files\trend micro\Miloš - Gruškovský.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 9&m=aoa110
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0477262578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

--
End of file - 6773 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc52ba8efd9a62.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-10-07 1961240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2010-10-07 187672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-15 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-07-17 53248]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-05-13 821768]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PLFSetL"=C:\WINDOWS\PLFSetL.exe [2007-07-05 94208]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-14 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-08-29 20:24:30 ----D---- C:\Program Files\trend micro
2011-08-29 20:24:28 ----D---- C:\rsit
2011-08-29 20:19:35 ----D---- C:\WINDOWS\LastGood
2011-08-29 18:33:46 ----D---- C:\Documents and Settings\Miloš - Gruškovský\Data aplikací\Opera
2011-08-29 18:32:54 ----D---- C:\Program Files\Opera
2011-08-27 18:22:53 ----D---- C:\Program Files\AVG
2011-08-27 17:52:58 ----A---- C:\WINDOWS\system32\SET53.tmp
2011-08-27 17:51:28 ----A---- C:\WINDOWS\system32\SET29.tmp
2011-08-27 17:49:10 ----A---- C:\WINDOWS\system32\SET111.tmp
2011-08-27 17:48:42 ----A---- C:\WINDOWS\system32\ieencode.dll
2011-08-27 17:48:09 ----N---- C:\WINDOWS\system32\SETE3.tmp
2011-08-24 17:00:11 ----HD---- C:\WINDOWS\$NtUninstallKB2570791$
2011-08-14 19:51:56 ----D---- C:\Program Files\Microsoft Silverlight
2011-08-10 11:21:45 ----HD---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-10 11:20:38 ----HD---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-10 11:20:34 ----HD---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-10 11:18:23 ----HD---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-10 11:18:19 ----HD---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-07 11:43:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2011-08-07 11:43:46 ----D---- C:\Program Files\Nokia

======List of files/folders modified in the last 1 month======

2011-08-10 11:26:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ffire;FlashFire; C:\WINDOWS\system32\DRIVERS\ffire.sys [2009-07-15 10624]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2010-06-04 1606368]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-14 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2008-07-07 96856]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 int15.sys;int15.sys; \??\c:\acernb\int15.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-10-05 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2008-04-14 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
S2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-04 136176]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Koš,IE8 a jiné

Napsal: 29 srp 2011 19:58
od Rudy
Ještě poprosím o log z comboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Koš,IE8 a jiné

Napsal: 29 srp 2011 21:37
od Miloš GR
Už to 20 min stojí na " DOKONČENA FÁZE 50"
píšu z jiného PC

Re: Koš,IE8 a jiné

Napsal: 29 srp 2011 21:49
od Rudy
Restartujte do nouz. režimu a proveďte sken tam.

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 19:03
od Miloš GR
Tady je log z comboFixu v nouzáku jako administrátor

ComboFix 11-08-30.02 - Administrator 30.08.2011 19:45:32.3.2 - FAT32x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1012.811 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\spooldr.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-30 )))))))))))))))))))))))))))))))
.
.
2011-08-30 17:43 . 2011-08-30 17:43 -------- d--h--w- c:\documents and settings\Administrator\Okolní tiskárny
2011-08-30 17:31 . 2011-08-30 17:31 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-08-29 18:24 . 2011-08-29 18:24 -------- d-----w- c:\program files\trend micro
2011-08-29 18:24 . 2011-08-29 18:24 -------- d-----w- C:\rsit
2011-08-29 16:33 . 2011-08-29 16:33 -------- d-----w- c:\documents and settings\Miloš - Gruškovský\Local Settings\Data aplikací\Opera
2011-08-29 16:32 . 2011-08-29 16:32 -------- d-----w- c:\program files\Opera
2011-08-27 16:22 . 2011-08-27 16:22 -------- d-----w- c:\program files\AVG
2011-08-27 15:52 . 2010-05-06 10:35 5950976 ----a-w- c:\windows\system32\SET53.tmp
2011-08-27 15:51 . 2009-03-08 02:41 5937152 ----a-w- c:\windows\system32\SET29.tmp
2011-08-27 15:49 . 2011-07-25 15:08 0 ----a-w- c:\windows\system32\SET111.tmp
2011-08-27 15:48 . 2008-04-14 02:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-08-27 15:48 . 2008-04-14 02:00 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-08-27 15:48 . 2011-07-25 15:08 5969920 ------w- c:\windows\system32\SETE3.tmp
2011-08-14 17:51 . 2011-08-14 17:51 -------- d-----w- c:\program files\Microsoft Silverlight
2011-08-07 09:43 . 2011-08-07 09:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2011-08-07 09:43 . 2011-08-07 09:43 -------- d-----w- c:\program files\Nokia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-19 08:57 . 2011-07-08 18:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29 . 2008-11-29 22:32 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-11-29 22:32 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-11-29 22:45 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-20 17:44 . 2008-11-29 22:32 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2008-11-29 22:32 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 02:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 02:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2011-07-25 . DC78DD5119D2E3E446A51D399D171F85 . 5969920 . . [8.00.6001.19120] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3GDR\mshtml.dll
[-] 2011-07-25 15:08 . D41D8CD98F00B204E9800998ECF8427E . 0 . . [------] . . c:\windows\system32\mshtml.dll
[-] 2011-07-25 . 00533384F69D30E334BD7FD0260FC95C . 5971456 . . [8.00.6001.23216] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3QFE\mshtml.dll
[-] 2011-05-30 . 878F729E235273AAF7EE57AD15679F15 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . A5DF4911593299C09D92BFA3E7096F68 . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2010-12-20 . F41F8D25A9EC6BC64B4F081DD4AC3C7F . 5961216 . . [8.00.6001.19019] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3GDR\mshtml.dll
[-] 2010-12-20 . 0EB055A6E68E1855AB0AA90CDBEDBA6C . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-12-20 . 0EB055A6E68E1855AB0AA90CDBEDBA6C . 5962240 . . [8.00.6001.23111] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3QFE\mshtml.dll
[-] 2010-11-05 . 8C0B4A6F4E9C323937F44BC252747FD1 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-09-10 . 84BF75E7A417C4F176AEC0B4E46C104E . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . C082E5EC8E50C92E23E3464EF7F05410 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\mshtml.dll
[-] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\mshtml.dll
[-] 2010-05-04 . A85A3A10CA88BD7861D1859183559ED5 . 3603456 . . [7.00.6000.21264] . . c:\windows\SoftwareDistribution\Download\967400745e0f1368e840bceb1b716723\sp3qfe\mshtml.dll
[-] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie7\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\system32\dllcache\mshtml.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2011-06-23 . 75C5FD1701D8A060F42160C5FDD7ED23 . 916480 . . [8.00.6001.19098] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3GDR\wininet.dll
[-] 2011-06-23 . 279B74EC9E9AC6B42344BABB9995EC41 . 919552 . . [8.00.6001.23192] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3QFE\wininet.dll
[-] 2011-04-25 . 081237E3BE3EA0AF3B7A77F7578B7831 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 193372CF2538E1943580C416D6DE925B . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2010-12-20 . 62709A317843B4A64C39A94354847E90 . 916480 . . [8.00.6001.19019] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3GDR\wininet.dll
[-] 2010-12-20 . 0EA9F77AAE38F90904E926BB73BF6D00 . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-12-20 . 0EA9F77AAE38F90904E926BB73BF6D00 . 919552 . . [8.00.6001.23111] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3QFE\wininet.dll
[-] 2010-11-05 . 8E5E22429507F8CF2F7B7D4F361F2827 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-09-10 . 1B2338967DABAA1B65415D355105D743 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D2B5FCDB99A3321C1B9B8A12A6D56AD8 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\wininet.dll
[-] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\wininet.dll
[-] 2010-05-04 . 3D4713D326A245AAE068E7148C08AA77 . 841216 . . [7.00.6000.21256] . . c:\windows\SoftwareDistribution\Download\967400745e0f1368e840bceb1b716723\sp3qfe\wininet.dll
[-] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ie7\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\system32\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\system32\dllcache\wininet.dll
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\SoftwareDistribution\Download\0469960d85c902da290eaeb975ff5520\sp3gdr\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\SoftwareDistribution\Download\0469960d85c902da290eaeb975ff5520\sp3qfe\shsvcs.dll
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\AGP440.SYS
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 02:00 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 3BDF4E6E7BAA918AAA1670B7EBA505A3 . 2029056 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3GDR\ntkrnlpa.exe
[-] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
.
[-] 2008-04-14 02:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 02:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 02:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 02:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . c:\windows\SoftwareDistribution\Download\967400745e0f1368e840bceb1b716723\sp3qfe\iexplore.exe
[-] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\ie7\iexplore.exe
[-] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\system32\dllcache\iexplore.exe
.
[-] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3GDR\ntoskrnl.exe
[-] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-12-09 . EB4B6B42932C180632A2C2C43F23B84C . 2150912 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}"= "c:\program files\Seznam.cz\listicka.dll" [2010-10-07 1961240]
.
[HKEY_CLASSES_ROOT\clsid\{34ab3c4c-da1a-4067-96f4-31452c7cfe65}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-15 16862720]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-13 821768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-11-30 114688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 ffire;FlashFire;c:\windows\system32\drivers\ffire.sys [15.7.2009 20:39 10624]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [30.11.2008 1:09 96856]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.6.2011 15:10 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.6.2011 15:10 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.6.2009 16:47 136704]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc52ba8efd9a62.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 13:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=0&o=xph&d=0409&m=aoa110
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=0&o=xph&d=0409&m=aoa110
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-HijackThis - E:\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-30 19:53
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILOc:\docume~1\MILO
c:\windows\TEMP\MPInstrumentation\SaLZGN4p.-dc 170885120 bytes
c:\windows\TEMP\MPInstrumentation\960
c:\windows\TEMP\MPInstrumentation\
c:\windows\TEMP\MPInstrumentation\ftxt_ver.
c:\windows\TEMP\MPInstrumentation\kC1azS9t.e5x 171327488 bytes
c:\windows\TEMP\MPInstrumentation\23687456.00
c:\windows\TEMP\MPInstrumentation\0141615
c:\windows\TEMP\MPInstrumentation\AAAAAAAA.AAA 1094803456 bytes
c:\windows\TEMP\MPInstrumentation\aa=
c:\windows\TEMP\MPInstrumentation\0215038
c:\documents and settings\Administrator\Data aplikací\Opera\Opera\styles\Ó   vk 1204224 bytes
c:\documents and settings\Administrator\Data aplikací\Opera\Opera\styles\c:\documents and settings\Administrator\Data aplikací\Opera\Opera\styles\ 8192 bytes
c:\documents and settings\Administrator\Data aplikací\Opera\Opera\styles\c:\documents and settings\Administrator\Data aplikací\Opera\Opera\styles\     0 bytes
.
sken byl úspešně dokončen
skryté soubory: 196
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2664)
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2011-08-30 20:00:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-30 18:00
.
Před spuštěním: 3 270 598 656
Po spuštění: 3 190 161 408
.
- - End Of File - - C765FA228AF4BD69A799B527E025F572

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 19:27
od Rudy
Ještě dočistíme Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\system32\SET53.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET111.tmp
c:\windows\system32\SETE3.tmp
c:\docume~1\MILO

Folder::
c:\windows\TEMP\MPInstrumentation
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 19:51
od Miloš GR
To jsem udělal spustil se ComboFix a ptá se na aktualizaci nové verze ? Ano/Ne

Dal jsem Ne
Po restartu pc v CF se objevila hláška:
C:\ComboFix\hidec.3XE není platná aplikace typu Win32. a čeká

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 20:06
od Rudy
Pokud používáte dnes stažený, pak to nevadí. Dejte log z posledního skenu.

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 20:08
od Miloš GR
CF ten z vašeho odkazu víše.
Poslední sken není dokončen viz: Po restartu pc v CF se objevila hláška:
C:\ComboFix\hidec.3XE není platná aplikace typu Win32. a čeká.

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 20:50
od Rudy
Zkuste sken spustit v nouz. režimu.

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 21:17
od Miloš GR
No tak to asi taky nedopadne neboť s tímhle CFScript.txt. to spustit nejde a samotný CF se před dokončením zastavilo a PC dalo hlášku "Systém Windows je spuštěn v nouzovém režimu. BLA BLA... Pokračovat v nouz.rež. Ano/Ne

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 21:32
od Miloš GR
Tak nakonec jsem něco dostal taky se CF spojoval se servrem????
A zustalo PC v nouzáku.?

ComboFix 11-08-30.02 - Administrator 30.08.2011 22:00:08.5.2 - FAT32x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1012.812 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\system32\spooldr.sys
c:\windows\TEMP\MPInstrumentation\0141615
c:\windows\TEMP\MPInstrumentation\aa=
c:\windows\TEMP\MPInstrumentation\ftxt_ver.
c:\windows\TEMP\MPInstrumentation\kC1azS9t.e5x
c:\windows\TEMP\MPInstrumentation\SaLZGN4p.-dc
c:\windows\TEMP\MPInstrumentation\AAAAAAAA.AAA . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-30 )))))))))))))))))))))))))))))))
.
.
2011-08-30 19:56 . 2011-08-30 19:56 -------- d-----w- C:\32788R22FWJFW
2011-08-30 18:24 . 2011-08-30 18:24 -------- d--h--w- c:\windows\ie8
2011-08-30 18:14 . 2008-04-14 02:00 343552 ----a-w- c:\windows\system32\mspaint.exe
2011-08-30 18:14 . 2008-04-14 02:00 343552 ----a-w- c:\windows\system32\dllcache\mspaint.exe
2011-08-30 18:14 . 2008-04-14 02:00 114688 ----a-w- c:\windows\system32\dllcache\calc.exe
2011-08-30 18:14 . 2008-04-14 02:00 114688 ----a-w- c:\windows\system32\calc.exe
2011-08-30 17:43 . 2011-08-30 17:43 -------- d--h--w- c:\documents and settings\Administrator\Okolní tiskárny
2011-08-30 17:31 . 2011-08-30 17:31 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-08-29 18:24 . 2011-08-29 18:24 -------- d-----w- c:\program files\trend micro
2011-08-29 18:24 . 2011-08-29 18:24 -------- d-----w- C:\rsit
2011-08-29 16:33 . 2011-08-29 16:33 -------- d-----w- c:\documents and settings\Miloš - Gruškovský\Local Settings\Data aplikací\Opera
2011-08-29 16:32 . 2011-08-29 16:32 -------- d-----w- c:\program files\Opera
2011-08-27 16:22 . 2011-08-27 16:22 -------- d-----w- c:\program files\AVG
2011-08-27 15:52 . 2010-05-06 10:35 5950976 ----a-w- c:\windows\system32\SET53.tmp
2011-08-27 15:51 . 2009-03-08 02:41 5937152 ----a-w- c:\windows\system32\SET29.tmp
2011-08-27 15:49 . 2011-07-25 15:08 0 ----a-w- c:\windows\system32\SET111.tmp
2011-08-27 15:48 . 2011-07-25 15:08 5969920 ------w- c:\windows\system32\SETE3.tmp
2011-08-14 17:51 . 2011-08-14 17:51 -------- d-----w- c:\program files\Microsoft Silverlight
2011-08-07 09:43 . 2011-08-07 09:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2011-08-07 09:43 . 2011-08-07 09:43 -------- d-----w- c:\program files\Nokia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-19 08:57 . 2011-07-08 18:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-15 13:29 . 2008-11-29 22:32 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-11-29 22:32 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-11-29 22:45 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2008-11-29 22:32 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2008-11-29 22:32 43520 ------w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2008-11-29 22:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2008-11-29 22:32 385024 ------w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2008-11-29 22:32 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2008-11-29 22:32 1858944 ----a-w- c:\windows\system32\win32k.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
.
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\ReinstallBackups\0013\DriverFiles\i386\kbdclass.sys
.
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
.
[-] 2008-04-14 02:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 02:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
.
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
.
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
.
[-] 2011-07-25 . DC78DD5119D2E3E446A51D399D171F85 . 5969920 . . [8.00.6001.19120] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3GDR\mshtml.dll
[-] 2011-07-25 . DC78DD5119D2E3E446A51D399D171F85 . 5969920 . . [8.00.6001.19120] . . c:\windows\system32\mshtml.dll
[-] 2011-07-25 . DC78DD5119D2E3E446A51D399D171F85 . 5969920 . . [8.00.6001.19120] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2011-07-25 . 00533384F69D30E334BD7FD0260FC95C . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . 00533384F69D30E334BD7FD0260FC95C . 5971456 . . [8.00.6001.23216] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3QFE\mshtml.dll
[-] 2011-05-30 . 878F729E235273AAF7EE57AD15679F15 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-02-22 . A5DF4911593299C09D92BFA3E7096F68 . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll
[-] 2010-12-20 . F41F8D25A9EC6BC64B4F081DD4AC3C7F . 5961216 . . [8.00.6001.19019] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3GDR\mshtml.dll
[-] 2010-12-20 . 0EB055A6E68E1855AB0AA90CDBEDBA6C . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll
[-] 2010-12-20 . 0EB055A6E68E1855AB0AA90CDBEDBA6C . 5962240 . . [8.00.6001.23111] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3QFE\mshtml.dll
[-] 2010-11-05 . 8C0B4A6F4E9C323937F44BC252747FD1 . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll
[-] 2010-09-10 . 84BF75E7A417C4F176AEC0B4E46C104E . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll
[-] 2010-06-24 . C082E5EC8E50C92E23E3464EF7F05410 . 5954560 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\mshtml.dll
[-] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\mshtml.dll
[-] 2010-05-04 . A85A3A10CA88BD7861D1859183559ED5 . 3603456 . . [7.00.6000.21264] . . c:\windows\SoftwareDistribution\Download\967400745e0f1368e840bceb1b716723\sp3qfe\mshtml.dll
[-] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[-] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[-] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[-] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie7\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie8\mshtml.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
.
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 39EE7C3BFBC64BA87CC8CF67386E814C . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
.
[-] 2011-06-23 . 75C5FD1701D8A060F42160C5FDD7ED23 . 916480 . . [8.00.6001.19098] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3GDR\wininet.dll
[-] 2011-06-23 . 75C5FD1701D8A060F42160C5FDD7ED23 . 916480 . . [8.00.6001.19098] . . c:\windows\system32\wininet.dll
[-] 2011-06-23 . 75C5FD1701D8A060F42160C5FDD7ED23 . 916480 . . [8.00.6001.19098] . . c:\windows\system32\dllcache\wininet.dll
[-] 2011-06-23 . 279B74EC9E9AC6B42344BABB9995EC41 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . 279B74EC9E9AC6B42344BABB9995EC41 . 919552 . . [8.00.6001.23192] . . c:\windows\SoftwareDistribution\Download\9390c46ed0bc99403e4d73710746cfb2\SP3QFE\wininet.dll
[-] 2011-04-25 . 081237E3BE3EA0AF3B7A77F7578B7831 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-02-22 . 193372CF2538E1943580C416D6DE925B . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll
[-] 2010-12-20 . 62709A317843B4A64C39A94354847E90 . 916480 . . [8.00.6001.19019] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3GDR\wininet.dll
[-] 2010-12-20 . 0EA9F77AAE38F90904E926BB73BF6D00 . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll
[-] 2010-12-20 . 0EA9F77AAE38F90904E926BB73BF6D00 . 919552 . . [8.00.6001.23111] . . c:\windows\SoftwareDistribution\Download\6d7ada7fa3b2931704cf8441b4306c80\SP3QFE\wininet.dll
[-] 2010-11-05 . 8E5E22429507F8CF2F7B7D4F361F2827 . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll
[-] 2010-09-10 . 1B2338967DABAA1B65415D355105D743 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll
[-] 2010-06-24 . D2B5FCDB99A3321C1B9B8A12A6D56AD8 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\wininet.dll
[-] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\wininet.dll
[-] 2010-05-04 . 3D4713D326A245AAE068E7148C08AA77 . 841216 . . [7.00.6000.21256] . . c:\windows\SoftwareDistribution\Download\967400745e0f1368e840bceb1b716723\sp3qfe\wininet.dll
[-] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ie7\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie8\wininet.dll
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\ksuser.dll
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\SoftwareDistribution\Download\0469960d85c902da290eaeb975ff5520\sp3gdr\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . EE9A2B9EA968A792A053C9D1A86BF870 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2009-07-27 . 54A6BF743E0517528A5064CEAEB40EA7 . 135168 . . [6.00.2900.5853] . . c:\windows\SoftwareDistribution\Download\0469960d85c902da290eaeb975ff5520\sp3qfe\shsvcs.dll
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\AGP440.SYS
.
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
.
[-] 2008-04-14 02:00 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 3BDF4E6E7BAA918AAA1670B7EBA505A3 . 2029056 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3GDR\ntkrnlpa.exe
[-] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
.
[-] 2008-04-14 02:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 02:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
.
[-] 2008-04-14 02:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 02:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
[-] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\12a74340a66b7d58c4c319d3d76434da\SP3GDR\ntoskrnl.exe
[-] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-12-09 . EB4B6B42932C180632A2C2C43F23B84C . 2150912 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rasadhlp.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-08-30_17.53.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-29 22:32 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll
+ 2008-11-29 22:32 . 2011-08-30 18:15 73386 c:\windows\system32\perfc009.dat
- 2008-11-29 22:32 . 2011-08-10 09:26 73386 c:\windows\system32\perfc009.dat
+ 2008-11-29 22:32 . 2011-08-30 18:15 85252 c:\windows\system32\perfc005.dat
- 2008-11-29 22:32 . 2011-08-10 09:26 85252 c:\windows\system32\perfc005.dat
+ 2008-11-29 22:32 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll
- 2008-11-29 22:32 . 2007-08-13 07:01 48128 c:\windows\system32\mshtmler.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 66560 c:\windows\system32\mshtmled.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe
- 2008-11-29 22:32 . 2007-08-13 07:32 45568 c:\windows\system32\mshta.exe
+ 2007-08-13 07:36 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe
+ 2007-08-13 07:54 . 2011-06-23 18:31 55296 c:\windows\system32\msfeedsbs.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 25600 c:\windows\system32\jsproxy.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll
+ 2007-08-13 07:36 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll
- 2008-11-29 22:32 . 2007-08-13 07:01 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2008-11-29 22:32 . 2007-08-13 07:32 45568 c:\windows\system32\dllcache\mshta.exe
+ 2008-11-29 22:32 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe
+ 2008-11-29 22:32 . 2011-06-23 18:31 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll
+ 2008-11-29 22:47 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll
+ 2011-08-30 18:28 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2011-08-30 18:28 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2011-08-30 18:28 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 12800 c:\windows\ie8updates\KB2559049-IE8\xpshims.dll
+ 2011-08-30 18:29 . 2009-03-08 02:31 66560 c:\windows\ie8updates\KB2559049-IE8\mshtmled.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 55296 c:\windows\ie8updates\KB2559049-IE8\msfeedsbs.dll
+ 2011-08-30 18:29 . 2009-03-08 02:34 43008 c:\windows\ie8updates\KB2559049-IE8\licmgr10.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 25600 c:\windows\ie8updates\KB2559049-IE8\jsproxy.dll
+ 2011-08-30 18:24 . 2009-03-08 14:57 58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2011-08-30 18:24 . 2007-08-13 07:36 44544 c:\windows\ie8\pngfilt.dll
+ 2011-08-30 18:24 . 2007-08-13 07:01 48128 c:\windows\ie8\mshtmler.dll
+ 2011-08-30 18:24 . 2007-08-13 07:32 45568 c:\windows\ie8\mshta.exe
+ 2011-08-30 18:24 . 2007-08-13 07:36 12288 c:\windows\ie8\msfeedssync.exe
+ 2011-08-30 18:24 . 2007-08-13 07:54 50688 c:\windows\ie8\msfeedsbs.dll
+ 2011-08-30 18:24 . 2007-08-13 07:44 40960 c:\windows\ie8\licmgr10.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 27136 c:\windows\ie8\jsproxy.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 92672 c:\windows\ie8\inseng.dll
+ 2011-08-30 18:24 . 2007-08-13 07:36 36352 c:\windows\ie8\imgutil.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 55296 c:\windows\ie8\iesetup.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 43008 c:\windows\ie8\iernonce.dll
+ 2011-08-30 18:24 . 2008-04-14 02:00 81920 c:\windows\ie8\ieencode.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 54784 c:\windows\ie8\ie4uinit.exe
+ 2011-08-30 18:24 . 2007-08-13 07:36 61952 c:\windows\ie8\icardie.dll
+ 2011-08-30 18:24 . 2007-08-13 07:18 60416 c:\windows\ie8\hmmapi.dll
+ 2011-08-30 18:24 . 2008-04-14 02:00 35328 c:\windows\ie8\corpol.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 71680 c:\windows\ie8\admparse.dll
+ 2011-08-30 18:29 . 2009-03-08 02:35 2048 c:\windows\ie8updates\KB2447568-IE8\iecompat.dll
+ 2007-08-13 07:45 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2008-11-29 22:32 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 420352 c:\windows\system32\vbscript.dll
- 2008-11-29 22:32 . 2007-08-13 07:44 105984 c:\windows\system32\url.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 105984 c:\windows\system32\url.dll
+ 2008-11-29 22:32 . 2011-08-30 18:15 446180 c:\windows\system32\perfh009.dat
- 2008-11-29 22:32 . 2011-08-10 09:26 446180 c:\windows\system32\perfh009.dat
+ 2008-11-29 22:32 . 2011-08-30 18:15 443120 c:\windows\system32\perfh005.dat
- 2008-11-29 22:32 . 2011-08-10 09:26 443120 c:\windows\system32\perfh005.dat
+ 2008-11-29 22:32 . 2011-06-23 18:31 206848 c:\windows\system32\occache.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 611840 c:\windows\system32\mstime.dll
+ 2008-11-29 22:32 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll
- 2008-11-29 22:32 . 2007-08-13 07:54 156160 c:\windows\system32\msls31.dll
+ 2008-11-29 22:32 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll
+ 2007-08-13 07:54 . 2011-06-23 18:31 602112 c:\windows\system32\msfeeds.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll
+ 2007-08-13 07:54 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 184320 c:\windows\system32\iepeers.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 387584 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 01:27 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll
- 2008-11-29 22:32 . 2007-08-13 07:39 229376 c:\windows\system32\ieaksie.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll
+ 2008-11-29 22:32 . 2011-06-23 12:05 173568 c:\windows\system32\ie4uinit.exe
+ 2008-11-29 22:32 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll
+ 2008-11-29 22:32 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2008-11-29 22:47 . 2009-03-08 02:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 420352 c:\windows\system32\dllcache\vbscript.dll
- 2008-11-29 22:32 . 2007-08-13 07:44 105984 c:\windows\system32\dllcache\url.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 105984 c:\windows\system32\dllcache\url.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 206848 c:\windows\system32\dllcache\occache.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 611840 c:\windows\system32\dllcache\mstime.dll
+ 2008-11-29 22:32 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll
- 2008-11-29 22:32 . 2007-08-13 07:54 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-11-29 22:32 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-11-29 22:47 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2008-11-29 22:32 . 2011-06-23 18:31 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll
- 2008-11-29 22:32 . 2007-08-13 07:39 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-11-29 22:32 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-11-29 22:32 . 2011-06-23 12:05 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-11-29 22:32 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2008-11-29 22:32 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll
+ 2008-11-29 22:32 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll
+ 2011-08-30 18:26 . 2007-08-13 07:39 123904 c:\windows\msdownld.tmp\AS1ECC18.tmp\advpack.dll
+ 2011-08-30 18:28 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2011-08-30 18:28 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2011-08-30 18:28 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2011-08-30 18:28 . 2009-03-08 02:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2011-08-30 18:28 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2011-08-30 18:28 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2011-08-30 18:28 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2011-08-30 18:28 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2011-08-30 18:28 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2011-08-30 18:28 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2011-08-30 18:29 . 2009-03-08 02:34 105984 c:\windows\ie8updates\KB2559049-IE8\url.dll
+ 2011-08-30 18:29 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2559049-IE8\spuninst\updspapi.dll
+ 2011-08-30 18:29 . 2010-02-22 14:21 233848 c:\windows\ie8updates\KB2559049-IE8\spuninst\spuninst.exe
+ 2011-08-30 18:29 . 2010-05-06 10:35 206848 c:\windows\ie8updates\KB2559049-IE8\occache.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 611840 c:\windows\ie8updates\KB2559049-IE8\mstime.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 599040 c:\windows\ie8updates\KB2559049-IE8\msfeeds.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 247808 c:\windows\ie8updates\KB2559049-IE8\ieproxy.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 184320 c:\windows\ie8updates\KB2559049-IE8\iepeers.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 743424 c:\windows\ie8updates\KB2559049-IE8\iedvtool.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 387584 c:\windows\ie8updates\KB2559049-IE8\iedkcs32.dll
+ 2011-08-30 18:29 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2559049-IE8\ie4uinit.exe
+ 2011-08-30 18:29 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2447568-IE8\spuninst\updspapi.dll
+ 2011-08-30 18:29 . 2010-02-22 14:21 233848 c:\windows\ie8updates\KB2447568-IE8\spuninst\spuninst.exe
+ 2011-08-30 18:24 . 2007-08-13 07:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2011-08-30 18:24 . 2007-08-13 07:54 231424 c:\windows\ie8\webcheck.dll
+ 2011-08-30 18:24 . 2011-04-30 08:50 766464 c:\windows\ie8\vgx.dll
+ 2011-08-30 18:24 . 2011-03-04 06:43 434176 c:\windows\ie8\vbscript.dll
+ 2011-08-30 18:24 . 2007-08-13 07:44 105984 c:\windows\ie8\url.dll
+ 2011-08-30 18:24 . 2009-01-07 16:20 390688 c:\windows\ie8\spuninst\updspapi.dll
+ 2011-08-30 18:24 . 2009-01-07 16:20 234016 c:\windows\ie8\spuninst\spuninst.exe
+ 2011-08-30 18:24 . 2006-09-06 06:42 215776 c:\windows\ie8\spuninst.exe
+ 2011-08-30 18:24 . 2007-08-13 07:44 101376 c:\windows\ie8\occache.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 670720 c:\windows\ie8\mstime.dll
+ 2011-08-30 18:24 . 2007-08-13 07:44 192000 c:\windows\ie8\msrating.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 156160 c:\windows\ie8\msls31.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 475648 c:\windows\ie8\mshtmled.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 458752 c:\windows\ie8\msfeeds.dll
+ 2011-08-30 18:24 . 2011-03-04 06:43 512000 c:\windows\ie8\jscript.dll
+ 2011-08-30 18:24 . 2007-08-13 07:43 622080 c:\windows\ie8\iexplore.exe
+ 2011-08-30 18:24 . 2007-08-13 07:54 180736 c:\windows\ie8\ieui.dll
+ 2011-08-30 18:24 . 2007-08-13 07:34 266752 c:\windows\ie8\iertutil.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 287744 c:\windows\ie8\ieproxy.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 191488 c:\windows\ie8\iepeers.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 382976 c:\windows\ie8\iedkcs32.dll
+ 2011-08-30 18:24 . 2007-07-11 01:27 383488 c:\windows\ie8\ieapfltr.dll
+ 2011-08-30 18:24 . 2007-08-13 06:56 161792 c:\windows\ie8\ieakui.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 229376 c:\windows\ie8\ieaksie.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 152064 c:\windows\ie8\ieakeng.dll
+ 2011-08-30 18:24 . 2007-08-13 07:35 214528 c:\windows\ie8\dxtrans.dll
+ 2011-08-30 18:24 . 2007-08-13 07:35 346624 c:\windows\ie8\dxtmsft.dll
+ 2011-08-30 18:24 . 2007-08-13 07:39 123904 c:\windows\ie8\advpack.dll
+ 2008-11-29 22:32 . 2011-06-23 18:31 1212416 c:\windows\system32\urlmon.dll
+ 2007-08-13 07:34 . 2011-06-23 18:31 1991680 c:\windows\system32\iertutil.dll
+ 2007-02-12 05:10 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2008-11-29 22:32 . 2011-06-23 18:31 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2011-08-30 18:26 . 2010-10-07 13:54 2042904 c:\windows\msdownld.tmp\AS1ECC18.tmp\listicka-ie-2.4.15-IE_5.exe
+ 2011-08-30 18:28 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2011-08-30 18:28 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 1209344 c:\windows\ie8updates\KB2559049-IE8\urlmon.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 1985536 c:\windows\ie8updates\KB2559049-IE8\iertutil.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 1162240 c:\windows\ie8\urlmon.dll
+ 2011-08-30 18:24 . 2007-08-13 07:54 6049280 c:\windows\ie8\ieframe.dll
+ 2011-08-30 18:24 . 2007-02-12 05:10 2451312 c:\windows\ie8\ieapfltr.dat
+ 2007-08-13 07:54 . 2011-06-23 18:31 11081728 c:\windows\system32\ieframe.dll
+ 2011-08-30 18:28 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2011-08-30 18:29 . 2010-05-06 10:35 11076096 c:\windows\ie8updates\KB2559049-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-07 187672]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-15 16862720]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-05-13 821768]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-11-30 114688]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R0 ffire;FlashFire;c:\windows\system32\drivers\ffire.sys [15.7.2009 20:39 10624]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.6.2011 15:10 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.6.2011 15:10 136176]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [30.11.2008 1:09 96856]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.6.2009 16:47 136704]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc52ba8efd9a62.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-04 13:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://global.acer.com
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.20
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-30 22:05
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-08-30 22:09:26
ComboFix-quarantined-files.txt 2011-08-30 20:09
ComboFix2.txt 2011-08-30 18:00
.
Před spuštěním: 2 602 631 168
Po spuštění: 2 587 058 176
.
- - End Of File - - B0B570158416E39E7B2EB676EA5CAA72

Re: Koš,IE8 a jiné

Napsal: 30 srp 2011 21:55
od Rudy
CF opravdu mazal, i když se nedokončil. To spojení vzniká po zadání příkazu Collect:: a odesílá vzorky mazaných souborů autorovi, který pak podle nich provádí update utilty. Restartujte do normálního režimu a sdělte, zda se něco změnilo.
Všechny časy jsou v UTC+01:00
Stránka 1 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz