VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu pomale PC

https://forum.viry.cz:443/viewtopic.php?t=96687

Stránka 1 z 1

prosim o kontrolu logu pomale PC

Napsal: 24 led 2010 15:08
od duso
Zdravim vas pani prosim o kontrolu logu pomale PC.napr..pripojim nejake usb kluc nebo Hdd. vihodi mi vyrus trojsky kon autostart nevim co to je za vyrus.


pridavam log z COMBOFIX

Kód: Vybrat vše

ComboFix 10-01-23.06 - PC 24.01.2010  14:51:08.4.2 - x86
Systém Microsoft Windows XP Professional  5.1.2600.3.1250.421.1033.18.3071.2437 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100124-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1630604388-1032981890-1113083864-1000
c:\$recycle.bin\S-1-5-21-4040263688-4082959443-190435821-1000

.
(((((((((((((((((((((((((   Files Created from 2009-12-24 to 2010-01-24  )))))))))))))))))))))))))))))))
.

2010-01-20 19:07 . 2010-01-24 13:49	--------	d-----w-	c:\documents and settings\PC\Application Data\Skype
2010-01-20 19:06 . 2010-01-20 19:07	--------	d-----w-	c:\program files\Skype
2010-01-20 19:06 . 2010-01-20 19:06	--------	d-----w-	c:\program files\Common Files\Skype
2010-01-18 21:15 . 2010-01-18 21:15	--------	d-----w-	c:\program files\Codemasters
2010-01-16 10:04 . 2010-01-16 10:05	--------	d-----w-	c:\program files\NVIDIA Corporation
2010-01-16 09:59 . 2010-01-16 09:59	664	----a-w-	c:\windows\system32\d3d9caps.dat
2010-01-16 09:50 . 2010-01-16 09:50	--------	d-----w-	c:\program files\SystemRequirementsLab
2010-01-16 09:50 . 2010-01-16 09:50	290816	----a-w-	c:\documents and settings\PC\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll
2010-01-16 09:50 . 2010-01-16 09:50	290816	----a-w-	c:\documents and settings\PC\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll
2010-01-16 09:50 . 2010-01-16 09:50	290816	----a-w-	c:\documents and settings\PC\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll
2010-01-16 09:50 . 2010-01-16 09:50	290816	----a-w-	c:\documents and settings\PC\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll
2010-01-16 09:50 . 2010-01-16 09:50	--------	d-----w-	c:\documents and settings\PC\Application Data\SystemRequirementsLab
2010-01-16 09:50 . 2010-01-16 09:50	--------	d-----w-	c:\windows\Sun
2010-01-16 09:35 . 2010-01-16 09:35	--------	d-----w-	c:\windows\system32\wbem\Repository
2010-01-13 19:15 . 2010-01-13 19:16	--------	d-----w-	c:\program files\pc-translator 2007
2010-01-13 14:06 . 2009-11-21 15:51	471552	-c----w-	c:\windows\system32\dllcache\aclayers.dll
2010-01-10 17:01 . 2010-01-23 16:43	--------	d-----w-	c:\program files\JDownloader
2010-01-09 19:10 . 2010-01-09 19:10	--------	d-----w-	c:\documents and settings\PC\Local Settings\Application Data\SEGA
2010-01-09 19:07 . 2010-01-09 19:07	--------	d-----w-	c:\program files\SEGA
2010-01-06 16:29 . 2010-01-06 16:29	--------	d-----w-	c:\documents and settings\All Users\Application Data\Clarus
2010-01-06 16:26 . 2010-01-06 16:26	--------	d-----w-	c:\program files\Clarus
2010-01-06 11:35 . 2010-01-10 20:39	--------	d-----w-	C:\Boot
2010-01-05 15:31 . 2010-01-05 16:06	--------	d-----w-	c:\documents and settings\PC\Local Settings\Application Data\Ubisoft
2010-01-05 15:26 . 2010-01-05 15:26	--------	d-----w-	c:\documents and settings\All Users\Application Data\Ubisoft
2010-01-05 11:31 . 2010-01-05 11:31	--------	d-----w-	c:\documents and settings\PC\Local Settings\Application Data\PCHealth
2010-01-04 13:02 . 2010-01-04 13:02	--------	d-----w-	c:\program files\EA GAMES
2010-01-04 12:54 . 2004-07-09 03:26	47104	-c--a-w-	c:\windows\system32\dllcache\wstdecod.dll
2010-01-02 23:33 . 2010-01-02 23:58	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-01-01 13:11 . 2010-01-24 13:44	377648	----a-w-	c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-29 22:46 . 2009-12-29 22:46	--------	d-----w-	c:\program files\Common Files\eSellerate
2009-12-29 22:45 . 2009-12-29 22:45	--------	d-----w-	c:\program files\NewBlue
2009-12-29 20:26 . 2009-12-29 20:26	58664	----a-r-	c:\documents and settings\PC\Application Data\Microsoft\Installer\{67330878-0617-41A9-A3B0-B5298E89E7BC}\ARPPRODUCTICON.exe
2009-12-29 19:54 . 2009-12-29 20:12	--------	d-----w-	c:\program files\proDAD
2009-12-29 19:20 . 2009-12-29 19:20	--------	d-----w-	c:\program files\LooksBuilderSE
2009-12-29 19:19 . 2009-12-29 19:19	29926	----a-r-	c:\documents and settings\PC\Application Data\Microsoft\Installer\{6DE721A5-5E89-4D74-994C-652BB3C0672E}\ARPPRODUCTICON.exe
2009-12-29 19:14 . 2009-12-29 19:14	--------	d-----w-	c:\program files\Common Files\Pegasus Imaging
2009-12-29 19:14 . 2009-12-29 19:14	--------	d-----w-	c:\program files\Common Files\Yahoo!
2009-12-29 19:14 . 2009-12-29 19:14	--------	d-----w-	c:\documents and settings\All Users\Application Data\Studio 14
2009-12-29 19:14 . 2009-12-29 19:14	--------	d-----w-	c:\documents and settings\All Users\Application Data\Pinnacle Studio Plus
2009-12-29 19:12 . 2009-12-29 19:19	--------	d-----w-	c:\program files\Pinnacle
2009-12-28 21:06 . 2010-01-13 14:30	--------	d-----w-	c:\documents and settings\PC\Application Data\Nero
2009-12-28 20:38 . 2009-12-28 20:45	--------	d-----w-	c:\program files\Nero
2009-12-28 20:38 . 2009-12-28 20:45	--------	d-----w-	c:\program files\Common Files\Nero
2009-12-28 19:34 . 2009-12-28 19:46	--------	d-----w-	c:\program files\Windows Sidebar
2009-12-28 18:19 . 2009-12-28 18:19	--------	d-----w-	c:\documents and settings\NeroMediaHomeUser.4.OBYVACKA\Application Data\Nero
2009-12-28 17:06 . 2009-12-28 17:06	--------	d-----w-	c:\documents and settings\PC\Local Settings\Application Data\Nero_AG
2009-12-28 17:05 . 2009-12-28 19:16	--------	d-----w-	c:\documents and settings\PC\Local Settings\Application Data\Nero
2009-12-28 17:04 . 2010-01-16 09:36	--------	d-----w-	c:\documents and settings\NeroMediaHomeUser.4
2009-12-27 13:11 . 2009-12-27 13:11	22328	------w-	c:\windows\system32\drivers\PnkBstrK.sys
2009-12-27 13:11 . 2009-12-27 13:11	22328	----a-w-	c:\documents and settings\PC\Application Data\PnkBstrK.sys
2009-12-27 13:11 . 2009-12-27 13:11	107832	------w-	c:\windows\system32\PnkBstrB.exe
2009-12-27 13:11 . 2009-12-27 13:11	66872	------w-	c:\windows\system32\PnkBstrA.exe
2009-12-27 13:11 . 2009-12-27 13:11	2250024	------w-	c:\windows\system32\pbsvc.exe
2009-12-26 10:06 . 2008-04-14 00:12	221184	------w-	c:\windows\system32\wmpns.dll
2009-12-25 21:40 . 2009-12-25 21:47	--------	d-----w-	c:\program files\Zaparit
2009-12-25 20:20 . 2009-12-25 20:20	411368	------w-	c:\windows\system32\deploytk.dll
2009-12-25 20:20 . 2009-12-25 20:20	--------	d-----w-	c:\program files\Java
2009-12-25 20:19 . 2009-12-25 20:19	152576	----a-w-	c:\documents and settings\PC\Application Data\Sun\Java\jre1.6.0_16\lzma.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 11:38 . 2009-12-17 15:51	--------	d-----w-	c:\documents and settings\PC\Application Data\skypePM
2010-01-23 16:02 . 2009-12-16 22:55	--------	d-----w-	c:\program files\Rapget.RS_Premium_v1.0.4.8_cz
2010-01-21 18:27 . 2009-12-17 15:45	--------	d-----w-	c:\documents and settings\PC\Application Data\ICQ
2010-01-20 19:06 . 2009-12-16 21:39	--------	d-----w-	c:\documents and settings\All Users\Application Data\Skype
2010-01-18 21:34 . 2009-12-21 22:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\Codemasters
2010-01-18 21:25 . 2009-12-21 22:22	--------	d-----w-	c:\program files\BRS
2010-01-18 21:25 . 2009-12-21 22:21	445016	----a-w-	c:\windows\system32\wrap_oal.dll
2010-01-18 21:25 . 2009-12-21 22:21	109144	----a-w-	c:\windows\system32\OpenAL32.dll
2010-01-18 21:15 . 2007-03-28 10:34	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-01-18 20:01 . 2009-12-16 21:59	--------	d-----w-	c:\documents and settings\PC\Application Data\Vso
2010-01-12 19:11 . 2009-12-17 20:45	--------	d-----w-	c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-05 15:57 . 2009-12-20 21:10	--------	d-----w-	c:\program files\Ubisoft
2010-01-04 13:15 . 2009-12-20 21:23	--------	d-----w-	c:\program files\Electronic Arts
2010-01-03 12:50 . 2009-12-17 16:58	--------	d-----w-	c:\program files\DAEMON Tools Lite
2010-01-02 23:33 . 2009-12-17 16:58	691696	----a-w-	c:\windows\system32\drivers\sptd.sys
2009-12-29 20:12 . 2009-12-18 20:57	--------	d-----w-	c:\documents and settings\PC\Application Data\proDAD
2009-12-29 19:14 . 2009-12-18 18:48	--------	d-----w-	c:\documents and settings\All Users\Application Data\Pinnacle
2009-12-28 20:39 . 2009-12-17 18:55	--------	d-----w-	c:\documents and settings\All Users\Application Data\Nero
2009-12-28 18:20 . 2009-12-17 15:44	--------	d-----w-	c:\program files\ICQ6.5
2009-12-26 15:20 . 2009-12-17 15:49	--------	d-----w-	c:\documents and settings\PC\Application Data\BSplayer PRO
2009-12-22 11:32 . 2009-12-22 11:32	--------	d-----w-	c:\documents and settings\PC\Application Data\Disney Interactive Studios
2009-12-22 05:21 . 2002-08-29 03:41	667136	----a-w-	c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2007-03-28 11:55	81920	------w-	c:\windows\system32\ieencode.dll
2009-12-21 22:21 . 2009-12-21 22:21	--------	d-----w-	c:\program files\OpenAL
2009-12-21 21:57 . 2009-12-21 21:41	--------	d-----w-	c:\program files\Microsoft Games for Windows - LIVE
2009-12-21 21:31 . 2009-12-21 21:30	--------	d-----w-	c:\program files\Rockstar Games
2009-12-21 20:59 . 2009-12-21 20:59	--------	d--h--r-	c:\documents and settings\PC\Application Data\SecuROM
2009-12-21 20:59 . 2009-12-20 22:36	107888	------w-	c:\windows\system32\CmdLineExt.dll
2009-12-20 22:37 . 2009-12-20 22:37	1700352	------w-	c:\windows\system32\gdiplus.dll
2009-12-20 21:30 . 2009-12-20 21:30	--------	d-----w-	c:\program files\Activision
2009-12-20 21:22 . 2009-12-20 21:21	--------	d-----w-	c:\program files\AGEIA Technologies
2009-12-20 21:14 . 2009-12-20 21:14	--------	d-----w-	c:\documents and settings\All Users\Application Data\InstallShield
2009-12-20 21:14 . 2009-12-20 21:01	--------	d-----w-	c:\documents and settings\PC\Application Data\InstallShield
2009-12-20 21:10 . 2007-03-28 10:34	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-12-20 21:01 . 2009-12-20 21:01	--------	d-----w-	c:\program files\Disney Interactive Studios
2009-12-20 20:49 . 2009-12-20 20:49	--------	d-----w-	c:\program files\Synetic
2009-12-20 20:48 . 2009-12-20 20:45	--------	d-----w-	c:\program files\Crash Time 2
2009-12-20 20:48 . 2009-12-20 20:48	--------	d-----w-	c:\documents and settings\All Users\Application Data\Synetic
2009-12-20 20:43 . 2009-12-20 20:36	--------	d-----w-	c:\program files\Cobra 11 - Crash Time
2009-12-20 19:04 . 2009-12-20 19:04	15872	----a-r-	c:\documents and settings\PC\Application Data\Microsoft\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C9.exe
2009-12-20 14:55 . 2009-12-20 14:55	--------	d-----w-	c:\documents and settings\PC\Application Data\CD-LabelPrint
2009-12-20 14:10 . 2009-12-20 14:10	--------	d-----w-	c:\documents and settings\All Users\Application Data\CanonIJPLM
2009-12-20 14:10 . 2009-12-20 14:02	--------	d-----w-	c:\program files\Canon
2009-12-20 14:09 . 2009-12-20 14:09	--------	d-----w-	c:\program files\Common Files\CANON
2009-12-20 14:04 . 2009-12-20 14:04	--------	d--h--w-	c:\documents and settings\All Users\Application Data\CanonBJ
2009-12-20 14:04 . 2009-12-20 14:04	--------	d--h--w-	c:\program files\CanonBJ
2009-12-19 23:35 . 2009-12-17 17:40	--------	d-----w-	c:\program files\Magic Video Converter
2009-12-19 23:23 . 2009-12-19 23:23	--------	d-----w-	c:\program files\ProtectDisc Driver Installer
2009-12-19 22:18 . 2009-12-19 22:18	--------	d-----w-	c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-12-19 21:48 . 2009-12-18 20:44	--------	d-----w-	c:\documents and settings\All Users\Application Data\proDAD
2009-12-18 23:29 . 2009-12-18 23:29	278728	------w-	c:\windows\system32\drivers\atksgt.sys
2009-12-18 23:29 . 2009-12-18 23:29	25416	------w-	c:\windows\system32\drivers\lirsgt.sys
2009-12-18 22:25 . 2009-12-18 22:25	--------	d-----w-	c:\program files\Valve
2009-12-18 20:51 . 2007-03-28 12:02	100592	----a-w-	c:\documents and settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-18 20:50 . 2009-12-18 20:23	--------	d-----w-	c:\program files\AdorageI-GfxDatas
2009-12-18 20:44 . 2009-12-18 20:23	--------	d-----w-	c:\program files\AdorageI-SAL
2009-12-18 18:54 . 2009-12-18 18:54	--------	d-----w-	c:\program files\Common Files\Pinnacle
2009-12-18 18:54 . 2009-12-18 18:54	--------	d-----w-	c:\documents and settings\All Users\Application Data\Pinnacle Studio Ultimate Collection
2009-12-18 18:04 . 2009-12-18 18:04	--------	d-----w-	c:\program files\MSXML 4.0
2009-12-17 23:11 . 2009-12-17 23:11	--------	d-----w-	c:\documents and settings\All Users\Application Data\nView_Profiles
2009-12-17 22:13 . 2009-12-17 22:13	--------	d-----w-	c:\documents and settings\PC\Application Data\IObit
2009-12-17 22:13 . 2009-12-17 22:13	--------	d-----w-	c:\program files\IObit
2009-12-17 21:55 . 2009-12-17 21:55	--------	d-----w-	c:\program files\CCleaner
2009-12-17 20:52 . 2009-12-17 20:48	--------	d-----w-	c:\program files\Microsoft Works
2009-12-17 20:48 . 2009-12-17 18:28	--------	d-----w-	c:\program files\MSBuild
2009-12-17 20:48 . 2009-12-17 20:48	--------	d-----w-	c:\program files\Microsoft.NET
2009-12-17 20:46 . 2009-12-17 20:46	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2009-12-17 20:44 . 2009-12-17 16:57	--------	d-----w-	c:\documents and settings\PC\Application Data\DAEMON Tools Lite
2009-12-17 18:46 . 2009-12-17 18:46	--------	d-----w-	c:\program files\Ashampoo
2009-12-17 18:25 . 2009-12-17 18:25	--------	d-----w-	c:\program files\Reference Assemblies
2009-12-17 18:17 . 2009-12-17 18:17	--------	d-----w-	c:\program files\Opera
2009-12-17 17:41 . 2009-12-17 17:41	--------	d-----w-	c:\documents and settings\All Users\Application Data\Apple Computer
2009-12-17 17:15 . 2007-03-28 09:59	166455	----a-w-	c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-12-17 17:15 . 2007-03-28 09:58	6538	----a-w-	c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-12-17 16:57 . 2009-12-17 16:57	--------	d-----w-	c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-12-17 16:49 . 2009-12-17 16:46	--------	d-----w-	c:\documents and settings\All Users\Application Data\Temp
2009-12-17 16:49 . 2009-12-17 16:49	53319	----a-w-	c:\documents and settings\All Users\Application Data\Temp\{8C20787A-7402-4FA7-BF25-6E5750930FDC}\PostBuild.exe
2009-12-17 16:49 . 2007-03-28 12:19	--------	d-----w-	c:\documents and settings\All Users\Application Data\CyberLink
2009-12-17 16:48 . 2009-12-17 16:47	--------	d-----w-	c:\documents and settings\PC\Application Data\CyberLink
2009-12-17 16:47 . 2009-12-17 16:47	--------	d-----w-	c:\program files\Common Files\CyberLink
2009-12-17 16:46 . 2007-03-28 12:19	--------	d-----w-	c:\program files\CyberLink
2009-12-17 16:46 . 2009-12-17 16:47	29480	------w-	c:\windows\system32\msxml3a.dll
2009-12-17 16:46 . 2009-12-17 16:46	53319	----a-w-	c:\documents and settings\All Users\Application Data\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-17 16:41 . 2009-12-17 16:41	--------	d-----w-	c:\program files\Lavalys
2009-12-17 16:39 . 2009-12-17 16:38	--------	d-----w-	c:\program files\All Ten Fingers - ATF 6.3
2009-12-17 16:13 . 2009-12-17 15:34	--------	d-----w-	c:\documents and settings\PC\Application Data\Winamp
2009-12-17 16:03 . 2009-12-17 16:03	--------	d-----w-	c:\program files\Webteh
2009-12-17 15:51 . 2009-12-17 15:51	56	------w-	c:\windows\system32\ezsidmv.dat
2009-12-17 15:45 . 2009-12-17 15:45	--------	d-----w-	c:\program files\ICQ6Toolbar
2009-12-17 15:45 . 2009-12-17 15:45	--------	d-----w-	c:\documents and settings\All Users\Application Data\ICQ
2009-12-17 15:34 . 2009-12-17 15:34	--------	d-----w-	c:\program files\Winamp
2009-12-17 15:34 . 2009-12-17 15:34	--------	d-----w-	c:\program files\Winamp Detect
2009-12-17 12:16 . 2009-12-17 12:16	--------	d-----w-	c:\documents and settings\All Users\Application Data\Elaborate Bytes
2009-12-17 12:16 . 2009-12-17 12:16	--------	d-----w-	c:\program files\Elaborate Bytes
2009-12-16 22:31 . 2009-12-16 22:31	--------	d-----w-	c:\documents and settings\PC\Application Data\ACD Systems
2009-12-16 22:30 . 2009-12-16 22:30	--------	d-----w-	c:\program files\Common Files\ACD Systems
2009-12-16 22:30 . 2009-12-16 22:30	--------	d-----w-	c:\documents and settings\All Users\Application Data\ACD Systems
2009-12-16 22:30 . 2009-12-16 22:30	--------	d-----w-	c:\program files\ACD Systems
2009-12-16 22:04 . 2009-12-16 22:04	--------	d-----w-	c:\documents and settings\PC\Application Data\Zoner
2009-12-16 22:03 . 2009-12-16 22:03	--------	d-----w-	c:\program files\Zoner
2008-12-18 00:48 . 2009-12-16 21:37	67688	----a-w-	c:\program files\mozilla firefox\components\jar50.dll
2008-12-18 00:48 . 2009-12-16 21:37	54368	----a-w-	c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-18 00:48 . 2009-12-16 21:37	34944	----a-w-	c:\program files\mozilla firefox\components\myspell.dll
2008-12-18 00:48 . 2009-12-16 21:37	46712	----a-w-	c:\program files\mozilla firefox\components\spellchk.dll
2008-12-18 00:48 . 2009-12-16 21:37	172136	----a-w-	c:\program files\mozilla firefox\components\xpinstal.dll

Re: prosim o kontrolu logu pomale PC

Napsal: 24 led 2010 15:09
od duso

Kód: Vybrat vše

(((((((((((((((((((((((((((((   SnapShot@2010-01-01_21.22.46   )))))))))))))))))))))))))))))))))))))))))
+ 2010-01-24 13:47 . 2010-01-24 13:47	16384              c:\windows\Temp\Perflib_Perfdata_5bc.dat
+ 2010-01-24 13:47 . 2010-01-24 13:47	16384              c:\windows\Temp\Perflib_Perfdata_17c.dat
+ 2010-01-04 13:58 . 2008-07-08 13:02	17272              c:\windows\system32\spmsg.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	69632              c:\windows\system32\ReinstallBackups\0019\DriverFiles\OpenCL.dll
- 2000-01-01 00:59 . 2010-01-01 21:17	68292              c:\windows\system32\perfc009.dat
+ 2000-01-01 00:59 . 2010-01-24 13:52	68292              c:\windows\system32\perfc009.dat
+ 2000-01-01 00:59 . 2009-10-15 16:28	81920              c:\windows\system32\fontsub.dll
- 2000-01-01 00:59 . 2009-07-29 04:37	81920              c:\windows\system32\fontsub.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	46592              c:\windows\system32\dxdllreg.exe
+ 2010-01-04 12:53 . 2004-07-09 03:26	18688              c:\windows\system32\drivers\wstcodec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	14976              c:\windows\system32\drivers\streamip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10880              c:\windows\system32\drivers\slip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10112              c:\windows\system32\drivers\ndisip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	83968              c:\windows\system32\drivers\nabtsfec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	52096              c:\windows\system32\drivers\msdv.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	15104              c:\windows\system32\drivers\mpe.sys
- 2000-01-01 00:59 . 2000-01-01 00:59	10496              c:\windows\system32\drivers\dxapi.sys
+ 2000-01-01 00:59 . 2001-08-23 04:00	10496              c:\windows\system32\drivers\dxapi.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	16384              c:\windows\system32\drivers\ccdecode.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	11392              c:\windows\system32\drivers\bdasup.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	18688              c:\windows\system32\dllcache\wstcodec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	14976              c:\windows\system32\dllcache\streamip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10880              c:\windows\system32\dllcache\slip.sys
+ 2010-01-04 12:53 . 2002-08-29 02:41	31744              c:\windows\system32\dllcache\pid.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	10112              c:\windows\system32\dllcache\ndisip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	83968              c:\windows\system32\dllcache\nabtsfec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	52096              c:\windows\system32\dllcache\msdv.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	13312              c:\windows\system32\dllcache\msdmo.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	15104              c:\windows\system32\dllcache\mpe.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	34304              c:\windows\system32\dllcache\mciqtz32.dll
- 2009-09-25 05:56 . 2009-09-25 05:37	81920              c:\windows\system32\dllcache\ieencode.dll
+ 2009-09-25 05:56 . 2009-12-22 05:20	81920              c:\windows\system32\dllcache\ieencode.dll
- 2009-07-29 04:37 . 2009-07-29 04:37	81920              c:\windows\system32\dllcache\fontsub.dll
+ 2009-07-29 04:37 . 2009-10-15 16:28	81920              c:\windows\system32\dllcache\fontsub.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	10496              c:\windows\system32\dllcache\dxapi.sys
+ 2000-01-01 00:59 . 2001-08-23 04:00	10496              c:\windows\system32\dllcache\dxapi.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	18432              c:\windows\system32\dllcache\dswave.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	79360              c:\windows\system32\dllcache\dpwsockx.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	80896              c:\windows\system32\dllcache\dpvsetup.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	19968              c:\windows\system32\dllcache\dpvacm.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	16896              c:\windows\system32\dllcache\dpnsvr.exe
+ 2010-01-04 12:53 . 2003-03-24 08:00	68096              c:\windows\system32\dllcache\dpnhupnp.dll
+ 2010-01-04 12:53 . 2003-03-24 08:00	32768              c:\windows\system32\dllcache\dpnhpast.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	77824              c:\windows\system32\dllcache\dpmodemx.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	28160              c:\windows\system32\dllcache\dplaysvr.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	98816              c:\windows\system32\dllcache\dmstyle.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	76800              c:\windows\system32\dllcache\dmscript.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	33280              c:\windows\system32\dllcache\dmloader.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	58368              c:\windows\system32\dllcache\dmcompos.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	27136              c:\windows\system32\dllcache\dmband.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	44032              c:\windows\system32\dllcache\dimap.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	44032              c:\windows\system32\dllcache\dimap.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	24064              c:\windows\system32\dllcache\ddrawex.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	47616              c:\windows\system32\dllcache\d3dxof.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	47616              c:\windows\system32\dllcache\d3dxof.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	34816              c:\windows\system32\dllcache\d3dpmesh.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	34816              c:\windows\system32\dllcache\d3dpmesh.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	16384              c:\windows\system32\dllcache\ccdecode.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	11392              c:\windows\system32\dllcache\bdasup.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	64512              c:\windows\system32\dllcache\amstream.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	44032              c:\windows\system32\dimap.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	44032              c:\windows\system32\dimap.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	47616              c:\windows\system32\d3dxof.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	47616              c:\windows\system32\d3dxof.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	34816              c:\windows\system32\d3dpmesh.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	34816              c:\windows\system32\d3dpmesh.dll
+ 2010-01-04 12:54 . 2004-07-09 03:26	47104              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstdecod.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	18688              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\wstcodec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	14976              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\streamip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10880              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\slip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10112              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ndisip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	83968              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\nabtsfec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	16896              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msyuv.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	15104              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\mpe.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	16384              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\ccdecode.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	11392              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\bdasup.sys
+ 2010-01-04 12:53 . 2004-07-09 03:27	48512              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\stream.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	13312              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\msdmo.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	34304              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mciqtz32.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	18944              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\encapi.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	46592              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	18432              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dswave.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	79360              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpwsockx.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	80896              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	19968              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvacm.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	16896              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2010-01-04 12:53 . 2003-03-24 08:00	68096              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhupnp.dll
+ 2010-01-04 12:53 . 2003-03-24 08:00	32768              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnhpast.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	77824              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpmodemx.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	28160              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	98816              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmstyle.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	76800              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmscript.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	33280              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	58368              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmcompos.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	27136              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmband.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	24064              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddrawex.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	64512              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\amstream.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	18688              c:\windows\Driver Cache\i386\wstcodec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	14976              c:\windows\Driver Cache\i386\streamip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:27	48512              c:\windows\Driver Cache\i386\stream.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	10880              c:\windows\Driver Cache\i386\slip.sys
+ 2010-01-04 12:53 . 2002-08-29 02:41	31744              c:\windows\Driver Cache\i386\pid.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	10112              c:\windows\Driver Cache\i386\ndisip.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	83968              c:\windows\Driver Cache\i386\nabtsfec.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	16896              c:\windows\Driver Cache\i386\msyuv.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	52096              c:\windows\Driver Cache\i386\msdv.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	15104              c:\windows\Driver Cache\i386\mpe.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	16384              c:\windows\Driver Cache\i386\ccdecode.sys
+ 2010-01-04 12:53 . 2004-07-09 03:26	11392              c:\windows\Driver Cache\i386\bdasup.sys
- 2009-12-27 13:12 . 2009-12-27 13:12	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	12800              c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	53248              c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	5504              c:\windows\system32\drivers\mstee.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	5504              c:\windows\system32\dllcache\mstee.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	3072              c:\windows\system32\dllcache\dpnlobby.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	3072              c:\windows\system32\dllcache\dpnaddr.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	8192              c:\windows\system32\dllcache\d3d8thk.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	4096              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\swenum.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	5504              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mstee.sys
+ 2010-01-04 12:53 . 2001-08-23 04:00	4608              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspqm.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	5248              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mspclock.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	7424              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mskssrv.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	4096              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ksuser.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	3072              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnlobby.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	3072              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnaddr.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	8192              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8thk.dll
+ 2010-01-04 13:33 . 2010-01-04 13:33	3262              c:\windows\Installer\{CC419DDC-E0F0-4013-B25A-6FA036516F0D}\nfs_icon.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	4096              c:\windows\Driver Cache\i386\swenum.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	5504              c:\windows\Driver Cache\i386\mstee.sys
+ 2010-01-04 12:53 . 2001-08-23 04:00	4608              c:\windows\Driver Cache\i386\mspqm.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	5248              c:\windows\Driver Cache\i386\mspclock.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	7424              c:\windows\Driver Cache\i386\mskssrv.sys
+ 2010-01-04 12:53 . 2002-12-11 23:14	4096              c:\windows\Driver Cache\i386\ksuser.dll
- 2002-08-29 03:41 . 2009-10-29 05:38	627712              c:\windows\system32\urlmon.dll
+ 2002-08-29 03:41 . 2009-12-22 05:21	627712              c:\windows\system32\urlmon.dll
- 2000-01-01 00:59 . 2009-07-29 04:37	119808              c:\windows\system32\t2embed.dll
+ 2000-01-01 00:59 . 2009-10-15 16:28	119808              c:\windows\system32\t2embed.dll
+ 2010-01-16 09:34 . 2010-01-16 09:36	474600              c:\windows\system32\Restore\rstrlog.dat
+ 2010-01-16 11:17 . 2009-11-21 02:34	592488              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvudisp.exe
+ 2010-01-16 11:17 . 2009-11-21 02:34	182888              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvcod.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	354816              c:\windows\system32\psisdecd.dll
+ 2000-01-01 00:59 . 2010-01-24 13:52	435396              c:\windows\system32\perfh009.dat
- 2000-01-01 00:59 . 2010-01-01 21:17	435396              c:\windows\system32\perfh009.dat
+ 2009-12-19 22:17 . 2009-11-21 02:34	182888              c:\windows\system32\nvcodins.dll
- 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcodins.dll
+ 2009-12-19 22:17 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod.dll
- 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod.dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod(6).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod(5).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod(4).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod(3).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	182888              c:\windows\system32\nvcod(2).dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	223232              c:\windows\system32\gcdef.dll
- 2009-10-29 05:38 . 2009-10-29 05:38	667136              c:\windows\system32\dllcache\wininet.dll
+ 2009-10-29 05:38 . 2009-12-22 05:21	667136              c:\windows\system32\dllcache\wininet.dll
- 2009-10-29 05:38 . 2009-10-29 05:38	627712              c:\windows\system32\dllcache\urlmon.dll
+ 2009-10-29 05:38 . 2009-12-22 05:21	627712              c:\windows\system32\dllcache\urlmon.dll
- 2009-07-29 04:37 . 2009-07-29 04:37	119808              c:\windows\system32\dllcache\t2embed.dll
+ 2009-07-29 04:37 . 2009-10-15 16:28	119808              c:\windows\system32\dllcache\t2embed.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	733184              c:\windows\system32\dllcache\qedwipes.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	470528              c:\windows\system32\dllcache\qdvd.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	316928              c:\windows\system32\dllcache\qdv.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	257024              c:\windows\system32\dllcache\qcap.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	173056              c:\windows\system32\dllcache\qasf.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	354816              c:\windows\system32\dllcache\psisdecd.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	223232              c:\windows\system32\dllcache\gcdef.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	974848              c:\windows\system32\dllcache\dxdiag.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	602624              c:\windows\system32\dllcache\dx7vb.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	381952              c:\windows\system32\dllcache\dsound.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	491520              c:\windows\system32\dllcache\dsdmoprp.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	186880              c:\windows\system32\dllcache\dsdmo.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	112128              c:\windows\system32\dllcache\dpvvox.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	381952              c:\windows\system32\dllcache\dpvoice.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	723968              c:\windows\system32\dllcache\dpnet.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	230400              c:\windows\system32\dllcache\dplayx.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	122880              c:\windows\system32\dllcache\dmusic.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	100864              c:\windows\system32\dllcache\dmsynth.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	181248              c:\windows\system32\dllcache\dmime.dll
+ 2010-01-04 12:53 . 2002-08-29 02:40	667648              c:\windows\system32\dllcache\dinput8.dll
+ 2010-01-04 12:53 . 2002-08-29 02:40	648704              c:\windows\system32\dllcache\dinput.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	467968              c:\windows\system32\dllcache\diactfrm.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	132608              c:\windows\system32\dllcache\devenum.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	292864              c:\windows\system32\dllcache\ddraw.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	350208              c:\windows\system32\dllcache\d3drm.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	350208              c:\windows\system32\dllcache\d3drm.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	590336              c:\windows\system32\dllcache\d3dramp.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	590336              c:\windows\system32\dllcache\d3dramp.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	797184              c:\windows\system32\dllcache\d3dim700.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	436224              c:\windows\system32\dllcache\d3dim.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	436224              c:\windows\system32\dllcache\d3dim.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	467968              c:\windows\system32\diactfrm.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	350208              c:\windows\system32\d3drm.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	350208              c:\windows\system32\d3drm.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	590336              c:\windows\system32\d3dramp.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	590336              c:\windows\system32\d3dramp.dll
+ 2000-01-01 00:59 . 2001-08-23 04:00	436224              c:\windows\system32\d3dim.dll
- 2000-01-01 00:59 . 2000-01-01 00:59	436224              c:\windows\system32\d3dim.dll
+ 2010-01-14 20:31 . 2010-01-14 20:31	290816              c:\windows\system32\config\systemprofile\ntuser.dat
+ 2010-01-22 15:38 . 2010-01-22 15:59	262144              c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
+ 2010-01-04 12:53 . 2004-07-09 03:26	354816              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\psisdecd.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	733184              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedwipes.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	470528              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdvd.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	316928              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qdv.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	257024              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qcap.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	173056              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qasf.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	324096              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\mswebdvd.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	130304              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ks.sys
+ 2010-01-04 12:53 . 2004-07-09 03:27	974848              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2010-01-04 12:53 . 2002-12-11 23:14	602624              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx7vb.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	381952              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	491520              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmoprp.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	186880              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsdmo.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	112128              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvvox.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	381952              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvoice.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	723968              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnet.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	230400              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplayx.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	122880              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmusic.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	100864              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmsynth.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	181248              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmime.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	132608              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\devenum.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	292864              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	797184              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3dim700.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	354816              c:\windows\Driver Cache\i386\psisdecd.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	130304              c:\windows\Driver Cache\i386\ks.sys
+ 2010-01-18 21:24 . 2010-01-18 21:24	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	223232              c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	178176              c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	364544              c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	159232              c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	145920              c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	578560              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	577536              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	577024              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	576000              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	567296              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	563712              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	473600              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2002-08-29 03:40 . 2009-11-21 15:51	471552              c:\windows\AppPatch\aclayers.dll
+ 2002-08-29 03:41 . 2009-12-22 05:21	1509888              c:\windows\system32\shdocvw.dll
- 2002-08-29 03:41 . 2009-10-29 05:38	1509888              c:\windows\system32\shdocvw.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	2293286              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvdata.bin
+ 2010-01-16 11:17 . 2009-11-21 02:34	2259560              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	1989224              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvcuvenc.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	4038656              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvcuda.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	1056768              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvapi.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	6282752              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.dll
+ 2010-01-16 09:03 . 2009-11-21 02:34	2293286              c:\windows\system32\ReinstallBackups\0017\DriverFiles\nvdata.bin
+ 2009-12-19 22:17 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi.dll
- 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi.dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi(6).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi(5).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi(4).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi(3).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	1056768              c:\windows\system32\nvapi(2).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\nv4_disp(6).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\nv4_disp(5).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\nv4_disp(4).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\nv4_disp(3).dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\nv4_disp(2).dll
+ 2002-08-29 03:41 . 2009-12-22 05:21	3071488              c:\windows\system32\mshtml.dll
+ 2009-10-29 05:38 . 2009-12-22 05:21	1509888              c:\windows\system32\dllcache\shdocvw.dll
- 2009-10-29 05:38 . 2009-10-29 05:38	1509888              c:\windows\system32\dllcache\shdocvw.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	1798144              c:\windows\system32\dllcache\qedit.dll
+ 2006-03-09 07:29 . 2009-11-21 02:34	6282752              c:\windows\system32\dllcache\nv4_disp.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	1230336              c:\windows\system32\dllcache\msvidctl.dll
+ 2009-10-29 19:08 . 2009-12-22 05:21	3071488              c:\windows\system32\dllcache\mshtml.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	1189888              c:\windows\system32\dllcache\dx8vb.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	1294336              c:\windows\system32\dllcache\dsound3d.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	1201152              c:\windows\system32\dllcache\d3d8.dll
+ 2010-01-04 12:53 . 2004-07-09 03:26	1230336              c:\windows\RegisteredPackages\{AA936DF4-2B08-4B1F-B071-72192E287704}\msvidctl.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	1962496              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\quartz.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	1798144              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\qedit.dll
+ 2010-01-04 12:53 . 2003-05-30 08:00	1189888              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dx8vb.dll
+ 2010-01-04 12:53 . 2002-12-11 23:14	1294336              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound3d.dll
+ 2010-01-04 12:53 . 2004-07-09 03:27	1201152              c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\d3d8.dll
+ 2010-01-20 19:07 . 2010-01-20 19:07	1247744              c:\windows\Installer\2cc844.msi
+ 2010-01-04 13:33 . 2010-01-04 13:33	2080768              c:\windows\Installer\11ac7c.msi
- 2009-12-27 13:12 . 2009-12-27 13:12	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	2846720              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-18 21:24 . 2010-01-18 21:24	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-12-27 13:12 . 2009-12-27 13:12	2676224              c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	13602816              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvoglnt.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	11374592              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nvcompiler.dll
+ 2010-01-16 11:17 . 2009-11-21 02:34	10235968              c:\windows\system32\ReinstallBackups\0019\DriverFiles\nv4_mini.sys
- 2006-03-09 07:29 . 2009-11-21 02:34	13602816              c:\windows\system32\nvoglnt.dll
+ 2009-12-19 22:17 . 2009-11-21 02:34	13602816              c:\windows\system32\nvoglnt.dll
+ 2009-12-17 16:55 . 2010-01-05 00:17	29634504              c:\windows\system32\MRT.exe
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-04 2334856]
"Steam"="c:\program files\valve\steam\steam.exe" [2009-12-20 1217808]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-12-21 306088]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-25 149280]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"nwiz"="nwiz.exe" [BU]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\duso4\\counter-strike\\hl.exe"=
"c:\\Program Files\\Valve\\Steam\\SteamApps\\duso4\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\SEGA\\Vancouver 2010\\Vancouver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [28.3.2007 11:34 11264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [16.12.2009 22:50 114768]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [28.3.2007 11:25 13696]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/17 17:47];c:\program files\CyberLink\PowerDVD9\000.fcl [1.9.2009 16:59 87536]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 6:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.12.2009 22:50 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.12.2009 17:58 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-01-24 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-17 14:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zaparit.cz/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\vhbyml6w.default\
FF - prefs.js: browser.startup.homepage - hxxp://sk.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sk:official
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 14:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1547161642-1979792683-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:9b,a2,28,15,92,cc,ca,b3,ef,90,88,97,eb,93,2d,64,96,23,39,ea,f3,
   4d,34,d2,f3,17,c0,33,89,b8,9f,e2,9e,d2,30,b2,78,3b,35,ef,5b,dd,78,5b,0b,5d,\
"rkeysecu"=hex:3a,59,4e,26,63,8b,e9,03,0a,22,bd,f6,1d,64,ca,96
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1824)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-01-24  14:57:36
ComboFix-quarantined-files.txt  2010-01-24 13:57
ComboFix2.txt  2010-01-03 16:43

Pre-Run: 110 855 520 256 bytes free
Post-Run: 111 255 527 424 bytes free

- - End Of File - - 66B61A04009FD303CEFADC592806F98F

Re: prosim o kontrolu logu pomale PC

Napsal: 24 led 2010 15:11
od duso
a jeste log HJT

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:58:27, on 24.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\PC\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R3 - URLSearchHook: (no name) -  - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Unknown owner - C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Need for Speed ProStreet\PB\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 6982 bytes

Re: prosim o kontrolu logu pomale PC

Napsal: 24 led 2010 22:45
od motji
Dobrý večer :)
prosím odstrante logy z code, špatně se to čte, děkuji :)
Combofix Vám poradil kdo?

:arrow: připojte flešku do pc
:arrow: Stáhněte na plochu UsbFix
-spusťte, zvolte jazyk E - potvrdťe enter
-klikněte na volbu 1 - enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz