Nelze se přihlásit - RSIT

[alesholoska]

Zdravím,

dnes ráno se mi oběvil na PC problém. A to, že se nemůžu přihlásit. Když se přihlásím, tak naskočí tapeta plochy bez ikon a po chvilce se PC zničeho nic vypne a zobrazí se zase bootovací obrazovka a tak je to pořád dokola (jak nějáký cyklus).

Děkuji za odpověď

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-02-26 16:05:49
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (3%) free of 41 GB
Total RAM: 446 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:06:12, on 26.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Acer\Desktop\RSIT.exe
C:\Documents and Settings\Acer\Desktop\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://ftp.drweb.com/pub/drweb/cureit/launch.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro pøihlášení ke službì Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [MacrokeyManager] WTMKM.exe
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Monitor Apache Servers.lnk = C:\dev\prog\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 9263398453
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apache2 - Apache Software Foundation - C:\dev\prog\Apache2\bin\Apache.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CesarFTP FTP Server (CesarFTP) - Unknown owner - C:\Program Files\CesarFTP\server.exe
O23 - Service: Google Sitemap Generator (GoogleSitemapGenerator) - Google Inc. - C:\Program Files\Google\Google Sitemap Generator\SitemapService.exe
O23 - Service: Služba Google Update (gupdate1ca16d380f2b742) (gupdate1ca16d380f2b742) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: IceWarp GroupWare Server (MerakCalendar) - IceWarp Ltd - C:\Program Files\Merak\cal.exe
O23 - Service: IceWarp Control / Web / FTP (MerakControl) - IceWarp Ltd - C:\Program Files\Merak\control.exe
O23 - Service: IceWarp IM / VoIP (MerakIM) - IceWarp Ltd - C:\Program Files\Merak\im.exe
O23 - Service: IceWarp POP3 / IMAP (MerakPOP3) - IceWarp Ltd - C:\Program Files\Merak\pop3.exe
O23 - Service: IceWarp SMTP (MerakSMTP) - IceWarp Ltd - C:\Program Files\Merak\smtp.exe
O23 - Service: MySQL5 - Unknown owner - C:\dev\prog\mysql50\bin\mysqld-nt (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SMTP Server Service (SMTPMainService) - Unknown owner - C:\Program Files\Enterprise Mail Server\SMTPListener.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe

--
End of file - 9647 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\Norton Security Scan for Acer.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro pøihlášení ke službì Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
GdfrDUEn Class - C:\Program Files\Get Styles\enlbrdr.dll [2010-02-11 185856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-08-06 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-17 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-03-08 106496]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-09-06 439872]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-05-30 421888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"MacrokeyManager"=C:\WINDOWS\system32\WTMKM.exe [2009-01-13 3161760]
"ConMet"=C:\Program Files\ConMet\ConMet.exe [2010-01-12 3804672]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
C:\Program Files\365dníNET\365dniNET.exe [2007-01-06 753664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivControl]
C:\Program Files\Activ Software\Activdriver\ActivControl2.exe [2008-07-17 1454080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-14 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [2008-11-01 281600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-03-17 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-05-30 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-23 385024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-10 208952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-06-23 602112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMAgent]
C:\Program Files\Mobile Master\MMAgent.exe [2008-09-11 1347008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-10 59392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-10 455168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-06-27 16248320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-06 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Acer^Start Menu^Programs^Startup^Jabbim.lnk]
C:\PROGRA~1\Jabbim\jabbim.exe [2009-01-29 206848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
C:\Acer\EMPOWE~1\ACEREM~1.EXE [2006-06-29 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2006-01-17 618557]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DSLMON.lnk]
C:\PROGRA~1\ADSL\ADSLUS~1\dslmon.exe [2003-10-16 929889]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Monitor Apache Servers.lnk - C:\dev\prog\Apache2\bin\ApacheMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-07-18 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\groove.exe"="C:\Program Files\Microsoft Office\Office12\groove.exe:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Activ Software\ActivstudioPE3\AMARKER.EXE"="C:\Program Files\Activ Software\ActivstudioPE3\AMARKER.EXE:*:Enabled:ENABLE"
"C:\Program Files\Activ Software\ActivstudioPE3\Activresmanager.exe"="C:\Program Files\Activ Software\ActivstudioPE3\Activresmanager.exe:*:Enabled:ENABLE"
"C:\Program Files\WinRAR\WinRAR.exe"="C:\Program Files\WinRAR\WinRAR.exe:*:Enabled:ENABLE"
"C:\WINDOWS\System32\logon.scr"="C:\WINDOWS\System32\logon.scr:*:Enabled:ENABLE"
"C:\Program Files\Activ Software\ActivstudioPE3\ASExport Wizard.exe"="C:\Program Files\Activ Software\ActivstudioPE3\ASExport Wizard.exe:*:Enabled:ENABLE"
"C:\WINDOWS\RTHDCPL.EXE"="C:\WINDOWS\RTHDCPL.EXE:*:Enabled:ENABLE"
"C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe:*:Enabled:ENABLE"
"C:\Acer\Empowering Technology\ePower\ePower_DMC.exe"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe:*:Enabled:ENABLE"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe:*:Enabled:ENABLE"
"C:\Program Files\Launch Manager\LManager.exe"="C:\Program Files\Launch Manager\LManager.exe:*:Enabled:ENABLE"
"C:\Acer\Empowering Technology\eRecovery\eRAgent.exe"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe:*:Enabled:ENABLE"
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wbem\unsecapp.exe"="C:\WINDOWS\system32\wbem\unsecapp.exe:*:Enabled:ENABLE"
"C:\Program Files\Java\jre6\bin\jusched.exe"="C:\Program Files\Java\jre6\bin\jusched.exe:*:Enabled:ENABLE"
"C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe"="C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe:*:Enabled:ENABLE"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"="C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe:*:Enabled:ENABLE"
"C:\Program Files\ADSL\ADSL USB MODEM\dslmon.exe"="C:\Program Files\ADSL\ADSL USB MODEM\dslmon.exe:*:Enabled:ENABLE"
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe:*:Enabled:ENABLE"
"C:\Documents and Settings\Acer\Desktop\aircrack-ng-0.9.3-win\BIN\airodump-ng.exe"="C:\Documents and Settings\Acer\Desktop\aircrack-ng-0.9.3-win\BIN\airodump-ng.exe:*:Enabled:ENABLE"
"C:\Documents and Settings\Acer\Desktop\aircrack-ng-0.9.3-win\BIN\Aircrack-ng GUI.exe"="C:\Documents and Settings\Acer\Desktop\aircrack-ng-0.9.3-win\BIN\Aircrack-ng GUI.exe:*:Enabled:ENABLE"
"C:\WINDOWS\System32\cmd.exe"="C:\WINDOWS\System32\cmd.exe:*:Enabled:ENABLE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ENABLE"
"C:\WINDOWS\System32\netsh.exe"="C:\WINDOWS\System32\netsh.exe:*:Enabled:ENABLE"
"C:\WINDOWS\ehome\ehtray.exe"="C:\WINDOWS\ehome\ehtray.exe:*:Enabled:ENABLE"
"C:\WINDOWS\eHome\ehmsas.exe"="C:\WINDOWS\eHome\ehmsas.exe:*:Enabled:ENABLE"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:*:Enabled:BlueSoleilCS"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"I:\Program Files\ICQ6.5\ICQ.exe"="I:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Enterprise Mail Server\SMTPServerGUI.exe"="C:\Program Files\Enterprise Mail Server\SMTPServerGUI.exe:*:Enabled:SMTPServerGUI"
"C:\Program Files\Enterprise Mail Server\SMTPListener.exe"="C:\Program Files\Enterprise Mail Server\SMTPListener.exe:*:Enabled:SMTPListener"
"C:\Program Files\Enterprise Mail Server\Uninstaller.exe"="C:\Program Files\Enterprise Mail Server\Uninstaller.exe:*:Enabled:SMTPUninstaller"
"C:\Program Files\Enterprise Mail Server\Updater.exe"="C:\Program Files\Enterprise Mail Server\Updater.exe:*:Enabled:SMTPUpdater"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\Setup.exe


======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-02-26 16:02:03 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-26 15:35:25 ----SHD---- C:\$RECYCLE.BIN
2010-02-26 15:32:08 ----SHD---- C:\FOUND.005
2010-02-26 11:38:16 ----SHD---- C:\FOUND.004
2010-02-26 11:18:28 ----SHD---- C:\FOUND.003
2010-02-26 09:07:46 ----SHD---- C:\FOUND.002
2010-02-26 08:32:12 ----SHD---- C:\FOUND.001
2010-02-26 08:17:08 ----SHD---- C:\FOUND.000
2010-02-25 19:18:42 ----SHD---- C:\Recycled
2010-02-25 07:30:19 ----HD---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-25 07:24:50 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-25 07:24:30 ----HD---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-25 07:24:21 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-25 07:24:16 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-25 07:24:02 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-25 07:19:12 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-25 07:19:05 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-25 07:18:58 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-25 07:18:51 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-25 07:18:11 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-25 07:17:14 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-25 07:17:08 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-25 07:16:58 ----HD---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-25 07:16:52 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-25 07:16:46 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-25 07:16:35 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-25 07:14:29 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-25 06:57:04 ----HD---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-25 06:55:42 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-25 06:55:05 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-25 06:53:05 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-25 06:51:23 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-25 06:51:15 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-25 06:50:02 ----HD---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-25 06:49:23 ----HD---- C:\WINDOWS\$NtUninstallKB953295$
2010-02-25 06:46:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-25 06:45:40 ----HD---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-24 16:56:32 ----D---- C:\Program Files\Usingit
2010-02-24 16:26:44 ----A---- C:\ComboFix.txt
2010-02-24 16:01:19 ----A---- C:\WINDOWS\MBR.exe
2010-02-24 15:56:11 ----D---- C:\ComboFix
2010-02-24 15:27:12 ----D---- C:\Program Files\Winamp
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-02-24 14:40:07 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-02-24 14:40:04 ----N---- C:\WINDOWS\system32\px.dll
2010-02-22 10:16:57 ----D---- C:\Program Files\Norton Security Scan
2010-02-22 10:16:57 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-02-22 10:16:52 ----D---- C:\Program Files\NortonInstaller
2010-02-22 10:16:52 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-02-22 07:16:11 ----D---- C:\WINDOWS\system32\Adobe
2010-02-20 07:55:04 ----D---- C:\FOUND.029
2010-02-18 18:23:57 ----D---- C:\HOCKEY
2010-02-17 10:13:20 ----D---- C:\Program Files\Get Styles
2010-02-17 08:50:14 ----D---- C:\FOUND.028
2010-02-16 08:09:54 ----D---- C:\FOUND.027
2010-02-11 19:30:29 ----A---- C:\wepkeys.txt
2010-01-29 19:22:03 ----D---- C:\FKeySMTP
2010-01-29 19:21:59 ----D---- C:\Program Files\Enterprise Mail Server
2010-01-29 19:04:37 ----D---- C:\Program Files\hMailServer
2010-01-28 17:04:58 ----D---- C:\Program Files\CesarFTP
2010-01-28 14:44:50 ----D---- C:\Program Files\Merak
2010-01-27 19:38:47 ----D---- C:\Program Files\ICQ7.0
2010-01-27 15:33:13 ----A---- C:\WINDOWS\system32\libmySQL.dll
2010-01-27 15:32:38 ----A---- C:\WINDOWS\system32\php5ts.dll
2010-01-27 15:32:06 ----A---- C:\WINDOWS\php.ini
2010-01-27 15:04:42 ----D---- C:\dev

======List of files/folders modified in the last 1 months======

2010-02-26 15:34:22 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2010-02-26 15:34:14 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2010-02-26 15:34:10 ----A---- C:\WINDOWS\win.ini
2010-02-26 15:33:14 ----A---- C:\WINDOWS\system32\bscs.ini
2010-02-26 11:52:06 ----A---- C:\WINDOWS\system32\LOCALSERVICE.INI
2010-02-26 10:30:50 ----A---- C:\WINDOWS\DUMP8c80.tmp
2010-02-26 09:49:08 ----A---- C:\WINDOWS\DUMP901a.tmp
2010-02-26 08:46:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-25 07:47:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-25 07:24:56 ----A---- C:\WINDOWS\imsins.BAK
2010-02-24 16:14:44 ----A---- C:\WINDOWS\system.ini
2010-02-24 16:10:16 ----AD---- C:\Qoobox
2010-02-24 15:55:10 ----A---- C:\WINDOWS\wincmd.ini
2010-02-18 06:22:58 ----RASH---- C:\boot.ini
2010-02-05 07:37:46 ----A---- C:\WINDOWS\DUMPa632.tmp
2010-02-01 11:26:22 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-31 08:54:48 ----A---- C:\WINDOWS\DUMP8193.tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-24 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-24 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-24 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-28 6144]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-10 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-10 17024]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
S1 AmdK8;Ovladaè procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
S1 avfwot;avfwot; C:\WINDOWS\system32\DRIVERS\avfwot.sys [2009-05-08 97608]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-10 14848]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
S1 WS2IFSL;Podpùrné prostøedí zprostøedkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2004-01-05 46295]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
S2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
S2 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
S2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672]
S2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
S2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
S3 ActivHidSerMini;Promethean Serial Board Driver; C:\WINDOWS\system32\DRIVERS\activhidsermini.sys [2008-06-16 57088]
S3 adiusbaw;ADSL USB MODEM WAN ADAPTER; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2004-01-12 127721]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-30 583915]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-07-18 1621504]
S3 avfwim;AvFw Packet Filter Miniport; C:\WINDOWS\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2008-07-02 33800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2008-10-16 27528]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2008-10-22 39432]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-17 850474]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-01-17 148900]
S3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-05-12 806272]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\Acer\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-10 9600]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 mbr;mbr; \??\C:\DOCUME~1\Acer\LOCALS~1\Temp\mbr.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-04-12 47360]
S3 PEEK5;PEEK5 Protocol Driver; \??\C:\DOCUME~1\Acer\Desktop\AIRCRA~1.3-W\bin\PEEK5.SYS []
S3 prmvmouse;Promethean HID Mouse Service; C:\WINDOWS\system32\DRIVERS\activmouse.sys [2008-06-16 4480]
S3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
S3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-10 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-10 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-10 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2008-07-02 29960]
S3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
S2 AntiVirFirewallService;Avira Firewall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2009-05-11 388865]
S2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-10-30 185089]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945]
S2 Apache2;Apache2; C:\dev\prog\Apache2\bin\Apache.exe [2008-01-17 20541]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-07-18 401408]
S2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
S2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-11-01 835072]
S2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
S2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
S2 CesarFTP;CesarFTP FTP Server; C:\Program Files\CesarFTP\server.exe [2002-12-01 137728]
S2 ehRecvr;Služba pøijímaèe aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-12-15 237568]
S2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-10 267776]
S2 GoogleSitemapGenerator;Google Sitemap Generator; C:\Program Files\Google\Google Sitemap Generator\SitemapService.exe [2009-02-04 704512]
S2 gupdate1ca16d380f2b742;Služba Google Update (gupdate1ca16d380f2b742); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-06 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-06 190448]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
S2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-10 15872]
S2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2004-08-10 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-17 152984]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
S2 MerakCalendar;IceWarp GroupWare Server; C:\Program Files\Merak\cal.exe [2010-01-28 1990656]
S2 MerakControl;IceWarp Control / Web / FTP; C:\Program Files\Merak\control.exe [2010-01-28 2165248]
S2 MerakIM;IceWarp IM / VoIP; C:\Program Files\Merak\im.exe [2010-01-28 1677824]
S2 MerakPOP3;IceWarp POP3 / IMAP; C:\Program Files\Merak\pop3.exe [2010-01-28 1690624]
S2 MerakSMTP;IceWarp SMTP; C:\Program Files\Merak\smtp.exe [2010-01-28 1651200]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S2 MySQL5;MySQL5; C:\dev\prog\mysql50\bin\mysqld-nt --defaults-file=C:\dev\prog\mysql50\my.ini MySQL5 []
S2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S2 SMTPMainService;SMTP Server Service; C:\Program Files\Enterprise Mail Server\SMTPListener.exe [2010-01-17 1190400]
S2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-10 15872]
S2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-10 15872]
S2 WTService;WTService; C:\WINDOWS\system32\atwtusb.exe [2009-02-05 388768]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-11-01 98407]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE [2006-07-25 2119360]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Ahoj
A ten combofix ve středu jsi dělal proč?
Můžu poprosit o tento log?
C:\ComboFix.txt

[alesholoska]

To byla preventivka

ComboFix 10-02-23.04 - Acer 24.02.2010 16:03:03.4.1 - FAT32x86
Spuštìný z: c:\documents and settings\Acer\My Documents\Stažené soubory\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Acer\My Documents\cc_20090630_152739.reg
c:\documents and settings\Acer\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\LocalService\Application Data\twain_32
c:\documents and settings\LocalService\Application Data\twain_32\user.ds
c:\documents and settings\NetworkService\Application Data\twain_32
c:\documents and settings\NetworkService\Application Data\twain_32\user.ds
C:\LOG.TXT
C:\Thumbs.db
c:\windows\system32\dctlftp3.dll
c:\windows\system32\detoured.dll
I:\install.exe

c:\windows\system32\grpconv.exe . . . chybí !!

.
((((((((((((((((((((((((((((((((((((((( Ovladaèe/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_OREANS32
-------\Service_oreans32


((((((((((((((((((((((((( Soubory vytvoøené od 2010-01-24 do 2010-02-24 )))))))))))))))))))))))))))))))
.

2010-02-24 14:27 . 2010-02-24 14:27 -------- d-----w- c:\program files\Winamp
2010-02-24 13:40 . 2009-04-28 20:20 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-02-24 13:40 . 2009-04-28 20:20 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-02-24 13:40 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-02-23 06:58 . 2010-02-23 06:58 -------- d-----w- C:\FOUND.000
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\windows\system32\drivers\NSS
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\program files\Norton Security Scan
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\program files\NortonInstaller
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-02-22 06:16 . 2010-02-22 06:16 -------- d-----w- c:\windows\system32\Adobe
2010-02-20 06:55 . 2010-02-20 06:55 -------- d-----w- C:\FOUND.029
2010-02-18 17:23 . 2010-02-18 17:23 -------- d-----w- C:\HOCKEY
2010-02-17 09:13 . 2010-02-17 09:13 -------- d-----w- c:\documents and settings\Acer\AppData
2010-02-17 09:13 . 2010-02-17 09:13 -------- d-----w- c:\program files\Get Styles
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- C:\FOUND.028
2010-02-16 07:09 . 2010-02-16 07:09 -------- d-----w- C:\FOUND.027
2010-01-31 14:09 . 2010-01-31 14:09 -------- d-----w- c:\documents and settings\Acer\kbpki
2010-01-29 18:22 . 2010-01-29 18:22 -------- d-----w- C:\FKeySMTP
2010-01-29 18:21 . 2010-01-29 18:22 -------- d-----w- c:\program files\Enterprise Mail Server
2010-01-29 18:15 . 2010-01-29 18:15 -------- d-----w- c:\documents and settings\Acer\Local Settings\Application Data\Halvar Information
2010-01-29 18:04 . 2010-01-29 18:04 -------- d-----w- c:\program files\hMailServer
2010-01-28 16:04 . 2010-01-28 16:05 -------- d-----w- c:\program files\CesarFTP
2010-01-28 13:44 . 2010-01-28 13:44 -------- d-----w- c:\program files\Merak
2010-01-27 18:39 . 2010-01-27 18:39 -------- d-----w- c:\documents and settings\Acer\Local Settings\Application Data\AOL
2010-01-27 18:38 . 2010-01-27 18:38 -------- d-----w- c:\program files\ICQ7.0
2010-01-27 14:33 . 2010-01-15 11:46 2068480 ----a-w- c:\windows\system32\libmySQL.dll
2010-01-27 14:32 . 2008-05-02 17:07 4874301 ----a-w- c:\windows\system32\php5ts.dll
2010-01-27 14:04 . 2010-01-27 14:04 -------- d-----w- C:\dev

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-05 06:37 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMPa632.tmp
2010-01-31 07:54 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMP8193.tmp
2010-01-30 14:43 . 2009-03-28 13:59 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\program files\ConMet
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\documents and settings\Acer\Application Data\ConMet
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\ConMet
2010-01-09 01:55 . 2010-01-09 01:55 -------- d-----w- c:\program files\bobyte
2010-01-09 01:51 . 2010-01-09 01:51 -------- d-----w- c:\program files\MIKSOFT
2009-12-30 13:51 . 2009-12-30 13:51 -------- d-----w- c:\documents and settings\Acer\Application Data\VitySoft
2009-12-27 11:31 . 2009-12-27 11:31 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-07 14:11 . 2009-07-20 21:43 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-05 22:25 . 2009-12-05 22:25 1376539 ----a-w- c:\documents and settings\Acer\Dokument-3-podklad-1.dat
2009-11-26 17:11 . 2009-11-26 17:11 768199 ----a-w- c:\documents and settings\Acer\Dokument-3-Bez názvu-1.dat
.

(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-02-11 07:58 185856 ----a-w- c:\program files\Get Styles\enlbrdr.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-01-12 133368]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"MacrokeyManager"="WTMKM.exe" [2009-01-13 3161760]
"ConMet"="c:\program files\ConMet\ConMet.exe" [2010-01-12 3804672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^Acer^Start Menu^Programs^Startup^Jabbim.lnk]
path=c:\documents and settings\Acer\Start Menu\Programs\Startup\Jabbim.lnk
backup=c:\windows\pss\Jabbim.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DSLMON.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DSLMON.lnk
backup=c:\windows\pss\DSLMON.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
2007-01-06 17:16 753664 ----a-w- c:\program files\365dníNET\365dniNET.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2006-03-31 15:39 204800 ----a-w- c:\acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivControl]
2008-07-17 10:57 1454080 ----a-w- c:\program files\Activ Software\Activdriver\ActivControl2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-05-10 10:12 90112 ----a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
2009-03-02 12:08 209153 ----a-w- c:\program files\Avira\AntiVir Desktop\avgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2006-04-14 21:35 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 ----a-w- c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtTray]
2008-11-01 08:56 281600 ----a-w- c:\program files\IVT Corporation\BlueSoleil\BtTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-10 19:00 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2006-03-17 14:00 345088 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-08-05 12:56 64512 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2006-05-30 11:11 421888 ----a-w- c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
2006-06-01 13:40 413696 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 06:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-10-22 23:00 385024 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
2004-08-10 19:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2006-06-23 05:59 602112 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMAgent]
2008-09-11 21:03 1347008 ----a-w- c:\program files\Mobile Master\MMAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:45 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
2004-08-10 19:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
2005-05-11 16:15 45056 ----a-w- c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
2004-08-10 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
2004-08-10 19:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-06-27 22:54 16248320 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 02:04 2879488 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 14:31 2144088 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-06 21:17 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-03-03 12:07 761946 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-09-23 12:08 61440 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Activ Software\\ActivstudioPE3\\AMARKER.EXE"=
"c:\\Program Files\\Activ Software\\ActivstudioPE3\\Activresmanager.exe"=
"c:\\Program Files\\WinRAR\\WinRAR.exe"=
"c:\\WINDOWS\\System32\\logon.scr"=
"c:\\Program Files\\Activ Software\\ActivstudioPE3\\ASExport Wizard.exe"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSloader.exe"=
"c:\\Acer\\Empowering Technology\\ePower\\ePower_DMC.exe"=
"c:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"=
"c:\\Program Files\\Launch Manager\\LManager.exe"=
"c:\\Acer\\Empowering Technology\\eRecovery\\eRAgent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe"=
"c:\\WINDOWS\\system32\\wbem\\unsecapp.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\jusched.exe"=
"c:\\Acer\\Empowering Technology\\Acer.Empowering.Framework.Launcher.exe"=
"c:\\Program Files\\WIDCOMM\\Bluetooth Software\\BTTray.exe"=
"c:\\Program Files\\ADSL\\ADSL USB MODEM\\dslmon.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe"=
"c:\\Documents and Settings\\Acer\\Desktop\\aircrack-ng-0.9.3-win\\BIN\\airodump-ng.exe"=
"c:\\Documents and Settings\\Acer\\Desktop\\aircrack-ng-0.9.3-win\\BIN\\Aircrack-ng GUI.exe"=
"c:\\WINDOWS\\System32\\cmd.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\System32\\netsh.exe"=
"c:\\WINDOWS\\ehome\\ehtray.exe"=
"c:\\WINDOWS\\eHome\\ehmsas.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"i:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Enterprise Mail Server\\SMTPServerGUI.exe"=
"c:\\Program Files\\Enterprise Mail Server\\SMTPListener.exe"=
"c:\\Program Files\\Enterprise Mail Server\\Uninstaller.exe"=
"c:\\Program Files\\Enterprise Mail Server\\Updater.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirFirewallService;Avira Firewall;c:\program files\Avira\AntiVir Desktop\avfwsvc.exe [2009-05-11 388865]
R2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2009-05-11 194817]
R2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2009-05-12 434945]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x]
R2 GoogleSitemapGenerator;Google Sitemap Generator;c:\program files\Google\Google Sitemap Generator\SitemapService.exe [2009-02-04 704512]
R2 gupdate1ca16d380f2b742;Služba Google Update (gupdate1ca16d380f2b742);c:\program files\Google\Update\GoogleUpdate.exe [2009-08-06 133104]
R2 MerakCalendar;IceWarp GroupWare Server;c:\program files\Merak\cal.exe [2010-01-28 1990656]
R3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\DRIVERS\activhidsermini.sys [2008-06-16 57088]
R3 cpuz130;cpuz130;c:\docume~1\Acer\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [x]
R3 PEEK5;PEEK5 Protocol Driver;c:\docume~1\Acer\Desktop\AIRCRA~1.3-W\bin\PEEK5.SYS [2005-05-19 13184]
R3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys [2008-06-16 4480]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2008-07-31 20616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-03-16 717296]
S0 vax347b;vax347b;c:\windows\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
S0 vax347s;vax347s;c:\windows\System32\Drivers\vax347s.sys [2004-04-30 5248]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2009-05-08 97608]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
S2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
S2 CesarFTP;CesarFTP FTP Server;c:\program files\CesarFTP\server.exe [2002-12-01 137728]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
S2 MerakIM;IceWarp IM / VoIP;c:\program files\Merak\im.exe [2010-01-28 1677824]
S2 MySQL5;MySQL5;c:\dev\prog\mysql50\bin\mysqld-nt --defaults-file=c:\dev\prog\mysql50\my.ini MySQL5 [x]
S2 SMTPMainService;SMTP Server Service;c:\program files\Enterprise Mail Server\SMTPListener.exe [2010-01-17 1190400]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2009-02-24 69632]
S3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248]

.
Obsah adresáøe 'Naplánované úlohy'

2010-02-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-06 21:16]

2010-02-23 c:\windows\Tasks\Norton Security Scan for Acer.job
- c:\program files\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-02-22 10:54]

2010-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-06 21:20]

2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-06 21:20]
.
.
------- Doplòkový sken -------
.
uStart Page = hxxp://cs.intl.acer.yahoo.com/
mStart Page = hxxp://cs.intl.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: &Download by Arles Download Manager - c:\documents and settings\Acer\Local Settings\Application Data\Ariel Download Manager\DownloadManager.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Acer\Application Data\Mozilla\Firefox\Profiles\n5fiife0.default\
FF - component: c:\documents and settings\Acer\Application Data\Mozilla\Firefox\Profiles\n5fiife0.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npDXStudioPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANÌNÉ Z REGISTRU - - - -

BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
HKCU-Run-ares - c:\program files\Ares\Ares.exe
HKLM-Run-WinampAgent - i:\program files\Winamp\winampa.exe
MSConfigStartUp-ares - c:\program files\Ares\Ares.exe
AddRemove-Hospital - i:\bullfrog\Theme Hospital\DeIsL1.isu
AddRemove-Merak - c:\program files\Merak\setup.exe
AddRemove-Product - j:\valve\stargatetc\Uninstall.exe
AddRemove-WebFtp 3.0_is1 - c:\dev\www\webftp\unins000.exe
AddRemove-{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F} - c:\program files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\Setup.exe-L0x5



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-24 16:19
Windows 5.1.2600 Service Pack 2 FAT NTAPI

skenování skrytých procesù ...

skenování skrytých položek 'Po spuštìní' ...

skenování skrytých souborù ...

sken byl úspešnì dokonèen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x846B60F0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf760ffc3
\Driver\ACPI -> ACPI.sys @ 0xf72c3cb8
\Driver\atapi -> 0x846b60f0
IoDeviceObjectType -> SecurityProcedure -> ntkrnlpa.exe @ 0x80582abe
\Device\Harddisk0\DR0 -> SecurityProcedure -> ntkrnlpa.exe @ 0x80582abe
NDIS: Atheros AR5005G Cardbus Wireless Network Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf716abc3
PacketIndicateHandler -> NDIS.sys @ 0xf7158a0b
SendHandler -> NDIS.sys @ 0xf716cb31
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL5]
"ImagePath"="\"c:\dev\prog\mysql50\bin\mysqld-nt\" --defaults-file=\"c:\dev\prog\mysql50\my.ini\" MySQL5"
.
--------------------- Knihovny navázané na bìžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\CLBCATQ.DLL

- - - - - - - > 'explorer.exe'(5476)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\dev\prog\Apache2\bin\Apache.exe
c:\windows\system32\WTMKM.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\dev\prog\Apache2\bin\ApacheMonitor.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\dev\prog\Apache2\bin\Apache.exe
c:\program files\Merak\pop3.exe
c:\program files\Merak\smtp.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\dev\prog\mysql50\bin\mysqld-nt.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\atwtusb.exe
c:\windows\system32\atwtusb.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový èas: 2010-02-24 16:26:43 - poèítaè byl restartován
ComboFix-quarantined-files.txt 2010-02-24 15:26
ComboFix2.txt 2009-10-09 21:14
ComboFix3.txt 2009-06-29 18:24

Pøed spuštìním: 278 036 480 bytes free
Po spuštìní: 2 373 353 472

- - End Of File - - 25572C998F0464B8319FC7800571AF15

[motji]

Preventivka? Předpokládám že když už umíš spustit combofix, že si sám vyluštíš i ten log ...chybí Ti systémový soubor, zkusíme ho nahradit.

Používáš Daemon nebo alcohol?



Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

MIA::
c:\windows\system32\grpconv.exe

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[alesholoska]

Daemon a Alcohol znám

Log z CF v příloze

[motji]

Prosím Tě vlož log z combofixu sem, klidně ho rozděl to více příspěvků, je to přehlednější.
Nějaká změna s počítačem?

[alesholoska]

ComboFix 09-06-26.02 - Administrator 26.02.2010 17:02.5 - FAT32x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.446.262 [GMT 1:00]
Spuštìný z: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Použité ovládací pøepínaèe :: c:\documents and settings\Administrator\Desktop\CFScript.txt
.
- REŽIM S OMEZENOU FUNKÈNOSTÍ -
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\grpconv.exe . . . chybí !!

c:\windows\system32\grpconv.exe . . . chybí !!

.
((((((((((((((((((((((((( Soubory vytvoøené od 2010-01-26 do 2010-02-26 )))))))))))))))))))))))))))))))
.

2010-02-26 14:32 . 2010-02-26 14:32 -------- d-sh--w- C:\FOUND.005
2010-02-26 10:38 . 2010-02-26 10:38 -------- d-sh--w- C:\FOUND.004
2010-02-26 10:18 . 2010-02-26 10:18 -------- d-sh--w- C:\FOUND.003
2010-02-26 08:07 . 2010-02-26 08:07 -------- d-sh--w- C:\FOUND.002
2010-02-26 07:32 . 2010-02-26 07:32 -------- d-sh--w- C:\FOUND.001
2010-02-26 07:17 . 2010-02-26 07:17 -------- d-sh--w- C:\FOUND.000
2010-02-25 05:51 . 2010-02-25 05:51 229208 ----a-w- c:\windows\system32\drivers\VMM.sys
2010-02-24 15:56 . 2010-02-24 15:56 -------- d-----w- c:\program files\Usingit
2010-02-24 15:01 . 2009-10-25 05:11 77312 ----a-w- c:\windows\MBR.exe
2010-02-24 14:27 . 2010-02-24 14:27 -------- d-----w- c:\program files\Winamp
2010-02-24 13:40 . 2009-04-28 20:20 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-02-24 13:40 . 2009-04-28 20:20 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-02-24 13:40 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\windows\system32\drivers\NSS
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\program files\Norton Security Scan
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\program files\NortonInstaller
2010-02-22 09:16 . 2010-02-22 09:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-02-22 06:16 . 2010-02-22 06:16 -------- d-----w- c:\windows\system32\Adobe
2010-02-20 06:55 . 2010-02-20 06:55 -------- d-----w- C:\FOUND.029
2010-02-18 17:23 . 2010-02-18 17:23 -------- d-----w- C:\HOCKEY
2010-02-17 09:13 . 2010-02-17 09:13 -------- d-----w- c:\documents and settings\Acer\AppData
2010-02-17 09:13 . 2010-02-17 09:13 -------- d-----w- c:\program files\Get Styles
2010-02-17 07:50 . 2010-02-17 07:50 -------- d-----w- C:\FOUND.028
2010-02-16 07:09 . 2010-02-16 07:09 -------- d-----w- C:\FOUND.027
2010-02-10 16:52 . 2010-02-10 16:52 165232 ---ha-w- c:\documents and settings\Acer\Application Data\Microsoft\Virtual PC\VPCKeyboard.dll
2010-01-31 14:09 . 2010-01-31 14:09 -------- d-----w- c:\documents and settings\Acer\kbpki
2010-01-29 18:22 . 2010-01-29 18:22 -------- d-----w- C:\FKeySMTP
2010-01-29 18:21 . 2010-01-29 18:22 -------- d-----w- c:\program files\Enterprise Mail Server
2010-01-29 18:15 . 2010-01-29 18:15 -------- d-----w- c:\documents and settings\Acer\Local Settings\Application Data\Halvar Information
2010-01-29 18:04 . 2010-01-29 18:04 -------- d-----w- c:\program files\hMailServer
2010-01-28 16:04 . 2010-01-28 16:05 -------- d-----w- c:\program files\CesarFTP
2010-01-28 13:44 . 2010-01-28 13:44 -------- d-----w- c:\program files\Merak
2010-01-27 18:39 . 2010-01-27 18:39 -------- d-----w- c:\documents and settings\Acer\Local Settings\Application Data\AOL
2010-01-27 18:38 . 2010-01-27 18:38 -------- d-----w- c:\program files\ICQ7.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-26 09:30 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMP8c80.tmp
2010-02-26 08:49 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMP901a.tmp
2010-02-26 07:39 . 2010-01-15 15:39 45504 ----a-w- c:\documents and settings\Acer\Application Data\ConMet\Konta\Acer.cmd
2010-02-25 06:55 . 2009-03-16 10:58 96304 ----a-w- c:\documents and settings\Acer\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-05 06:37 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMPa632.tmp
2010-01-31 07:54 . 2009-03-09 10:31 102400 ----a-w- c:\windows\DUMP8193.tmp
2010-01-30 14:43 . 2009-03-28 13:59 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-01-30 14:43 . 2009-03-28 13:59 2828 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2010-01-15 11:46 . 2010-01-27 14:33 2068480 ----a-w- c:\windows\system32\libmySQL.dll
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\program files\ConMet
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\documents and settings\Acer\Application Data\ConMet
2010-01-12 18:31 . 2010-01-12 18:31 -------- d-----w- c:\documents and settings\All Users\Application Data\ConMet
2010-01-09 01:55 . 2010-01-09 01:55 -------- d-----w- c:\program files\bobyte
2010-01-09 01:51 . 2010-01-09 01:51 -------- d-----w- c:\program files\MIKSOFT
2009-12-31 16:14 . 2004-08-10 19:00 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 13:51 . 2009-12-30 13:51 -------- d-----w- c:\documents and settings\Acer\Application Data\VitySoft
2009-12-22 05:35 . 2006-01-09 19:02 668672 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:35 . 2004-08-10 19:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 12:58 . 2004-08-10 19:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:35 . 2004-08-10 19:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-07 14:11 . 2009-07-20 21:43 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-05 22:25 . 2009-12-05 22:25 1376539 ----a-w- c:\documents and settings\Acer\Dokument-3-podklad-1.dat
2009-12-04 14:41 . 2004-08-10 19:00 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.

------- Sigcheck -------

[7] 2004-08-10 19:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\svchost.exe
[7] 2004-08-10 21:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\system32\dllcache\svchost.exe
[-] 2008-04-14 01:12 14336 27C6D03BCDB8CFEB96B716F3D8BE3E18 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\svchost.exe
[7] 2004-08-10 19:00 14336 8F078AE4ED187AAABC0A305146DE6716 c:\windows\ERDNT\cache\svchost.exe

[7] 2004-08-10 19:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\user32.dll
[7] 2004-08-10 21:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 01:12 578560 B26B135FF1B9F60C9388B4A7D16F600B c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\user32.dll
[7] 2004-08-10 19:00 577024 C72661F8552ACE7C5C85E16A3CF505C4 c:\windows\ERDNT\cache\user32.dll

[7] 2004-08-10 19:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\ws2_32.dll
[7] 2004-08-10 21:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-04-14 01:12 82432 2CCC474EB85CEAA3E1FA1726580A3E5A c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ws2_32.dll
[7] 2004-08-10 19:00 82944 2ED0B7F12A60F90092081C50FA0EC2B2 c:\windows\ERDNT\cache\ws2_32.dll

[7] 2009-12-22 05:35 668672 3E617A36A895363FBBE6D1D0405D7E12 c:\windows\system32\wininet.dll
[7] 2009-12-22 05:35 668672 3E617A36A895363FBBE6D1D0405D7E12 c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-22 05:35 668672 3E617A36A895363FBBE6D1D0405D7E12 c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp2qfe\wininet.dll
[7] 2009-12-22 05:05 668672 BD27AF5C72D2FBFE491D3A3A8429B974 c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3qfe\wininet.dll
[7] 2009-12-22 05:21 667136 814C265012ED921443C515A591D5BFE1 c:\windows\SoftwareDistribution\Download\7bee2af2f3f9f266d2aabdd735f7503c\sp3gdr\wininet.dll
[-] 2008-04-14 01:12 666112 7A4F775ABB2F1C97DEF3E73AFA2FAEDD c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\wininet.dll
[7] 2008-10-16 02:00 666112 1576318BF08D28CC61D1278114AD8D5B c:\windows\$hf_mig$\KB958215\SP3GDR\wininet.dll
[7] 2008-10-16 02:04 667136 E8FCE58A470999350F64C591557F9E42 c:\windows\$hf_mig$\KB958215\SP3QFE\wininet.dll
[7] 2009-02-20 09:11 666112 5B6A3EB7BB2F338BC2CB9F2FA4AAEA9E c:\windows\$hf_mig$\KB963027\SP3GDR\wininet.dll
[7] 2009-02-20 08:50 667648 711FEABED387B29FF7ED61BC6806A06C c:\windows\$hf_mig$\KB963027\SP3QFE\wininet.dll
[7] 2009-04-29 05:46 666624 6002073519FA478BF89977369CDFD156 c:\windows\$hf_mig$\KB969897\SP3GDR\wininet.dll
[7] 2009-04-29 05:21 668160 04BCB4F87B35502568F6CF33433543A5 c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[7] 2009-06-26 17:50 666624 70FFEA4793D7139A447B169CB0E500BC c:\windows\$hf_mig$\KB972260\SP3GDR\wininet.dll
[7] 2009-06-26 17:42 668160 8553E6D4EC1563277323E6B2D6FBB954 c:\windows\$hf_mig$\KB972260\SP3QFE\wininet.dll
[7] 2009-12-22 05:21 667136 814C265012ED921443C515A591D5BFE1 c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll
[7] 2009-12-22 05:05 668672 BD27AF5C72D2FBFE491D3A3A8429B974 c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[7] 2009-04-29 05:31 668160 9E36A148748C5DE4EA1F47B9B625F412 c:\windows\$NtUninstallKB972260$\wininet.dll
[7] 2009-06-26 16:59 668160 CF0B7B2738BEF0EB87673393CB7EA06E c:\windows\$NtUninstallKB978207$\wininet.dll
[7] 2009-06-26 16:59 668160 CF0B7B2738BEF0EB87673393CB7EA06E c:\windows\ERDNT\cache\wininet.dll

[7] 2008-06-20 11:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 11:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 20:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\tcpip.sys
[7] 2008-06-20 11:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 12:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 12:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 11:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\ERDNT\cache\tcpip.sys

[7] 2004-08-10 19:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\winlogon.exe
[7] 2004-08-10 21:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\system32\dllcache\winlogon.exe
[-] 2008-04-14 01:12 507904 ED0EF0A136DEC83DF69F04118870003E c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\winlogon.exe
[7] 2004-08-10 19:00 502272 01C3346C241652F43AED8E2149881BFE c:\windows\ERDNT\cache\winlogon.exe

[7] 2004-08-10 19:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\drivers\ndis.sys
[7] 2004-08-10 19:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 20:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ndis.sys
[7] 2004-08-10 19:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\ERDNT\cache\ndis.sys

[7] 2004-08-10 19:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\drivers\ip6fw.sys
[7] 2004-08-10 19:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-13 19:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ip6fw.sys
[7] 2004-08-10 19:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\ERDNT\cache\ip6fw.sys

[7] 2009-08-04 13:13 2015744 E832C72D32FA117CB0D033C5EA95B58F c:\windows\system32\ntkrnlpa.exe
[7] 2009-08-04 13:13 2057728 B0BD27AA04C1B8E857C1DADEF4EF2159 c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2009-08-04 14:20 2066048 7437BA6F538E89381A2E3643AED296C7 c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP3GDR\ntkrnlpa.exe
[7] 2009-08-04 17:47 2066176 363B2BBEE0AEDC9E5433616D0AD0236A c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 12:02 2062976 97E912E94CCED4064F5DEEE5C25A9278 c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP2QFE\ntkrnlpa.exe
[7] 2009-08-04 13:13 2057728 B0BD27AA04C1B8E857C1DADEF4EF2159 c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP2GDR\ntkrnlpa.exe
[-] 2008-04-13 19:31 2065792 109F8E3E3C82E337BB71B6BC9B895D61 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntkrnlpa.exe
[7] 2008-08-14 10:18 2062976 63EC865DFF6CCFC7BEF94B5C50297CAD c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe
[7] 2008-08-14 10:33 2066048 4AC58F03EB94A72809949D757FC39D80 c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe
[7] 2008-08-14 14:39 2066048 A25E9B86EFFB2AF33BF51E676B68BFB0 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 10:49 2062976 9D832AF3FD1917DB0E1E8B2F000A2E3A c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2009-02-07 18:02 2066048 5BA7F2141BC6DB06100D0E5A732C617A c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-06 11:30 2066176 607352B9CB3D708C67F6039097801B5A c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 12:02 2062976 97E912E94CCED4064F5DEEE5C25A9278 c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[7] 2009-08-04 14:20 2066048 7437BA6F538E89381A2E3643AED296C7 c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[7] 2009-08-04 17:47 2066176 363B2BBEE0AEDC9E5433616D0AD0236A c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-02-06 17:49 2015744 B238AB60093BABFE76AEC8F34B4D399D c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[7] 2009-02-06 17:49 2015744 B238AB60093BABFE76AEC8F34B4D399D c:\windows\ERDNT\cache\ntkrnlpa.exe

[7] 2009-08-04 13:58 2136064 11CDD81560E766101F0032EB05872C1B c:\windows\system32\ntoskrnl.exe
[7] 2009-08-04 14:00 2180352 D6B537A639D623ED85B73AF3E3BE4B94 c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2009-08-04 19:44 2189184 8415D9C7C050E7022AED8ABF281BE4A6 c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP3GDR\ntoskrnl.exe
[7] 2009-08-04 13:56 2189312 FDE779EA1A564EBFE16F4E0F82B61BAD c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 12:51 2185984 8DF112C341425F29DB4566B8D2A96A7F c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP2QFE\ntoskrnl.exe
[7] 2009-08-04 14:00 2180352 D6B537A639D623ED85B73AF3E3BE4B94 c:\windows\SoftwareDistribution\Download\8fa1ad7968e63408057364ad07aa482c\SP2GDR\ntoskrnl.exe
[-] 2008-04-13 20:27 2188928 0C89243C7C3EE199B96FCC16990E0679 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ntoskrnl.exe
[7] 2008-08-14 10:57 2185984 CE69DBD54221F2D40E49FF6DB77C6507 c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[7] 2008-08-14 11:11 2189184 EEAF32F8E15A24F62BECB1BD403BB5C5 c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[7] 2008-08-14 15:11 2189184 31914172342BFF330063F343AC6958FE c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[7] 2009-02-06 11:32 2186112 6A936E9D7BADAF3CAAEED1E1966EC1B0 c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-06 12:08 2189056 7A95B10A73737EBF24139AAA63F5212B c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-07 18:35 2189184 EFE8EACE83EAAD5849A7A548FB75B584 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 12:51 2185984 8DF112C341425F29DB4566B8D2A96A7F c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[7] 2009-08-04 19:44 2189184 8415D9C7C050E7022AED8ABF281BE4A6 c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[7] 2009-08-04 13:56 2189312 FDE779EA1A564EBFE16F4E0F82B61BAD c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-06 18:22 2136064 16B5EBE97F243441264A8F8694C2F2AA c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[7] 2009-02-06 18:22 2136064 16B5EBE97F243441264A8F8694C2F2AA c:\windows\ERDNT\cache\ntoskrnl.exe

[7] 2004-08-10 19:00 1032192 A0732187050030AE399B241436565E64 c:\windows\explorer.exe
[7] 2004-08-10 19:00 1032192 A0732187050030AE399B241436565E64 c:\windows\system32\dllcache\explorer.exe
[-] 2008-04-14 01:12 1033728 12896823FB95BFB3DC9B46BCAEDC9923 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\explorer.exe
[7] 2004-08-10 19:00 1032192 A0732187050030AE399B241436565E64 c:\windows\ERDNT\cache\explorer.exe

[7] 2009-02-06 18:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\system32\services.exe
[7] 2009-02-06 18:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\system32\dllcache\services.exe
[-] 2008-04-14 01:12 108544 0E776ED5F7CC9F94299E70461B7B8185 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\services.exe
[7] 2009-02-06 11:22 110592 4712531AB7A01B7EE059853CA17D39BD c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[7] 2009-02-06 12:11 110592 65DF52F5B8B6E9BBD183505225C37315 c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[7] 2009-02-06 12:06 110592 020CEAAEDC8EB655B6506B8C70D53BB6 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2009-02-06 18:14 110592 37561F8D4160D62DA86D24AE41FAE8DE c:\windows\ERDNT\cache\services.exe

[7] 2004-08-10 19:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\lsass.exe
[7] 2004-08-10 21:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\system32\dllcache\lsass.exe
[-] 2008-04-14 01:12 13312 BF2466B3E18E970D8A976FB95FC1CA85 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\lsass.exe
[7] 2004-08-10 19:00 13312 84885F9B82F4D55C6146EBF6065D75D2 c:\windows\ERDNT\cache\lsass.exe

[7] 2004-08-10 19:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\ctfmon.exe
[7] 2004-08-10 19:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\system32\dllcache\ctfmon.exe
[-] 2008-04-14 01:12 15360 5F1D5F88303D4A4DBC8E5F97BA967CC3 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\ctfmon.exe
[7] 2004-08-10 19:00 15360 24232996A38C0B0CF151C2140AE29FC8 c:\windows\ERDNT\cache\ctfmon.exe

[7] 2004-08-10 19:00 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\spoolsv.exe
[7] 2004-08-10 19:00 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 01:12 57856 D8E14A61ACC1D4A6CD0D38AEBAC7FA3B c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\spoolsv.exe
[7] 2004-08-10 19:00 57856 7435B108B935E42EA92CA94F59C8E717 c:\windows\ERDNT\cache\spoolsv.exe

[7] 2009-08-06 18:24 53472 62BB79160F86CD962F312C68C6239BFD c:\windows\system32\wuauclt.exe
[7] 2009-08-06 18:24 53472 62BB79160F86CD962F312C68C6239BFD c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 01:12 111104 ED7262E52C31CF1625B65039102BC16C c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\wuauclt.exe
[7] 2009-08-06 18:24 53472 62BB79160F86CD962F312C68C6239BFD c:\windows\ERDNT\cache\wuauclt.exe

[7] 2004-08-10 19:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\userinit.exe
[7] 2004-08-10 19:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\system32\dllcache\userinit.exe
[-] 2008-04-14 01:12 26112 A93AEE1928A9D7CE3E16D24EC7380F89 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\userinit.exe
[7] 2004-08-10 19:00 24576 39B1FFB03C2296323832ACBAE50D2AFF c:\windows\ERDNT\cache\userinit.exe

[7] 2005-03-10 08:49 295424 C29A5286E64D97385178452D5F307B98 c:\windows\system32\termsrv.dll
[7] 2005-03-10 08:49 295424 C29A5286E64D97385178452D5F307B98 c:\windows\system32\dllcache\termsrv.dll
[-] 2008-04-14 01:12 295424 FF3477C03BE7201C294C35F684B3479F c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\termsrv.dll
[7] 2005-03-10 08:49 295424 C29A5286E64D97385178452D5F307B98 c:\windows\ERDNT\cache\termsrv.dll

[7] 2009-03-21 15:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\system32\kernel32.dll
[7] 2009-03-21 15:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\system32\dllcache\kernel32.dll
[-] 2008-04-14 01:11 989696 C24B983D211C34DA8FCC1AC38477971D c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\kernel32.dll
[7] 2009-03-21 14:54 989184 80202858D245FF07DAA1739C57A3E19B c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[7] 2009-03-21 15:06 989696 B921FB870C9AC0D509B2CCABBBBE95F3 c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[7] 2009-03-21 14:59 991744 DA11D9D6ECBDF0F93436A4B7C13F7BEC c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2009-03-21 15:18 986112 B6ACAED7588295129791E0E6A2B0FADE c:\windows\ERDNT\cache\kernel32.dll

[7] 2004-08-10 19:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\powrprof.dll
[7] 2004-08-10 21:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\system32\dllcache\powrprof.dll
[-] 2008-04-14 01:12 17408 50A166237A0FA771261275A405646CC0 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\powrprof.dll
[7] 2004-08-10 19:00 17408 1B5F6923ABB450692E9FE0672C897AED c:\windows\ERDNT\cache\powrprof.dll

[7] 2004-08-10 19:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\imm32.dll
[7] 2004-08-10 21:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\system32\dllcache\imm32.dll
[-] 2008-04-14 01:11 110080 0DA85218E92526972A821587E6A8BF8F c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\imm32.dll
[7] 2004-08-10 19:00 110080 87CA7CE6469577F059297B9D6556D66D c:\windows\ERDNT\cache\imm32.dll

[7] 2004-08-10 19:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\sfcfiles.dll
[7] 2004-08-10 21:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\system32\dllcache\sfcfiles.dll
[-] 2008-04-14 01:12 1614848 9DD07AF82244867CA36681EA2D29CE79 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\sfcfiles.dll
[7] 2004-08-10 19:00 1580544 30A609E00BD1D4FFC49D6B5A432BE7F2 c:\windows\ERDNT\cache\sfcfiles.dll

[7] 2004-08-10 19:00 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\system32\appmgmts.dll
[7] 2004-08-10 19:00 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\system32\dllcache\appmgmts.dll
[-] 2008-04-14 01:11 167936 D8849F77C0B66226335A59D26CB4EDC6 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\appmgmts.dll
[7] 2004-08-10 19:00 167936 9C3C12975C97119412802B181FBEEFFE c:\windows\ERDNT\cache\appmgmts.dll

[7] 2004-08-10 19:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\drivers\kbdclass.sys
[7] 2004-08-10 19:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\dllcache\kbdclass.sys
[7] 2004-08-10 19:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\kbdclass.sys
[-] 2008-04-13 19:39 24576 463C1EC80CD17420A542B7F36A36F128 c:\windows\SoftwareDistribution\Download\e9500597a78495f397efb821e37bf356\kbdclass.sys
[7] 2004-08-10 19:00 24576 EBDEE8A2EE5393890A1ACEE971C4C246 c:\windows\ERDNT\cache\kbdclass.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-10-09_20.10.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-10 18:00 . 2004-08-10 18:00 54784 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 54784 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcirt.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 50688 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcirt.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50688 c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcirt.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
- 2008-07-29 06:05 . 2008-07-29 06:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
- 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
- 2008-07-29 04:07 . 2008-07-29 04:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2005-09-23 00:35 . 2005-09-23 00:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
- 2005-09-22 23:35 . 2005-09-22 23:35 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0ee63867\vcomp.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80KOR.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80JPN.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ITA.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHT.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80CHS.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80FRA.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ESP.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80ENU.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_3415f6d0\mfc80DEU.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80u.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_dec6ddd2\mfcm80.dll
+ 2007-08-22 23:18 . 2007-08-22 23:18 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
- 2007-08-22 22:18 . 2007-08-22 22:18 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-10-26 12:40 . 2006-10-26 12:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
- 2006-10-26 11:40 . 2006-10-26 11:40 95744 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\ATL80.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\atl.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 74802 c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.0.0_x-ww_ff9986d7\atl.dll
+ 2008-09-30 15:45 . 2008-09-30 15:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
- 2008-09-30 14:45 . 2008-09-30 14:45 91656 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2009-03-19 16:58 . 2009-03-19 16:58 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
- 2009-03-19 15:58 . 2009-03-19 15:58 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2009-04-23 16:46 . 1999-02-16 09:19 31768 c:\windows\VoiceExplorer\Micwiz.exe
- 2009-04-23 15:46 . 1999-02-16 08:19 31768 c:\windows\VoiceExplorer\Micwiz.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\vmmreg32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\vmmreg32.dll
+ 1998-03-13 00:02 . 1998-03-13 00:02 34304 c:\windows\UNISTB32.EXE
- 1998-03-12 23:02 . 1998-03-12 23:02 34304 c:\windows\UNISTB32.EXE
+ 2009-12-24 19:40 . 2007-07-26 06:13 23168 c:\windows\udtablet\AIPTEKTP.SYS
+ 2009-12-24 19:40 . 2006-01-17 04:32 45056 c:\windows\udtablet\AIPTEKTP.EXE
+ 2004-08-10 19:00 . 2004-08-10 19:00 25600 c:\windows\twunk_32.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 25600 c:\windows\twunk_32.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 49680 c:\windows\twunk_16.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 49680 c:\windows\twunk_16.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 50688 c:\windows\twain_32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50688 c:\windows\twain_32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 94784 c:\windows\twain.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 94784 c:\windows\twain.dll
+ 2005-10-14 17:02 . 2005-10-14 17:02 77824 c:\windows\TVtuner\cxtvrate.dll
- 2005-10-14 16:02 . 2005-10-14 16:02 77824 c:\windows\TVtuner\cxtvrate.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 15360 c:\windows\TASKMAN.EXE
- 2004-08-10 18:00 . 2004-08-10 18:00 15360 c:\windows\TASKMAN.EXE
- 1998-03-25 22:12 . 1998-03-25 22:12 53248 c:\windows\system32\zlib.dll
+ 1998-03-25 23:12 . 1998-03-25 23:12 53248 c:\windows\system32\zlib.dll
- 2003-01-20 19:39 . 2003-01-20 19:39 57344 c:\windows\system32\XTLite.dll
+ 2003-01-20 20:39 . 2003-01-20 20:39 57344 c:\windows\system32\XTLite.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\xolehlp.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\xolehlp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 50176 c:\windows\system32\xmlprovi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50176 c:\windows\system32\xmlprovi.dll
- 2009-03-21 10:59 . 2005-12-05 16:07 61136 c:\windows\system32\xinput9_1_0.dll
+ 2009-03-21 11:59 . 2005-12-05 17:07 61136 c:\windows\system32\xinput9_1_0.dll
+ 2009-03-21 12:01 . 2007-04-04 17:53 81768 c:\windows\system32\xinput1_3.dll
+ 2009-03-21 12:01 . 2006-07-28 08:30 62744 c:\windows\system32\xinput1_2.dll
- 2009-03-21 11:01 . 2006-07-28 07:30 62744 c:\windows\system32\xinput1_2.dll
- 2009-03-21 11:01 . 2006-03-31 10:39 62672 c:\windows\system32\xinput1_1.dll
+ 2009-03-21 12:01 . 2006-03-31 11:39 62672 c:\windows\system32\xinput1_1.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 30720 c:\windows\system32\xcopy.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 30720 c:\windows\system32\xcopy.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 91648 c:\windows\system32\xactsrv.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 91648 c:\windows\system32\xactsrv.dll
+ 2009-12-20 10:12 . 2007-10-22 02:37 17928 c:\windows\system32\X3DAudio1_2.dll
+ 2009-03-21 12:01 . 2007-03-05 11:42 15128 c:\windows\system32\x3daudio1_1.dll
- 2009-03-21 11:01 . 2006-09-28 14:03 15128 c:\windows\system32\x3daudio1_1.dll
+ 2009-03-21 11:59 . 2006-02-03 07:41 14032 c:\windows\system32\x3daudio1_0.dll
- 2009-03-21 10:59 . 2006-02-03 06:41 14032 c:\windows\system32\x3daudio1_0.dll
- 2005-06-21 22:00 . 2005-06-21 22:00 52736 c:\windows\system32\wzcsapi.dll
+ 2005-06-21 23:00 . 2005-06-21 23:00 52736 c:\windows\system32\wzcsapi.dll
- 2008-10-16 12:09 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2008-10-16 13:09 . 2009-08-06 18:24 44768 c:\windows\system32\wups2.dll
- 2004-08-10 18:00 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2004-08-10 19:00 . 2009-08-06 18:24 35552 c:\windows\system32\wups.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 32256 c:\windows\system32\wupdmgr.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 32256 c:\windows\system32\wupdmgr.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 18432 c:\windows\system32\wtsapi32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18432 c:\windows\system32\wtsapi32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50688 c:\windows\system32\wstdecod.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 50688 c:\windows\system32\wstdecod.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 22528 c:\windows\system32\wsock32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 22528 c:\windows\system32\wsock32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 42496 c:\windows\system32\wsnmp32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 42496 c:\windows\system32\wsnmp32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\wshtcpip.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\wshtcpip.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\WshRm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\WshRm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\wshisn.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\wshisn.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 14336 c:\windows\system32\wship6.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14336 c:\windows\system32\wship6.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 65536 c:\windows\system32\wshext.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 65536 c:\windows\system32\wshext.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 28672 c:\windows\system32\wshcon.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 28672 c:\windows\system32\wshcon.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 81408 c:\windows\system32\wscsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 81408 c:\windows\system32\wscsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\wscntfy.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\wscntfy.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\ws2help.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\ws2help.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 32256 c:\windows\system32\wpnpinst.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 32256 c:\windows\system32\wpnpinst.exe
- 2005-08-03 16:29 . 2006-03-03 12:32 10752 c:\windows\system32\wpdtrace.dll
+ 2005-08-03 17:29 . 2006-03-03 13:32 10752 c:\windows\system32\wpdtrace.dll
- 2005-08-03 16:29 . 2006-03-03 12:33 66560 c:\windows\system32\wpdmtpus.dll
+ 2005-08-03 17:29 . 2006-03-03 13:33 66560 c:\windows\system32\wpdmtpus.dll
+ 2005-08-03 17:29 . 2006-03-03 13:32 61952 c:\windows\system32\wpdconns.dll
- 2005-08-03 16:29 . 2006-03-03 12:32 61952 c:\windows\system32\wpdconns.dll
- 2005-08-03 16:29 . 2006-03-03 12:33 38912 c:\windows\system32\wpd_ci.dll
+ 2005-08-03 17:29 . 2006-03-03 13:33 38912 c:\windows\system32\wpd_ci.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 32256 c:\windows\system32\wpabaln.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 32256 c:\windows\system32\wpabaln.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\wowfaxui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\wowfaxui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 10368 c:\windows\system32\wowexec.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 10368 c:\windows\system32\wowexec.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 20480 c:\windows\system32\wmpui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 20480 c:\windows\system32\wmpui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 81920 c:\windows\system32\wmpshell.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 81920 c:\windows\system32\wmpshell.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 20480 c:\windows\system32\wmpcore.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 20480 c:\windows\system32\wmpcore.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 20480 c:\windows\system32\wmpcd.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 20480 c:\windows\system32\wmpcd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 55808 c:\windows\system32\wmiscmgr.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 55808 c:\windows\system32\wmiscmgr.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\wmiprop.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\wmiprop.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 51200 c:\windows\system32\wmerrenu.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 51200 c:\windows\system32\wmerrenu.dll
- 2001-12-05 03:00 . 2001-12-05 03:00 61440 c:\windows\system32\WMErrCSY.dll
+ 2001-12-05 04:00 . 2001-12-05 04:00 61440 c:\windows\system32\WMErrCSY.dll
- 2005-08-03 16:29 . 2005-08-03 16:29 37376 c:\windows\system32\WMDMPS.dll
+ 2005-08-03 17:29 . 2005-08-03 17:29 37376 c:\windows\system32\WMDMPS.dll
+ 2005-08-03 17:29 . 2005-08-03 17:29 29184 c:\windows\system32\WMDMLOG.dll
- 2005-08-03 16:29 . 2005-08-03 16:29 29184 c:\windows\system32\WMDMLOG.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 92672 c:\windows\system32\wlnotify.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 92672 c:\windows\system32\wlnotify.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\winstrm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\winstrm.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 53760 c:\windows\system32\winsta.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 53760 c:\windows\system32\winsta.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 17408 c:\windows\system32\winshfhc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 17408 c:\windows\system32\winshfhc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 99328 c:\windows\system32\winscard.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 99328 c:\windows\system32\winscard.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\winrnr.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\winrnr.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\winmsd.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\winmsd.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 32768 c:\windows\system32\winipsec.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 32768 c:\windows\system32\winipsec.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 35328 c:\windows\system32\winchat.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 35328 c:\windows\system32\winchat.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\win87em.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\win87em.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18432 c:\windows\system32\win.com
+ 2004-08-10 19:00 . 2004-08-10 19:00 18432 c:\windows\system32\win.com
+ 2004-08-10 19:00 . 2004-08-10 19:00 75776 c:\windows\system32\wiascr.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 75776 c:\windows\system32\wiascr.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13600 c:\windows\system32\wfwnet.drv
- 2004-08-10 18:00 . 2004-08-10 18:00 13600 c:\windows\system32\wfwnet.drv
+ 2004-08-10 19:00 . 2004-08-10 19:00 65536 c:\windows\system32\wextract.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 65536 c:\windows\system32\wextract.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 40448 c:\windows\system32\webhits.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 40448 c:\windows\system32\webhits.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 67584 c:\windows\system32\webclnt.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 67584 c:\windows\system32\webclnt.dll
+ 2004-08-03 23:56 . 2004-08-03 23:56 23552 c:\windows\system32\wdmaud.drv
- 2004-08-03 22:56 . 2004-08-03 22:56 23552 c:\windows\system32\wdmaud.drv
+ 2004-08-10 19:00 . 2009-06-25 09:44 59392 c:\windows\system32\wdigest.dll
- 2004-08-10 18:00 . 2009-06-25 08:44 59392 c:\windows\system32\wdigest.dll
+ 2005-08-03 17:29 . 2005-08-03 17:29 38912 c:\windows\system32\wdfmgr.exe
- 2005-08-03 16:29 . 2005-08-03 16:29 38912 c:\windows\system32\wdfmgr.exe
- 2005-08-03 16:29 . 2005-08-03 16:29 15872 c:\windows\system32\wdfapi.dll
+ 2005-08-03 17:29 . 2005-08-03 17:29 15872 c:\windows\system32\wdfapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45568 c:\windows\system32\wbem\xml\wmi2xml.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 45568 c:\windows\system32\wbem\xml\wmi2xml.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 95232 c:\windows\system32\wbem\wmiutils.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 95232 c:\windows\system32\wbem\wmiutils.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 52224 c:\windows\system32\wbem\wmitimep.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 52224 c:\windows\system32\wbem\wmitimep.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 41472 c:\windows\system32\wbem\wmipsess.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 41472 c:\windows\system32\wbem\wmipsess.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 62976 c:\windows\system32\wbem\wmipjobj.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 62976 c:\windows\system32\wbem\wmipjobj.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 62464 c:\windows\system32\wbem\wmipiprt.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 62464 c:\windows\system32\wbem\wmipiprt.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 75264 c:\windows\system32\wbem\wmipicmp.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 75264 c:\windows\system32\wbem\wmipicmp.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 61440 c:\windows\system32\wbem\wmimsg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 61440 c:\windows\system32\wbem\wmimsg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 60928 c:\windows\system32\wbem\wmicookr.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 60928 c:\windows\system32\wbem\wmicookr.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 89088 c:\windows\system32\wbem\wmiaprpl.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 89088 c:\windows\system32\wbem\wmiaprpl.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16384 c:\windows\system32\wbem\winmgmtr.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 16384 c:\windows\system32\wbem\winmgmtr.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\wbem\winmgmt.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\wbem\winmgmt.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 43520 c:\windows\system32\wbem\wbemsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\wbem\wbemprox.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\wbem\wbemprox.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 43008 c:\windows\system32\wbem\wbemperf.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 43008 c:\windows\system32\wbem\wbemperf.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 71680 c:\windows\system32\wbem\wbemcons.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 71680 c:\windows\system32\wbem\wbemcons.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 12288 c:\windows\system32\wbem\wbemads.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 12288 c:\windows\system32\wbem\wbemads.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\wbem\unsecapp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\wbem\unsecapp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 59904 c:\windows\system32\wbem\trnsprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 59904 c:\windows\system32\wbem\trnsprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 61952 c:\windows\system32\wbem\tmplprov.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 61952 c:\windows\system32\wbem\tmplprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 86528 c:\windows\system32\wbem\stdprov.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 86528 c:\windows\system32\wbem\stdprov.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 40960 c:\windows\system32\wbem\smtpcons.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 40960 c:\windows\system32\wbem\smtpcons.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 36864 c:\windows\system32\wbem\scrcons.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 36864 c:\windows\system32\wbem\scrcons.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 92672 c:\windows\system32\wbem\policman.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 92672 c:\windows\system32\wbem\policman.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 47104 c:\windows\system32\wbem\ncprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 47104 c:\windows\system32\wbem\ncprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16384 c:\windows\system32\wbem\mofcomp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16384 c:\windows\system32\wbem\mofcomp.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 24576 c:\windows\system32\wbem\krnlprov.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 24576 c:\windows\system32\wbem\krnlprov.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 53248 c:\windows\system32\wbem\fwdprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 53248 c:\windows\system32\wbem\fwdprov.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 22016 c:\windows\system32\wbem\evntrprv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 22016 c:\windows\system32\wbem\evntrprv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45568 c:\windows\system32\wbem\CmdEvTgProv.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 45568 c:\windows\system32\wbem\CmdEvTgProv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 17664 c:\windows\system32\watchdog.sys
+ 2004-08-10 19:00 . 2004-08-10 19:00 17664 c:\windows\system32\watchdog.sys
+ 2004-08-10 19:00 . 2004-08-10 19:00 15872 c:\windows\system32\w3ssl.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15872 c:\windows\system32\w3ssl.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 22016 c:\windows\system32\w32topl.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 22016 c:\windows\system32\w32topl.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49664 c:\windows\system32\w32tm.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 49664 c:\windows\system32\w32tm.exe
+ 2010-02-24 13:40 . 2009-04-28 20:20 96752 c:\windows\system32\vxblock.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 19456 c:\windows\system32\vwipxspx.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19456 c:\windows\system32\vwipxspx.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 33792 c:\windows\system32\vssadmin.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 33792 c:\windows\system32\vssadmin.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\vss_ps.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\vss_ps.dll
+ 1995-10-27 15:41 . 1995-10-27 15:41 62464 c:\windows\system32\VSPELL32.DLL
- 2004-08-10 18:00 . 2004-08-10 18:00 18176 c:\windows\system32\vga64k.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18176 c:\windows\system32\vga64k.dll

[alesholoska]

- 2004-08-10 18:00 . 2004-08-10 18:00 51456 c:\windows\system32\vga256.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 51456 c:\windows\system32\vga256.dll
+ 2009-03-09 10:32 . 2004-08-03 23:56 53760 c:\windows\system32\vfwwdm32.dll
- 2009-03-09 09:32 . 2004-08-03 22:56 53760 c:\windows\system32\vfwwdm32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 20535 c:\windows\system32\vfpodbc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 20535 c:\windows\system32\vfpodbc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\version.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\version.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 98304 c:\windows\system32\verifier.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 98304 c:\windows\system32\verifier.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\verifier.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\verifier.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 51712 c:\windows\system32\vdmredir.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 51712 c:\windows\system32\vdmredir.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 26112 c:\windows\system32\vdmdbg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 26112 c:\windows\system32\vdmdbg.dll
- 2006-07-24 08:50 . 2006-07-24 08:50 47920 c:\windows\system32\VBAME.DLL
+ 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\system32\VBAME.DLL
- 2004-08-10 18:00 . 2004-08-10 18:00 30749 c:\windows\system32\vbajet32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 30749 c:\windows\system32\vbajet32.dll
- 2005-08-03 16:29 . 2005-08-03 16:29 47104 c:\windows\system32\uwdf.exe
+ 2005-08-03 17:29 . 2005-08-03 17:29 47104 c:\windows\system32\uwdf.exe
+ 2004-08-10 19:00 . 2006-10-04 09:48 50176 c:\windows\system32\utilman.exe
- 2004-08-10 18:00 . 2006-10-04 08:48 50176 c:\windows\system32\utilman.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 25600 c:\windows\system32\utildll.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 25600 c:\windows\system32\utildll.dll
+ 2009-12-24 19:40 . 2001-05-24 02:58 36864 c:\windows\system32\UTBLFILT.DLL
- 2004-08-10 18:00 . 2004-08-10 18:00 49211 c:\windows\system32\usrvpa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49211 c:\windows\system32\usrvpa.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45116 c:\windows\system32\usrvoica.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 45116 c:\windows\system32\usrvoica.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 49209 c:\windows\system32\usrv80a.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49209 c:\windows\system32\usrv80a.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 41019 c:\windows\system32\usrsvpia.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 41019 c:\windows\system32\usrsvpia.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 69700 c:\windows\system32\usrshuta.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 69700 c:\windows\system32\usrshuta.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 49211 c:\windows\system32\usrsdpia.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 49211 c:\windows\system32\usrsdpia.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 77883 c:\windows\system32\usrrtosa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 77883 c:\windows\system32\usrrtosa.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 61508 c:\windows\system32\usrprbda.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 61508 c:\windows\system32\usrprbda.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 77891 c:\windows\system32\usrmlnka.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 77891 c:\windows\system32\usrmlnka.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 53305 c:\windows\system32\usrlbva.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 53305 c:\windows\system32\usrlbva.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 86073 c:\windows\system32\usrfaxa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 86073 c:\windows\system32\usrfaxa.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 77890 c:\windows\system32\usrdpa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 77890 c:\windows\system32\usrdpa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 69699 c:\windows\system32\usrcoina.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 69699 c:\windows\system32\usrcoina.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 61500 c:\windows\system32\usrcntra.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 61500 c:\windows\system32\usrcntra.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\usmt\log.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\usmt\log.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 47872 c:\windows\system32\user.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 47872 c:\windows\system32\user.exe
- 2004-08-03 22:56 . 2004-08-03 22:56 74240 c:\windows\system32\usbui.dll
+ 2004-08-03 23:56 . 2004-08-03 23:56 74240 c:\windows\system32\usbui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\usbmon.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\usbmon.dll
- 2003-02-21 03:16 . 2003-02-21 03:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
+ 2003-02-21 04:16 . 2003-02-21 04:16 49152 c:\windows\system32\URTTEMP\regtlib.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 37888 c:\windows\system32\url.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 37888 c:\windows\system32\url.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 17920 c:\windows\system32\ureg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 17920 c:\windows\system32\ureg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18432 c:\windows\system32\ups.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 18432 c:\windows\system32\ups.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\upnpcont.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\upnpcont.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\uniplat.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\uniplat.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 74240 c:\windows\system32\unimdmat.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 74240 c:\windows\system32\unimdmat.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 76288 c:\windows\system32\uniime.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 76288 c:\windows\system32\uniime.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\umdmxfrm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\umdmxfrm.dll
- 2004-08-10 18:00 . 2006-10-04 13:33 35840 c:\windows\system32\umandlg.dll
+ 2004-08-10 19:00 . 2006-10-04 14:33 35840 c:\windows\system32\umandlg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 82432 c:\windows\system32\ufat.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 82432 c:\windows\system32\ufat.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 25600 c:\windows\system32\udhisapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 25600 c:\windows\system32\udhisapi.dll
- 2008-10-22 09:47 . 2009-07-14 11:03 46080 c:\windows\system32\tzchange.exe
+ 2008-10-22 10:47 . 2010-01-23 08:11 46080 c:\windows\system32\tzchange.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 36352 c:\windows\system32\typeperf.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 36352 c:\windows\system32\typeperf.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 44032 c:\windows\system32\twext.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 44032 c:\windows\system32\twext.dll
+ 2008-07-29 20:10 . 2008-07-29 20:10 26112 c:\windows\system32\TsWpfWrp.exe
- 2008-07-29 19:10 . 2008-07-29 19:10 26112 c:\windows\system32\TsWpfWrp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\tsshutdn.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\tsshutdn.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16384 c:\windows\system32\tskill.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16384 c:\windows\system32\tskill.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\tsdiscon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\tsdiscon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 12168 c:\windows\system32\tsddd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 12168 c:\windows\system32\tsddd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15360 c:\windows\system32\tsd32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 15360 c:\windows\system32\tsd32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 44544 c:\windows\system32\tscupgrd.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 44544 c:\windows\system32\tscupgrd.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\tscon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\tscon.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 93696 c:\windows\system32\tscfgwmi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 93696 c:\windows\system32\tscfgwmi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 52224 c:\windows\system32\tsappcmp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 52224 c:\windows\system32\tsappcmp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 90624 c:\windows\system32\trkwks.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 90624 c:\windows\system32\trkwks.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 11264 c:\windows\system32\tree.com
+ 2004-08-10 19:00 . 2004-08-10 19:00 11264 c:\windows\system32\tree.com
- 2004-08-10 18:00 . 2004-08-10 18:00 31232 c:\windows\system32\traffic.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 31232 c:\windows\system32\traffic.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 31744 c:\windows\system32\tracert6.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 31744 c:\windows\system32\tracert6.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 12288 c:\windows\system32\tracert.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 12288 c:\windows\system32\tracert.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13888 c:\windows\system32\toolhelp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13888 c:\windows\system32\toolhelp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 73216 c:\windows\system32\tlntsvr.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 73216 c:\windows\system32\tlntsvr.exe
- 2004-08-10 18:00 . 2009-06-12 11:50 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-10 19:00 . 2009-06-12 12:50 80896 c:\windows\system32\tlntsess.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 61440 c:\windows\system32\tlntadmn.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 61440 c:\windows\system32\tlntadmn.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\tftp.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\tftp.exe
- 2004-08-10 18:00 . 2009-06-12 11:50 76288 c:\windows\system32\telnet.exe
+ 2004-08-10 19:00 . 2009-06-12 12:50 76288 c:\windows\system32\telnet.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 19456 c:\windows\system32\tcpsvcs.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 19456 c:\windows\system32\tcpsvcs.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 45568 c:\windows\system32\tcpmonui.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45568 c:\windows\system32\tcpmonui.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45568 c:\windows\system32\tcpmon.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 45568 c:\windows\system32\tcpmon.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\tcpmib.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\tcpmib.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 12288 c:\windows\system32\tcmsetup.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 12288 c:\windows\system32\tcmsetup.exe
+ 2009-12-24 19:40 . 2008-10-31 09:15 77472 c:\windows\system32\Tblfunc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 15360 c:\windows\system32\taskman.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 15360 c:\windows\system32\taskman.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 72192 c:\windows\system32\tasklist.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 72192 c:\windows\system32\tasklist.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 72192 c:\windows\system32\taskkill.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 72192 c:\windows\system32\taskkill.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 78848 c:\windows\system32\tapiui.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 78848 c:\windows\system32\tapiui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 19200 c:\windows\system32\tapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19200 c:\windows\system32\tapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 68096 c:\windows\system32\systeminfo.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 68096 c:\windows\system32\systeminfo.exe
+ 2006-01-19 17:19 . 2006-04-18 18:54 49152 c:\windows\system32\SysMonitor.exe
- 2006-01-19 16:19 . 2006-04-18 17:54 49152 c:\windows\system32\SysMonitor.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 36864 c:\windows\system32\syskey.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 36864 c:\windows\system32\syskey.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 15872 c:\windows\system32\sysinv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15872 c:\windows\system32\sysinv.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18896 c:\windows\system32\sysedit.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 18896 c:\windows\system32\sysedit.exe
+ 2009-03-16 11:28 . 2006-03-03 12:08 69722 c:\windows\system32\SynTPFcs.dll
- 2009-03-16 10:28 . 2006-03-03 11:08 69722 c:\windows\system32\SynTPFcs.dll
- 2009-03-16 10:28 . 2006-03-03 11:10 81920 c:\windows\system32\SynTPCo2.dll
+ 2009-03-16 11:28 . 2006-03-03 12:10 81920 c:\windows\system32\SynTPCo2.dll
- 2009-03-16 10:28 . 2006-03-03 10:55 94298 c:\windows\system32\SynTPAPI.dll
+ 2009-03-16 11:28 . 2006-03-03 11:55 94298 c:\windows\system32\SynTPAPI.dll
- 2009-06-04 17:04 . 2002-11-25 06:36 45056 c:\windows\system32\Synsopos.exe
+ 2009-06-04 18:04 . 2002-11-25 07:36 45056 c:\windows\system32\Synsopos.exe
- 2009-03-16 10:28 . 2006-03-03 10:55 82013 c:\windows\system32\SynCOM.dll
+ 2009-03-16 11:28 . 2006-03-03 11:55 82013 c:\windows\system32\SynCOM.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 57856 c:\windows\system32\synceng.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 57856 c:\windows\system32\synceng.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 51200 c:\windows\system32\syncapp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 51200 c:\windows\system32\syncapp.exe
+ 2004-08-10 19:00 . 2009-10-21 06:00 75776 c:\windows\system32\strmfilt.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 75776 c:\windows\system32\strmfilt.dll
+ 2004-08-03 23:56 . 2004-08-03 23:56 74752 c:\windows\system32\storprop.dll
- 2004-08-03 22:56 . 2004-08-03 22:56 74752 c:\windows\system32\storprop.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\stimon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\stimon.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 67584 c:\windows\system32\sti.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 67584 c:\windows\system32\sti.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 54272 c:\windows\system32\stclient.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 54272 c:\windows\system32\stclient.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14336 c:\windows\system32\ssstars.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 14336 c:\windows\system32\ssstars.scr
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\ssmyst.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\ssmyst.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 47104 c:\windows\system32\ssmypics.scr
- 2004-08-10 18:00 . 2004-08-10 18:00 47104 c:\windows\system32\ssmypics.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 20992 c:\windows\system32\ssmarque.scr
- 2004-08-10 18:00 . 2004-08-10 18:00 20992 c:\windows\system32\ssmarque.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 71680 c:\windows\system32\ssdpsrv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 71680 c:\windows\system32\ssdpsrv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 34816 c:\windows\system32\ssdpapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 34816 c:\windows\system32\ssdpapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\ssbezier.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\ssbezier.scr
+ 2004-08-10 19:00 . 2004-08-10 19:00 96768 c:\windows\system32\srvsvc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 96768 c:\windows\system32\srvsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 67584 c:\windows\system32\srclient.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 67584 c:\windows\system32\srclient.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 49179 c:\windows\system32\sqlwoa.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49179 c:\windows\system32\sqlwoa.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 24603 c:\windows\system32\sqlwid.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 24603 c:\windows\system32\sqlwid.dll
+ 2008-11-24 21:31 . 2008-11-24 21:31 65888 c:\windows\system32\sqlctr90.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 24661 c:\windows\system32\spxcoins.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 24661 c:\windows\system32\spxcoins.dll
- 2005-10-13 10:22 . 2008-05-06 14:16 26488 c:\windows\system32\spupdsvc.exe
+ 2005-10-13 11:22 . 2008-05-06 15:16 26488 c:\windows\system32\spupdsvc.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 72192 c:\windows\system32\sprio800.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 72192 c:\windows\system32\sprio800.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 70656 c:\windows\system32\sprio600.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 74752 c:\windows\system32\spoolss.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 74752 c:\windows\system32\spoolss.dll
+ 2009-03-16 18:30 . 2006-10-26 18:56 33104 c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
- 2009-03-16 17:30 . 2006-10-26 17:56 33104 c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
+ 2009-08-25 07:16 . 2008-07-06 13:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
- 2009-08-25 06:16 . 2008-07-06 12:06 89088 c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
+ 2009-03-16 18:30 . 2008-11-10 10:41 67472 c:\windows\system32\spool\drivers\w32x86\msonpui.dll
+ 2009-03-16 18:30 . 2008-11-10 10:41 67472 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 27136 c:\windows\system32\spool\drivers\w32x86\3\FXSDRV.DLL
+ 2004-08-10 19:00 . 2004-08-10 19:00 27136 c:\windows\system32\spool\drivers\w32x86\3\FXSDRV.DLL
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\spnpinst.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\spnpinst.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 69632 c:\windows\system32\spnike.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 69632 c:\windows\system32\spnike.dll
+ 2009-03-16 11:35 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
- 2009-03-16 10:35 . 2008-07-08 13:02 17272 c:\windows\system32\spmsg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 12800 c:\windows\system32\spiisupd.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 12800 c:\windows\system32\spiisupd.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 23552 c:\windows\system32\sort.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 23552 c:\windows\system32\sort.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 56832 c:\windows\system32\sol.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 56832 c:\windows\system32\sol.exe
+ 2009-10-02 06:05 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
- 2009-10-02 05:05 . 2009-08-06 17:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
- 2009-10-02 05:05 . 2009-08-06 17:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-10-02 06:05 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2009-03-16 14:38 . 2008-10-16 13:08 34328 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
- 2009-03-16 13:38 . 2008-10-16 12:08 34328 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\snmpapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\snmpapi.dll
+ 2009-05-23 08:37 . 2001-08-17 21:36 12288 c:\windows\system32\smtpctrs.dll
- 2009-05-23 07:37 . 2001-08-17 20:36 12288 c:\windows\system32\smtpctrs.dll
- 2009-05-23 07:34 . 2004-08-10 18:00 10752 c:\windows\system32\smtpapi.dll
+ 2009-05-23 08:34 . 2004-08-10 19:00 10752 c:\windows\system32\smtpapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50688 c:\windows\system32\smss.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 50688 c:\windows\system32\smss.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 89600 c:\windows\system32\smlogsvc.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 89600 c:\windows\system32\smlogsvc.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\slbrccsp.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\slbrccsp.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 98304 c:\windows\system32\slbiop.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 98304 c:\windows\system32\slbiop.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 25088 c:\windows\system32\slayerxp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 25088 c:\windows\system32\slayerxp.dll
- 2007-09-03 13:49 . 2007-09-03 13:49 41049 c:\windows\system32\skypeagent.dll
+ 2007-09-03 14:49 . 2007-09-03 14:49 41049 c:\windows\system32\skypeagent.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 26112 c:\windows\system32\skeys.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 26112 c:\windows\system32\skeys.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\sisbkup.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\sisbkup.dll
+ 2009-07-26 15:44 . 2009-07-26 15:44 48448 c:\windows\system32\sirenacm.dll
- 2009-07-26 14:44 . 2009-07-26 14:44 48448 c:\windows\system32\sirenacm.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 70144 c:\windows\system32\sigverif.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 70144 c:\windows\system32\sigverif.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\sigtab.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\sigtab.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19456 c:\windows\system32\shutdown.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 19456 c:\windows\system32\shutdown.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 27648 c:\windows\system32\shscrap.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 27648 c:\windows\system32\shscrap.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 77824 c:\windows\system32\shrpubw.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 77824 c:\windows\system32\shrpubw.exe
+ 2006-03-08 16:10 . 2006-03-08 16:10 65536 c:\windows\system32\ShowErrMsg.dll
- 2006-03-08 15:10 . 2006-03-08 15:10 65536 c:\windows\system32\ShowErrMsg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 42496 c:\windows\system32\shmgrate.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 42496 c:\windows\system32\shmgrate.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 65536 c:\windows\system32\shimeng.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 65536 c:\windows\system32\shimeng.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 68096 c:\windows\system32\shgina.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 68096 c:\windows\system32\shgina.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 25088 c:\windows\system32\shfolder.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 25088 c:\windows\system32\shfolder.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\shadow.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\shadow.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 23552 c:\windows\system32\sfmapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 23552 c:\windows\system32\sfmapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11753 c:\windows\system32\setver.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 11753 c:\windows\system32\setver.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 33792 c:\windows\system32\Setup\tabletoc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 33792 c:\windows\system32\Setup\tabletoc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 27136 c:\windows\system32\Setup\plusoc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 27136 c:\windows\system32\Setup\plusoc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 17408 c:\windows\system32\Setup\ocmsn.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 17408 c:\windows\system32\Setup\ocmsn.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 15872 c:\windows\system32\Setup\ocgen.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15872 c:\windows\system32\Setup\ocgen.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 62976 c:\windows\system32\Setup\ntoc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 62976 c:\windows\system32\Setup\ntoc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 77312 c:\windows\system32\Setup\netoc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 77312 c:\windows\system32\Setup\netoc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 15360 c:\windows\system32\Setup\msgrocm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15360 c:\windows\system32\Setup\msgrocm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 82432 c:\windows\system32\Setup\msdtcstp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 82432 c:\windows\system32\Setup\msdtcstp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 25088 c:\windows\system32\Setup\medctroc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 25088 c:\windows\system32\Setup\medctroc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 32828 c:\windows\system32\Setup\fp40ext.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 32828 c:\windows\system32\Setup\fp40ext.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 24576 c:\windows\system32\Setup\ehOCGen.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 24576 c:\windows\system32\Setup\ehOCGen.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 23040 c:\windows\system32\setup.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 23040 c:\windows\system32\setup.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 31232 c:\windows\system32\sethc.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 31232 c:\windows\system32\sethc.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\serwvdrv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\serwvdrv.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 56320 c:\windows\system32\servdeps.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 56320 c:\windows\system32\servdeps.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 14336 c:\windows\system32\serialui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 14336 c:\windows\system32\serialui.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\senscfg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\senscfg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 38912 c:\windows\system32\sens.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 38912 c:\windows\system32\sens.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 55296 c:\windows\system32\sendmail.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 55296 c:\windows\system32\sendmail.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 29184 c:\windows\system32\sendcmsg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 29184 c:\windows\system32\sendcmsg.dll
+ 2004-08-10 19:00 . 2009-06-25 09:44 56320 c:\windows\system32\secur32.dll
- 2004-08-10 18:00 . 2009-06-25 08:44 56320 c:\windows\system32\secur32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\seclogon.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\seclogon.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18432 c:\windows\system32\secedit.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 18432 c:\windows\system32\secedit.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 29184 c:\windows\system32\sdhcinst.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 29184 c:\windows\system32\sdhcinst.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 77312 c:\windows\system32\sdbinst.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 77312 c:\windows\system32\sdbinst.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 10240 c:\windows\system32\scriptpw.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 10240 c:\windows\system32\scriptpw.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 26624 c:\windows\system32\scredir.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 26624 c:\windows\system32\scredir.dll
- 2006-07-24 08:50 . 2006-07-24 08:50 39728 c:\windows\system32\SCP32.DLL
+ 2006-07-24 09:50 . 2006-07-24 09:50 39728 c:\windows\system32\SCP32.DLL
+ 2004-08-10 19:00 . 2004-08-10 19:00 20992 c:\windows\system32\sclgntfy.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 20992 c:\windows\system32\sclgntfy.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 95744 c:\windows\system32\scardsvr.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 95744 c:\windows\system32\scardsvr.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 69632 c:\windows\system32\scarddlg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 69632 c:\windows\system32\scarddlg.dll
- 2004-08-10 18:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
+ 2004-08-10 19:00 . 2009-02-06 17:54 35328 c:\windows\system32\sc.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 13312 c:\windows\system32\savedump.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13312 c:\windows\system32\savedump.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 64000 c:\windows\system32\samlib.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 64000 c:\windows\system32\samlib.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 45568 c:\windows\system32\safrslv.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 45568 c:\windows\system32\safrslv.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 29696 c:\windows\system32\safrdm.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 29696 c:\windows\system32\safrdm.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 43520 c:\windows\system32\safrcdlg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 43520 c:\windows\system32\safrcdlg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15872 c:\windows\system32\rwinsta.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 15872 c:\windows\system32\rwinsta.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 14336 c:\windows\system32\runonce.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 14336 c:\windows\system32\runonce.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 33280 c:\windows\system32\rundll32.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 33280 c:\windows\system32\rundll32.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16384 c:\windows\system32\runas.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 16384 c:\windows\system32\runas.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 44032 c:\windows\system32\rtutils.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 44032 c:\windows\system32\rtutils.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 98304 c:\windows\system32\rtm.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 98304 c:\windows\system32\rtm.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 31744 c:\windows\system32\rtipxmib.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 31744 c:\windows\system32\rtipxmib.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 77312 c:\windows\system32\rtcshare.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 77312 c:\windows\system32\rtcshare.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 90112 c:\windows\system32\rsvpsp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 90112 c:\windows\system32\rsvpsp.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 23552 c:\windows\system32\rsvpmsg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 23552 c:\windows\system32\rsvpmsg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 62976 c:\windows\system32\rsopprov.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 62976 c:\windows\system32\rsopprov.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 49152 c:\windows\system32\rsmui.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 49152 c:\windows\system32\rsmui.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 24576 c:\windows\system32\rsmsink.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 24576 c:\windows\system32\rsmsink.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\rsmps.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\rsmps.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49152 c:\windows\system32\rsm.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 49152 c:\windows\system32\rsm.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 39936 c:\windows\system32\rshx32.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 39936 c:\windows\system32\rshx32.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 14848 c:\windows\system32\rsh.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 14848 c:\windows\system32\rsh.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 28672 c:\windows\system32\rsfsaps.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 28672 c:\windows\system32\rsfsaps.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 22016 c:\windows\system32\rpcns4.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 22016 c:\windows\system32\rpcns4.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 25600 c:\windows\system32\routemon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 25600 c:\windows\system32\routemon.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\route.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\route.exe
+ 1998-07-05 23:00 . 1998-07-05 23:00 36352 c:\windows\system32\RCHTXDE.DLL
- 1998-07-05 22:00 . 1998-07-05 22:00 36352 c:\windows\system32\RCHTXDE.DLL
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\rexec.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\rexec.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 58880 c:\windows\system32\resutils.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 58880 c:\windows\system32\resutils.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 47104 c:\windows\system32\Restore\srdiag.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 47104 c:\windows\system32\Restore\srdiag.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 12800 c:\windows\system32\replace.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 12800 c:\windows\system32\replace.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 60416 c:\windows\system32\remotepg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 60416 c:\windows\system32\remotepg.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 32768 c:\windows\system32\relog.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 32768 c:\windows\system32\relog.exe
+ 2009-03-16 11:30 . 2004-08-10 19:00 52736 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\i8042prt.sys
- 2009-03-16 10:30 . 2004-08-10 18:00 52736 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\i8042prt.sys
+ 2009-03-16 11:29 . 2004-08-03 21:58 23040 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\mouclass.sys
- 2009-03-16 10:29 . 2004-08-03 20:58 23040 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\mouclass.sys
+ 2009-03-16 11:29 . 2004-08-10 19:00 52736 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\i8042prt.sys
- 2009-03-16 10:29 . 2004-08-10 18:00 52736 c:\windows\system32\ReinstallBackups\0009\DriverFiles\i386\i8042prt.sys
+ 2009-03-16 11:27 . 2006-03-23 08:59 74752 c:\windows\system32\ReinstallBackups\0008\DriverFiles\ESM7SK.sys
- 2009-03-16 10:27 . 2006-03-23 07:59 74752 c:\windows\system32\ReinstallBackups\0008\DriverFiles\ESM7SK.sys
+ 2009-03-16 11:27 . 2006-03-23 08:59 61056 c:\windows\system32\ReinstallBackups\0007\DriverFiles\EMS7SK.sys
- 2009-03-16 10:27 . 2006-03-23 07:59 61056 c:\windows\system32\ReinstallBackups\0007\DriverFiles\EMS7SK.sys
- 2009-03-16 10:04 . 2005-10-05 14:57 12544 c:\windows\system32\ReinstallBackups\0005\DriverFiles\mdmxsdk.sys
+ 2009-03-16 11:04 . 2005-10-05 15:57 12544 c:\windows\system32\ReinstallBackups\0005\DriverFiles\mdmxsdk.sys
+ 2009-03-16 11:04 . 2005-10-05 15:56 86016 c:\windows\system32\ReinstallBackups\0005\DriverFiles\mdmxsdk.dll
- 2009-03-16 10:04 . 2005-10-05 14:56 86016 c:\windows\system32\ReinstallBackups\0005\DriverFiles\mdmxsdk.dll
+ 2009-03-16 10:59 . 2006-02-20 16:00 86016 c:\windows\system32\ReinstallBackups\0004\DriverFiles\SOUNDMAN.EXE
- 2009-03-16 09:59 . 2006-02-20 15:00 86016 c:\windows\system32\ReinstallBackups\0004\DriverFiles\SOUNDMAN.EXE
+ 2009-03-16 10:59 . 2004-08-03 23:56 23552 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\wdmaud.drv
- 2009-03-16 09:59 . 2004-08-03 22:56 23552 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\wdmaud.drv
- 2009-03-16 09:59 . 2004-08-03 21:08 48640 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\stream.sys
+ 2009-03-16 10:59 . 2004-08-03 22:08 48640 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\stream.sys
- 2009-03-16 09:59 . 2004-08-03 21:08 60288 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\drmk.sys
+ 2009-03-16 10:59 . 2004-08-03 22:08 60288 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\drmk.sys
+ 2004-08-10 19:00 . 2004-08-10 19:00 35328 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\processr.sys
- 2004-08-10 18:00 . 2004-08-10 18:00 35328 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\processr.sys
+ 2009-03-16 11:27 . 2006-03-23 08:59 37888 c:\windows\system32\ReinstallBackups\0002\DriverFiles\ESD7SK.sys
- 2009-03-16 10:27 . 2006-03-23 07:59 37888 c:\windows\system32\ReinstallBackups\0002\DriverFiles\ESD7SK.sys
- 2009-03-16 10:34 . 2006-04-27 07:41 77824 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2009-03-16 11:34 . 2006-04-27 08:41 77824 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Oemdspif.dll
+ 2001-08-17 12:51 . 2001-08-17 12:51 18688 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\irsir.sys
- 2001-08-17 11:51 . 2001-08-17 11:51 18688 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\irsir.sys
- 2009-03-16 10:34 . 2001-11-09 09:01 24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
+ 2009-03-16 11:34 . 2001-11-09 10:01 24064 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ativcoxx.dll
- 2009-03-16 10:34 . 2006-04-27 07:11 17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2009-03-16 11:34 . 2006-04-27 08:11 17408 c:\windows\system32\ReinstallBackups\0001\DriverFiles\atitvo32.dll
+ 2009-03-16 11:34 . 2006-04-27 08:39 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
- 2009-03-16 10:34 . 2006-04-27 07:39 53248 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ATIDDC.DLL
+ 2009-03-16 11:34 . 2006-04-27 08:41 26112 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
- 2009-03-16 10:34 . 2006-04-27 07:41 26112 c:\windows\system32\ReinstallBackups\0001\DriverFiles\Ati2mdxx.exe
+ 2009-03-16 11:34 . 2006-04-27 08:41 61440 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
- 2009-03-16 10:34 . 2006-04-27 07:41 61440 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2evxx.dll
- 2009-03-16 10:34 . 2006-04-27 07:05 40960 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2009-03-16 11:34 . 2006-04-27 08:05 40960 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2erec.dll
+ 2009-03-16 11:34 . 2006-04-27 08:41 41984 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
- 2009-03-16 10:34 . 2006-04-27 07:41 41984 c:\windows\system32\ReinstallBackups\0001\DriverFiles\ati2edxx.dll
- 2006-04-27 07:41 . 2006-04-27 07:41 77824 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2006-04-27 08:41 . 2006-04-27 08:41 77824 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Oemdspif.dll
+ 2001-11-09 10:01 . 2001-11-09 10:01 24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
- 2001-11-09 09:01 . 2001-11-09 09:01 24064 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ativcoxx.dll
+ 2006-04-27 08:11 . 2006-04-27 08:11 17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
- 2006-04-27 07:11 . 2006-04-27 07:11 17408 c:\windows\system32\ReinstallBackups\0000\DriverFiles\atitvo32.dll
+ 2006-04-27 08:39 . 2006-04-27 08:39 53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
- 2006-04-27 07:39 . 2006-04-27 07:39 53248 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ATIDDC.DLL
- 2006-04-27 07:41 . 2006-04-27 07:41 26112 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
+ 2006-04-27 08:41 . 2006-04-27 08:41 26112 c:\windows\system32\ReinstallBackups\0000\DriverFiles\Ati2mdxx.exe
- 2006-04-27 07:41 . 2006-04-27 07:41 61440 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
+ 2006-04-27 08:41 . 2006-04-27 08:41 61440 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2evxx.dll
- 2006-04-27 07:05 . 2006-04-27 07:05 40960 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
+ 2006-04-27 08:05 . 2006-04-27 08:05 40960 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2erec.dll
- 2006-04-27 07:41 . 2006-04-27 07:41 41984 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2006-04-27 08:41 . 2006-04-27 08:41 41984 c:\windows\system32\ReinstallBackups\0000\DriverFiles\ati2edxx.dll
+ 2009-05-23 08:37 . 2001-08-17 21:36 23040 c:\windows\system32\regtrace.exe
- 2009-05-23 07:37 . 2001-08-17 20:36 23040 c:\windows\system32\regtrace.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\regsvr32.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\regsvr32.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 59904 c:\windows\system32\regsvc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 59904 c:\windows\system32\regsvc.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 33792 c:\windows\system32\regini.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 33792 c:\windows\system32\regini.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 49664 c:\windows\system32\regapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 49664 c:\windows\system32\regapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 50176 c:\windows\system32\reg.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 50176 c:\windows\system32\reg.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 67072 c:\windows\system32\rdshost.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 67072 c:\windows\system32\rdshost.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 13824 c:\windows\system32\rdsaddin.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 13824 c:\windows\system32\rdsaddin.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 87176 c:\windows\system32\rdpwsx.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 87176 c:\windows\system32\rdpwsx.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 19968 c:\windows\system32\rdpsnd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 19968 c:\windows\system32\rdpsnd.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 92168 c:\windows\system32\rdpdd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 92168 c:\windows\system32\rdpdd.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 62464 c:\windows\system32\rdpclip.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 62464 c:\windows\system32\rdpclip.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 21504 c:\windows\system32\rcp.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 21504 c:\windows\system32\rcp.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 35840 c:\windows\system32\rcimlby.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 35840 c:\windows\system32\rcimlby.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 58880 c:\windows\system32\rastapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 58880 c:\windows\system32\rastapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 12800 c:\windows\system32\rasser.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 12800 c:\windows\system32\rasser.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\rassapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\rassapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 23552 c:\windows\system32\rasrad.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 23552 c:\windows\system32\rasrad.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 56832 c:\windows\system32\rasphone.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 56832 c:\windows\system32\rasphone.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 22528 c:\windows\system32\rasmxs.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 22528 c:\windows\system32\rasmxs.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 61440 c:\windows\system32\rasman.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 61440 c:\windows\system32\rasman.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 69632 c:\windows\system32\raschap.dll
+ 2004-08-10 19:00 . 2009-10-12 13:54 69632 c:\windows\system32\raschap.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11264 c:\windows\system32\rasdial.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 11264 c:\windows\system32\rasdial.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\rasctrs.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\rasctrs.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 11776 c:\windows\system32\rasautou.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 11776 c:\windows\system32\rasautou.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 89088 c:\windows\system32\rasauto.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 89088 c:\windows\system32\rasauto.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 43520 c:\windows\system32\racpldlg.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 43520 c:\windows\system32\racpldlg.dll
- 2009-06-04 17:11 . 2005-06-04 07:08 87040 c:\windows\system32\ra32sipr.dll
+ 2009-06-04 18:11 . 2005-06-04 08:08 87040 c:\windows\system32\ra32sipr.dll
- 2009-06-04 17:11 . 2005-06-04 07:09 21504 c:\windows\system32\ra32dnet.dll
+ 2009-06-04 18:11 . 2005-06-04 08:09 21504 c:\windows\system32\ra32dnet.dll
+ 2009-06-04 18:11 . 2005-06-04 08:09 72704 c:\windows\system32\ra3228_8.dll
- 2009-06-04 17:11 . 2005-06-04 07:09 72704 c:\windows\system32\ra3228_8.dll
+ 2009-06-04 18:11 . 2005-06-04 08:09 81920 c:\windows\system32\ra3214_4.dll
- 2009-06-04 17:11 . 2005-06-04 07:09 81920 c:\windows\system32\ra3214_4.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 22016 c:\windows\system32\qwinsta.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 22016 c:\windows\system32\qwinsta.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 20480 c:\windows\system32\qprocess.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 20480 c:\windows\system32\qprocess.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 18944 c:\windows\system32\qmgrprxy.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 18944 c:\windows\system32\qmgrprxy.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 16896 c:\windows\system32\qappsrv.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 16896 c:\windows\system32\qappsrv.exe
+ 2010-02-24 13:40 . 2009-04-28 20:20 66032 c:\windows\system32\pxinsa64.exe
+ 2010-02-24 13:40 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2010-02-24 13:40 . 2009-04-28 20:20 66544 c:\windows\system32\pxcpya64.exe
+ 2004-08-10 19:00 . 2004-08-10 19:00 34304 c:\windows\system32\pstorsvc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 34304 c:\windows\system32\pstorsvc.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 43520 c:\windows\system32\pstorec.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 43520 c:\windows\system32\pstorec.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 10752 c:\windows\system32\pschdprf.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 10752 c:\windows\system32\pschdprf.dll
+ 2006-03-08 16:10 . 2006-03-08 16:10 61440 c:\windows\system32\PSDDips.dll
- 2006-03-08 15:10 . 2006-03-08 15:10 61440 c:\windows\system32\PSDDips.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 96768 c:\windows\system32\psbase.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 96768 c:\windows\system32\psbase.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 23040 c:\windows\system32\psapi.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 23040 c:\windows\system32\psapi.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 50176 c:\windows\system32\proquota.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 50176 c:\windows\system32\proquota.exe
- 2004-08-10 18:00 . 2004-08-10 18:00 27648 c:\windows\system32\profmap.dll
+ 2004-08-10 19:00 . 2004-08-10 19:00 27648 c:\windows\system32\profmap.dll
- 2004-08-10 18:00 . 2004-08-10 18:00 15860 c:\windows\system32\prnqctl.vbs
+ 2004-08-10 19:00 . 2004-08-10 19:00 15860 c:\windows\system32\prnqctl.vbs
+ 2004-08-10 19:00 . 2004-08-10 19:00 29454 c:\windows\system32\prnport.vbs
- 2004-08-10 18:00 . 2004-08-10 18:00 29454 c:\windows\system32\prnport.vbs

[motji]

Počkej chvilku, musím sehnat náhradní soubor

[motji]

Promin za zpoždění

Z přílohy si stahni soubor v raru, rozbal ho a soubor ulož přmo na disk C, tak aby cesta byla
c:\grpconv.exe

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

FCOPY::
c:\grpconv.exe | c:\windows\system32\grpconv.exe

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[motji]

Promin, ještě ta příloha

[riffman]

Preventivka? Předpokládám že když už umíš spustit combofix, že si sám vyluštíš i ten log

[motji]

Preventivka? Předpokládám že když už umíš spustit combofix, že si sám vyluštíš i ten log

Větu jsem špatně formulovala, tímto se omlouvám.
Všude píšeme, že combofix se nemá používat bez dozoru rádce. A když už byl použit, tak mohl dát alespon log, zvláště když má problémy s počítačem

[alesholoska]

Já ho nepoužil bez dozoru. Viz. http://www.viry.cz/forum/viewtopic.php?f=28&t=97998

Combofix už jsem spustil

[motji]

Tak to se Ti omlouvám, mohl jsi to napsat rovnou .
Pak sem vlož log