prosím o kontrolu logu HijackThis - zpomalený NTB Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 31 led 2012 12:41

Konfigurace : NTB Fujitsu AMILO Xi 1526 - Core 2 Duo T5600 1.83 GHz - 17" TFT, RAM 1.0 GB ( 2 x 512 MB ), Hard Drive 120.0 GB / 5400.0 rpm, MS Windows XP

Přikládám log z HJT a prosím o kontrolu a doporučení k nápravě a ke zrychlení NTB.
Předem děkuji.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:33:26, on 31.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CheckPoint\SecuRemote\bin\SR_GUI.Exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\CIEONE~2\bar\1.bin\0ebrmon.exe
C:\Program Files\RAM Idle LE\RAM_XP.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MRP\Tlaèový manažér\W_mrpprn.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\LINKMAGIC\LINKMAGIC.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kdpcr.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {f864ba3f-9878-458a-ba2b-dad32bcbc472} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4cbfd6a0-f21b-4d52-bf56-c57a37625141} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CieoNetUtilities_0e Browser Plugin Loader] C:\PROGRA~1\CIEONE~2\bar\1.bin\0ebrmon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RAM Idle Professional] C:\Program Files\RAM Idle LE\RAM_XP.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [W_MRPPRN] C:\Program Files\MRP\Tlaèový manažér\W_mrpprn.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Device Detector 2.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: LINKMAGIC.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} (CSigner Class) - https://www.vzp.cz/IISIPortal/docroot/p ... Signer.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: CieoNet UtilitiesService (CieoNetUtilities_0eService) - COMPANYVERS_NAME - C:\PROGRA~1\CIEONE~2\bar\1.bin\0ebarsvc.exe
O23 - Service: DM1Service - OLYMPUS Corporation - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Check Point VPN-1 Securemote service (SR_Service) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Service.exe
O23 - Service: Check Point VPN-1 Securemote watchdog (SR_Watchdog) - Check Point Software Technologies - C:\Program Files\CheckPoint\SecuRemote\bin\SR_Watchdog.exe

--
End of file - 9928 bytes

Reklama
Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod Žbeky » 31 led 2012 22:04

Odinstaluj google toolbar

Fixni:

Kód: Vybrat vše

R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {f864ba3f-9878-458a-ba2b-dad32bcbc472} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4cbfd6a0-f21b-4d52-bf56-c57a37625141} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} (CSigner Class) - https://www.vzp.cz/IISIPortal/docroot/p ... Signer.dll

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 31 led 2012 23:32

Přikládám log viz příloha.
Přílohy
AROscanlog.rar
Log Anti Malware
(167.72 KiB) Staženo 14 x

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod jaro3 » 31 led 2012 23:39

Vlož obsah logu sem a nikam to neposílej.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 01 úno 2012 10:01

Omlouvám se, log je příliš velký, nedá se sem přímo vložit jeho obsah, ani po částech.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod jaro3 » 01 úno 2012 19:36

To je tam tolik nákaz??
Zkus to sem dát stejně třeba na 10x, stáhnul jsem to , ale moudrý z toho nejsem je to nějak kodovaný..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 02 úno 2012 20:31

vkládám požadovaný log:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.02.02.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
FSC :: FSC-53D5B10589F [administrátor]

2.2.2012 20:13:10
mbam-log-2012-02-02 (20-28-03).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 181254
Uplynulý čas: 13 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 8
HKCR\CLSID\{c5818d18-4d28-4e42-bde6-1460f5d29628} (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{2a7e74c8-7cc3-4656-903b-c16b5419e393} (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{DF3A1434-9497-4938-8EED-C77C5493097B} (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SYSTEM\CurrentControlSet\Services\CieoNetUtilities_0eService (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CieoNetUtilities_0e Browser Plugin Loader (Adware.MyWebSearch) -> Data: C:\PROGRA~1\CIEONE~2\bar\1.bin\0ebrmon.exe -> Žádná instrukce nebyla provedena.
HKCU\Software\Microsoft|idln2 (Malware.Trace) -> Data: zclteqxadwvfwnyga1vldckrof2xulz -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 7
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebrstub.dll (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebrmon.exe (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0eauxstb.dll (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0eSrcAs.dll (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0edlghk.dll (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0eieovr.dll (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebarsvc.exe (Adware.MyWebSearch) -> Žádná instrukce nebyla provedena.

(konec)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod jaro3 » 03 úno 2012 08:23

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 05 úno 2012 10:21

Nový log po opětovném spuštění MbAM:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.02.02.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
FSC :: FSC-53D5B10589F [administrátor]

4.2.2012 18:01:24
mbam-log-2012-02-04 (18-01-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 183413
Uplynulý čas: 15 minut, 50 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKLM\SYSTEM\CurrentControlSet\Services\CieoNetUtilities_0eService (Adware.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Umístnění do karantény a smazání se zdařilo.
HKCR\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Umístnění do karantény a smazání se zdařilo.
HKCR\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|CieoNetUtilities_0e Browser Plugin Loader (Adware.MyWebSearch) -> Data: C:\PROGRA~1\CIEONE~2\bar\1.bin\0ebrmon.exe -> Umístnění do karantény a smazání se zdařilo.
HKCU\Software\Microsoft|idln2 (Malware.Trace) -> Data: zclteqxadwvfwnyga1vldckrof2xulz -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebrstub.dll (Adware.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebrmon.exe (Adware.MyWebSearch) -> Bude smazán při restartu.
C:\Program Files\CieoNetUtilities_0e\bar\1.bin\0ebarsvc.exe (Adware.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.

(konec)

Následné spuštění combofix:

Zhruba po půl hodine se mi zastavil systémový čas Windows, nechal jsem to ještě cca 2 hodiny, psalo to že vyhledává poškozené soubory, pravděpodobně se zasekl. Musel jsem dát tvrdý reset a restart, po restartu jse dal opět skenovat přes MbAM.
Tady je nejnovější log z MbAM, dle logu žádná nákaza, NTB se zrychlil:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.02.02.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
FSC :: FSC-53D5B10589F [administrátor]

4.2.2012 21:49:12
mbam-log-2012-02-04 (21-49-12).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 183351
Uplynulý čas: 16 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Uživatelský avatar
Žbeky
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 22288
Registrován: květen 08
Bydliště: Vsetín - Pardubice
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod Žbeky » 05 úno 2012 11:21

Udělej ten combofix
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.

HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 05 úno 2012 12:38

Pŕikládám log z Combofix - z důvodů jeho velikosti ve 2 částech:

ComboFix 12-02-05.01 - FSC 05.02.2012 11:59:51.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.719 [GMT 1:00]
Spuštěný z: c:\program files\Eset\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\system32\SETA920.tmp
c:\windows\system32\SETA92C.tmp
c:\windows\system32\SETA939.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-05 do 2012-02-05 )))))))))))))))))))))))))))))))
.
.
2012-02-02 19:12 . 2012-02-02 19:12 -------- d-----w- c:\documents and settings\FSC\Application Data\Malwarebytes
2012-02-02 19:11 . 2012-02-02 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-02-02 19:11 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-02 19:11 . 2012-02-02 19:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-31 21:40 . 2012-01-31 21:40 -------- d-----w- c:\documents and settings\FSC\Application Data\Sammsoft
2012-01-31 21:39 . 2012-01-31 21:39 -------- d-----w- c:\program files\ARO 2012
2012-01-31 10:26 . 2012-01-31 10:26 388096 ----a-r- c:\documents and settings\FSC\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-31 10:26 . 2012-01-31 10:26 -------- d-----w- c:\program files\Trend Micro
2012-01-30 20:23 . 2012-01-30 20:23 -------- d-----w- c:\program files\RAM Idle LE
2012-01-30 20:23 . 2002-09-22 11:42 17408 ----a-w- c:\windows\Shortcut.exe
2012-01-30 20:22 . 2012-01-30 20:22 912530 ----a-w- c:\program files\ramidlLE.exe
2012-01-30 20:02 . 2012-01-30 20:03 2997946 ----a-w- c:\program files\OCCTPT3.1.0.exe
2012-01-30 19:58 . 2012-01-30 19:58 -------- d-----w- c:\program files\gm692
2012-01-18 07:15 . 2012-01-18 07:15 -------- d-----w- c:\documents and settings\FSC\Local Settings\Application Data\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-04 17:18 . 2009-07-05 17:56 1409 ----a-w- c:\windows\QTFont.for
2012-02-04 16:21 . 2011-12-13 09:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-30 21:51 . 2011-11-30 21:50 157312180 ----a-w- C:\fs911afull.exe
2011-11-30 20:48 . 2011-11-30 20:47 91665264 ----a-w- C:\Nokia_Ovi_Suite_webinstaller_ALL.exe
2011-11-25 21:57 . 2004-08-10 19:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25 . 2005-10-06 00:06 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35 . 2004-08-10 19:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21 . 2004-08-10 19:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2004-08-10 19:00 152064 ----a-w- c:\windows\system32\schannel.dll
2012-02-05 07:15 . 2012-01-18 07:14 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-12-05_10.38.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-05 08:56 . 2012-02-05 08:56 16384 c:\windows\Temp\Perflib_Perfdata_9e4.dat
- 2007-11-13 11:31 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2007-11-13 11:31 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2004-08-10 19:00 . 2011-12-31 20:44 72608 c:\windows\system32\perfc009.dat
+ 2000-04-26 12:34 . 2000-04-26 12:34 44304 c:\windows\system32\msrpfs35.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 66560 c:\windows\system32\mshtmled.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 02:31 . 2011-08-22 23:48 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 02:31 . 2011-11-04 19:20 55296 c:\windows\system32\msfeedsbs.dll
+ 2010-03-18 08:15 . 2010-03-18 08:15 80720 c:\windows\system32\mfcm100u.dll
+ 2010-03-18 08:15 . 2010-03-18 08:15 80208 c:\windows\system32\mfcm100.dll
- 2004-08-10 19:00 . 2008-04-14 00:11 23040 c:\windows\system32\mciseq.dll
+ 2004-08-10 19:00 . 2011-10-14 14:47 23040 c:\windows\system32\mciseq.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 43520 c:\windows\system32\licmgr10.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 43520 c:\windows\system32\licmgr10.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 25600 c:\windows\system32\jsproxy.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 39424 c:\windows\system32\JETCOMP.exe
+ 2011-12-03 18:24 . 2011-08-17 11:56 23168 c:\windows\system32\drivers\ccdcmbo.sys
+ 2011-12-03 18:24 . 2011-08-17 11:56 18176 c:\windows\system32\drivers\ccdcmb.sys
- 2010-07-21 11:29 . 2011-08-22 23:48 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2011-11-18 12:35 . 2011-11-18 12:35 60416 c:\windows\system32\dllcache\packager.exe
- 2004-08-10 19:00 . 2011-08-22 23:48 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-07-21 11:29 . 2011-08-22 23:48 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 23040 c:\windows\system32\dllcache\mciseq.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-12-14 07:08 . 2011-10-28 05:31 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2009-12-14 07:08 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-10 19:00 . 2011-10-28 05:31 33280 c:\windows\system32\csrsrv.dll
- 2004-08-10 19:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
+ 2008-02-21 01:45 . 2012-01-10 08:56 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-02-21 01:45 . 2011-10-17 07:12 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2011-10-17 07:12 . 2011-10-17 07:12 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2012-01-10 09:56 . 2012-01-10 08:56 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-02-21 19:50 . 2005-12-02 08:30 65536 c:\windows\OLE2VBDB.DAT
+ 2008-02-21 19:50 . 2012-02-01 21:26 65536 c:\windows\OLE2VBDB.DAT
+ 2011-12-25 02:49 . 2011-12-25 02:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2011-07-08 12:00 . 2011-07-08 12:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-25 10:07 . 2011-12-25 10:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2011-07-07 10:03 . 2011-07-07 10:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2011-07-07 11:09 . 2011-07-07 11:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2011-12-24 22:49 . 2011-12-24 22:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2011-07-07 11:09 . 2011-07-07 11:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2012-01-31 11:57 . 2012-01-31 11:57 22016 c:\windows\Installer\241071.msi
+ 2011-12-13 21:17 . 2011-12-13 21:17 45056 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\UninstallShortcut_677224305C7143A986AA88BA2B97E999.exe
+ 2011-12-13 21:17 . 2011-12-13 21:17 29926 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\ProductShortcut31_568A21E7D2AB4D63A33732A5FC606775.exe
+ 2011-12-13 21:17 . 2011-12-13 21:17 29926 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\ProductShortcut3_568A21E7D2AB4D63A33732A5FC606775.exe
+ 2011-12-13 21:17 . 2011-12-13 21:17 69632 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\ProductShortcut2_51A54F7892B14F25BCD1CB3A6D7D513B.exe
+ 2011-12-13 21:17 . 2011-12-13 21:17 69632 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\ProductShortcut_51A54F7892B14F25BCD1CB3A6D7D513B.exe
+ 2011-12-13 21:17 . 2011-12-13 21:17 29926 c:\windows\Installer\{B65CB6B9-0199-4D6A-B889-5800845D3B35}\ARPPRODUCTICON.exe
+ 2012-01-30 20:52 . 2012-01-30 20:52 10134 c:\windows\Installer\{7584DE6B-A7CE-439F-83F7-D9CA07950501}\callmsi.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 45056 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\UninstallShortcut_4F0BF5F3F5A4440783083778F1C7F981.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 29926 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\ProductShortcut4_4F0BF5F3F5A4440783083778F1C7F981.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 29926 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\ProductShortcut3_4F0BF5F3F5A4440783083778F1C7F981.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 29926 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\ProductShortcut2_E064630091F74FC6A07727214D660A2D.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 29926 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\ProductShortcut_E064630091F74FC6A07727214D660A2D.exe
+ 2011-12-13 20:45 . 2011-12-13 20:45 29926 c:\windows\Installer\{0328C070-5F96-4389-9605-893910824644}\ARPPRODUCTICON.exe
+ 2011-12-14 22:47 . 2011-08-22 23:48 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_62c05e6c\System.Drawing.Design.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_09f35609\CustomMarshalers.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\750de53f30e516eb2c62de9bab7954e9\System.Web.DynamicData.Design.ni.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-19 01:58 . 2011-10-19 01:58 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-14 22:39 . 2011-07-08 13:49 46080 c:\windows\$NtUninstallKB2633952$\tzchange.exe
+ 2011-12-14 22:39 . 2011-11-08 14:58 16896 c:\windows\$NtUninstallKB2633952$\spuninst\tzchange.dll
+ 2011-12-14 22:38 . 2011-04-26 11:07 33280 c:\windows\$NtUninstallKB2620712$\csrsrv.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2639417\update\spcustom.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2639417\spmsg.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2633171\update\spcustom.dll
+ 2011-12-14 12:40 . 2011-10-26 10:50 16896 c:\windows\$hf_mig$\KB2633171\update\mpsyschk.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2633171\spmsg.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2624667\update\spcustom.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2624667\spmsg.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2620712\update\spcustom.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2620712\spmsg.dll
+ 2011-10-28 05:31 . 2011-10-28 05:31 33280 c:\windows\$hf_mig$\KB2620712\SP3QFE\csrsrv.dll
+ 2011-12-14 22:39 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618451\update\spcustom.dll
+ 2011-12-14 22:39 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618451\spmsg.dll
+ 2011-12-14 22:47 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2618444-IE8\update\spcustom.dll
+ 2011-12-14 22:47 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2618444-IE8\spmsg.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 12800 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\xpshims.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 66560 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtmled.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 55296 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeedsbs.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 43520 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\licmgr10.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 25600 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\jsproxy.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-12-03 18:24 . 2011-08-17 11:56 8192 c:\windows\system32\drivers\usbser_lowerfltj.sys
+ 2011-12-03 18:24 . 2011-08-17 11:56 8192 c:\windows\system32\drivers\usbser_lowerflt.sys
- 2011-10-19 02:29 . 2011-10-19 02:29 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-19 02:29 . 2011-10-19 02:29 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-10 19:00 . 2008-04-14 00:12 176128 c:\windows\system32\winmm.dll
+ 2004-08-10 19:00 . 2011-10-14 14:47 176128 c:\windows\system32\winmm.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 916992 c:\windows\system32\wininet.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 105984 c:\windows\system32\url.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 105984 c:\windows\system32\url.dll
+ 2011-12-13 20:45 . 2008-04-14 01:12 543232 c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL
+ 2011-12-13 20:45 . 2008-04-14 01:12 728576 c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL
+ 2004-08-10 19:00 . 2011-11-16 14:21 152064 c:\windows\system32\schannel.dll
+ 2004-08-10 19:00 . 2011-11-03 15:28 386048 c:\windows\system32\qdvd.dll
- 2004-08-10 19:00 . 2008-04-14 00:12 386048 c:\windows\system32\qdvd.dll
+ 2004-08-10 19:00 . 2011-12-31 20:44 444732 c:\windows\system32\perfh009.dat
- 2004-08-10 19:00 . 2011-08-22 23:48 206848 c:\windows\system32\occache.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 206848 c:\windows\system32\occache.dll
+ 2011-10-29 14:36 . 2011-08-17 11:57 605696 c:\windows\system32\nmwcdcocls.dll
- 2011-10-29 14:36 . 2011-05-18 08:13 605696 c:\windows\system32\nmwcdcocls.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 611840 c:\windows\system32\mstime.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 611840 c:\windows\system32\mstime.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 166672 c:\windows\system32\mstext35.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 415504 c:\windows\system32\msrepl35.dll
- 2011-12-01 18:00 . 1999-04-12 22:00 415504 c:\windows\system32\msrepl35.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 250128 c:\windows\system32\mspdox35.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 168720 c:\windows\system32\msltus35.dll
+ 2009-03-08 02:32 . 2011-11-04 19:20 602112 c:\windows\system32\msfeeds.dll
- 2009-03-08 02:32 . 2011-08-22 23:48 602112 c:\windows\system32\msfeeds.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 344064 c:\windows\system32\msexch35.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 252688 c:\windows\system32\msexcl35.dll
+ 2012-02-04 16:21 . 2012-02-04 16:21 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
+ 2011-12-13 09:16 . 2011-12-13 09:16 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
+ 2011-12-13 09:16 . 2011-12-13 09:16 335520 c:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 184320 c:\windows\system32\iepeers.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 184320 c:\windows\system32\iepeers.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-10 19:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2004-08-10 19:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
- 2008-02-20 17:21 . 2011-10-19 02:47 259840 c:\windows\system32\FNTCACHE.DAT
+ 2008-02-20 17:21 . 2011-12-15 07:08 259840 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-10 19:00 . 2011-10-14 16:38 456192 c:\windows\system32\encdec.dll
- 2004-08-10 19:00 . 2011-02-04 16:48 456192 c:\windows\system32\encdec.dll
+ 2011-10-18 03:50 . 2011-11-25 21:57 293376 c:\windows\system32\dllcache\winsrv.dll
- 2011-10-18 03:50 . 2011-06-20 17:44 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2011-10-14 14:47 . 2011-10-14 14:47 176128 c:\windows\system32\dllcache\winmm.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 916992 c:\windows\system32\dllcache\wininet.dll
+ 2008-12-16 12:30 . 2011-11-16 14:21 354816 c:\windows\system32\dllcache\winhttp.dll
- 2008-12-16 12:30 . 2009-08-25 09:17 354816 c:\windows\system32\dllcache\winhttp.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-05 06:54 . 2011-11-16 14:21 152064 c:\windows\system32\dllcache\schannel.dll
+ 2011-11-03 15:28 . 2011-11-03 15:28 386048 c:\windows\system32\dllcache\qdvd.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-07-21 11:29 . 2011-08-22 23:48 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-07-21 11:29 . 2011-08-22 23:48 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-07-21 11:29 . 2011-08-22 23:48 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2004-08-10 19:00 . 2011-08-22 23:48 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-10 19:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
- 2004-08-10 19:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-10 19:00 . 2011-10-14 16:38 456192 c:\windows\system32\dllcache\encdec.dll
- 2004-08-10 19:00 . 2011-02-04 16:48 456192 c:\windows\system32\dllcache\encdec.dll
+ 2011-10-29 14:36 . 2011-08-17 11:57 123904 c:\windows\system32\ccdcmbwu.dll
- 2011-10-29 14:36 . 2011-05-18 08:13 123904 c:\windows\system32\ccdcmbwu.dll
+ 2011-12-13 20:45 . 2008-06-09 14:16 147456 c:\windows\system32\bzpdf101c.dll
+ 2011-12-13 20:45 . 2008-06-09 14:16 182272 c:\windows\system32\bzpdf101.dll
+ 2011-12-25 02:49 . 2011-12-25 02:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2011-07-07 10:01 . 2011-07-07 10:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2011-07-07 11:09 . 2011-07-07 11:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-25 04:40 . 2011-12-25 04:40 819200 c:\windows\Installer\2d90466.msp
+ 2012-01-30 20:52 . 2012-01-30 20:52 105624 c:\windows\Installer\{7584DE6B-A7CE-439F-83F7-D9CA07950501}\egui.exe
+ 2011-12-14 22:47 . 2011-08-22 23:48 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-14 22:47 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-14 22:47 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-14 22:47 . 2011-08-22 23:48 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-14 22:47 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2005-08-05 21:06 . 2011-11-02 08:25 107008 c:\windows\ehome\mstvcapn.dll

mlendl
nováček
Příspěvky: 11
Registrován: leden 12
Pohlaví: Muž
Stav:
Offline

Re: prosím o kontrolu logu HijackThis - zpomalený NTB

Příspěvekod mlendl » 05 úno 2012 12:39

+ 2011-12-31 20:46 . 2011-12-31 20:46 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_21813fd8\System.Drawing.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_207f574c\System.Drawing.Design.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_57224ef4\CustomMarshalers.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0bda7bdfaf440d5dd4bc6a1dea7ffa39\System.Web.Routing.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6e29f9faa74a48b83a13a3413b826295\System.Web.Extensions.Design.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\be8965fe859bc53dff61579bf626858b\System.Web.Entity.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\8441b3eb247e0344fede848337ee911c\System.Web.Entity.Design.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\09c6a41f187ba483486cdb92dad714a1\System.Web.DynamicData.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5efb726d424b9712632eff749411fa89\System.Web.Abstractions.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\f374e8e7849a72d1470b4a6a0771a137\System.Data.Entity.Design.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\439732479756e0f6df88d29e50a402bf\ServiceModelReg.ni.exe
+ 2012-01-01 10:16 . 2012-01-01 10:16 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bfcea15c95909860c4f4ac19bd7a2d6c\AspNetMMCExt.ni.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-12-14 22:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2639417$\spuninst\updspapi.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2639417$\spuninst\spuninst.exe
+ 2011-12-14 22:39 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633952$\spuninst\updspapi.dll
+ 2011-12-14 22:39 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633952$\spuninst\spuninst.exe
+ 2011-12-14 22:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2633171$\spuninst\updspapi.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2633171$\spuninst\spuninst.exe
+ 2011-12-14 22:48 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2624667$\spuninst\updspapi.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2624667$\spuninst\spuninst.exe
+ 2011-12-14 22:38 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2620712$\spuninst\updspapi.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2620712$\spuninst\spuninst.exe
+ 2011-12-14 22:48 . 2010-12-21 10:36 382840 c:\windows\$NtUninstallKB2619340$\spuninst\updspapi.dll
+ 2011-12-14 22:48 . 2010-12-21 10:36 231288 c:\windows\$NtUninstallKB2619340$\spuninst\spuninst.exe
+ 2011-12-14 22:48 . 2011-02-04 16:48 456192 c:\windows\$NtUninstallKB2619340$\encdec.dll
+ 2011-12-14 22:39 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2618451$\spuninst\updspapi.dll
+ 2011-12-14 22:39 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2618451$\spuninst\spuninst.exe
+ 2011-12-14 22:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2639417\update\updspapi.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2639417\update\update.exe
+ 2011-12-14 22:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2639417\spuninst.exe
+ 2011-12-14 22:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2633171\update\updspapi.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2633171\update\update.exe
+ 2011-12-14 22:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2633171\spuninst.exe
+ 2011-12-14 22:48 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2624667\update\updspapi.dll
+ 2011-12-14 22:48 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2624667\update\update.exe
+ 2011-12-14 22:48 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2624667\spuninst.exe
+ 2011-12-14 22:38 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2620712\update\updspapi.dll
+ 2011-12-14 22:38 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2620712\update\update.exe
+ 2011-12-14 22:38 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2620712\spuninst.exe
+ 2011-12-14 22:39 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618451\update\updspapi.dll
+ 2011-12-14 22:39 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618451\update\update.exe
+ 2011-12-14 22:39 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618451\spuninst.exe
+ 2011-12-14 22:47 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2618444-IE8\update\updspapi.dll
+ 2011-12-14 22:47 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2618444-IE8\update\update.exe
+ 2011-12-14 22:47 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2618444-IE8\spuninst.exe
+ 2011-12-14 12:40 . 2011-11-04 19:19 919552 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 105984 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\url.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 206848 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\occache.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 611840 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mstime.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 602112 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\msfeeds.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 247808 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieproxy.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 184320 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iepeers.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 743424 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedvtool.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 387584 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iedkcs32.dll
+ 2011-12-14 12:40 . 2011-10-25 12:01 174080 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ie4uinit.exe
- 2004-08-10 19:00 . 2011-08-22 23:48 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 1212416 c:\windows\system32\urlmon.dll
+ 2005-08-30 03:54 . 2011-11-03 15:28 1292288 c:\windows\system32\quartz.dll
+ 2005-07-26 04:39 . 2011-11-01 16:07 1288704 c:\windows\system32\ole32.dll
+ 2004-08-10 19:00 . 2011-10-25 13:37 2148864 c:\windows\system32\ntoskrnl.exe
- 2004-08-10 19:00 . 2010-12-09 13:42 2148864 c:\windows\system32\ntoskrnl.exe
- 2004-08-03 22:59 . 2010-12-09 13:07 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2004-08-03 22:59 . 2011-10-25 12:52 2027008 c:\windows\system32\ntkrnlpa.exe
+ 2000-04-26 12:34 . 2000-04-26 12:34 1238288 c:\windows\system32\msjt4jlt.dll
+ 2000-04-26 12:34 . 2000-04-26 12:34 1050896 c:\windows\system32\msjet35.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 5978112 c:\windows\system32\mshtml.dll
+ 2010-03-18 08:15 . 2010-03-18 08:15 4368720 c:\windows\system32\mfc100u.dll
+ 2010-03-18 08:15 . 2010-03-18 08:15 4342088 c:\windows\system32\mfc100.dll
+ 2012-02-04 16:21 . 2012-02-04 16:21 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-03-08 02:32 . 2011-08-22 23:48 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 02:32 . 2011-11-04 19:20 2000384 c:\windows\system32\iertutil.dll
+ 2008-10-15 04:30 . 2011-11-23 13:25 1859584 c:\windows\system32\dllcache\win32k.sys
- 2004-08-10 19:00 . 2011-08-22 23:48 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-10 19:00 . 2011-11-04 19:20 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2008-05-07 05:12 . 2011-11-03 15:28 1292288 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:05 . 2011-11-01 16:07 1288704 c:\windows\system32\dllcache\ole32.dll
- 2009-04-16 05:08 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-04-16 05:08 . 2011-10-25 13:33 2192768 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2009-04-16 05:08 . 2011-10-25 12:52 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
- 2009-04-16 05:08 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-08 02:02 . 2011-10-25 12:52 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-04-16 05:08 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-04-16 05:08 . 2011-10-25 13:37 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2004-08-10 19:00 . 2011-11-04 19:20 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2010-07-21 11:29 . 2011-08-22 23:48 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 02:50 . 2011-12-25 02:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:07 . 2011-12-25 10:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-24 21:54 . 2011-12-24 21:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2012-01-31 10:26 . 2012-01-31 10:26 1094656 c:\windows\Installer\60a43f.msi
+ 2012-01-30 20:52 . 2012-01-30 20:52 1033728 c:\windows\Installer\3044c.msi
+ 2011-12-26 08:59 . 2011-12-26 08:59 4368896 c:\windows\Installer\2d90445.msp
+ 2011-12-14 22:47 . 2011-08-22 23:48 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-14 22:47 . 2011-10-03 08:35 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-14 22:47 . 2011-08-22 23:48 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2009-04-16 05:08 . 2011-10-25 13:33 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-04-16 05:08 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-04-16 05:08 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-04-16 05:08 . 2011-10-25 12:52 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2009-02-08 02:02 . 2011-10-25 12:52 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-02-08 02:02 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2009-04-16 05:08 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2009-04-16 05:08 . 2011-10-25 13:37 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-12-31 20:46 . 2011-12-31 20:46 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_a70bb2b1\System.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_2ca82d19\System.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_945ac537\System.Xml.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_91126eb4\System.Xml.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4dff2e04\System.Windows.Forms.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0ba078d1\System.Windows.Forms.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_63ae4311\System.Drawing.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_ef231c95\System.Design.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_e96464b3\System.Design.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d9c0e2d8\mscorlib.dll
+ 2011-12-31 20:47 . 2011-12-31 20:47 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ce12fcf0\mscorlib.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\05c29118462056cf810df0b6aa660d05\System.WorkflowServices.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\26b3258c559dc0ab6bdce481ffd458b3\System.Workflow.Runtime.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1642d1b72cd84caf24cbe7c5e8fd8368\System.Workflow.ComponentModel.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32ce12c3c2049f2df94c44c94b052e16\System.Workflow.Activities.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f63ae1310e004777e880f28377bcddd2\System.Web.Services.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c99b02434e71ca9898bebbc08d63e885\System.Web.Mobile.ni.dll
+ 2012-01-01 10:18 . 2012-01-01 10:18 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c8f78b9e94857fdf6c2a378dd1629ee0\System.Web.Extensions.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ae749b024162e9ac79110c633b5ce6be\System.ServiceModel.Web.ni.dll
+ 2012-01-01 10:16 . 2012-01-01 10:16 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\23eb4618c9d171be9fb551a13a475a32\System.IdentityModel.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f35064c125799df650c1a959d8fa450b\System.Data.Services.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-12-31 20:47 . 2011-12-31 20:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-10-19 02:12 . 2011-10-19 02:12 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-10-19 02:28 . 2011-10-19 02:28 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-19 02:29 . 2011-10-19 02:29 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-31 20:44 . 2011-12-31 20:44 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2011-10-19 01:58 . 2011-10-19 01:58 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-14 22:48 . 2011-09-06 13:20 1858944 c:\windows\$NtUninstallKB2639417$\win32k.sys
+ 2011-12-14 22:38 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
+ 2011-12-14 22:38 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrpamp.exe
+ 2011-12-14 22:38 . 2010-12-09 13:07 2027008 c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
+ 2011-12-14 22:38 . 2010-12-09 13:42 2148864 c:\windows\$NtUninstallKB2633171$\ntkrnlmp.exe
+ 2011-12-14 22:48 . 2010-07-16 12:05 1288192 c:\windows\$NtUninstallKB2624667$\ole32.dll
+ 2011-12-14 12:41 . 2011-11-23 13:29 1868544 c:\windows\$hf_mig$\KB2639417\SP3QFE\win32k.sys
+ 2011-10-25 13:34 . 2011-10-25 13:34 2192768 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2027008 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrpamp.exe
+ 2011-10-25 12:52 . 2011-10-25 12:52 2069376 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
+ 2011-10-25 13:38 . 2011-10-25 13:38 2148864 c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlmp.exe
+ 2011-12-14 12:41 . 2011-11-01 16:05 1289216 c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 1214464 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\urlmon.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 5978624 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
+ 2011-12-14 12:40 . 2011-11-04 19:19 2001408 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\iertutil.dll
+ 2010-07-21 11:29 . 2012-01-11 21:44 52128560 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2011-11-04 19:20 11081728 c:\windows\system32\ieframe.dll
- 2009-03-08 02:39 . 2011-08-23 15:48 11081728 c:\windows\system32\ieframe.dll
- 2010-07-21 11:29 . 2011-08-23 15:48 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2010-07-21 11:29 . 2011-11-04 19:20 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-26 16:02 . 2011-12-26 16:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-12-26 08:02 . 2011-12-26 08:02 19677184 c:\windows\Installer\2d9045f.msp
+ 2011-12-13 21:17 . 2011-12-13 21:17 19293184 c:\windows\Installer\1e2e206.msi
+ 2011-12-13 20:44 . 2011-12-13 20:45 17640448 c:\windows\Installer\1c57bc9.msi
+ 2011-12-14 22:47 . 2011-08-23 15:48 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
+ 2012-01-01 10:17 . 2012-01-01 10:17 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll
+ 2011-12-31 20:46 . 2011-12-31 20:46 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e15d80ffb037e9171fa4bd2e0233497\System.Design.ni.dll
+ 2011-11-05 13:19 . 2011-11-05 13:19 11083776 c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2011-06-30 1363984]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-01-12 25367592]
"W_MRPPRN"="c:\program files\MRP\Tlačový manažér\W_mrpprn.exe" [2004-11-23 1138688]
"AROReminder"="c:\program files\ARO 2012\ARO.exe" [2012-01-06 2552688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-29 149280]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-08-13 1056768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-04 7405568]
"nwiz"="nwiz.exe" [2006-05-04 1519616]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-12 16267776]
"SMSERIAL"="sm56hlpr.exe" [2005-09-16 557056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-08-25 737369]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-04-16 45056]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-11-05 36864]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-11-05 40960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-07-05 77824]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RAM Idle Professional"="c:\program files\RAM Idle LE\RAM_XP.exe" [2006-01-17 135168]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
"ICQ Lite"="c:\program files\ICQLite\ICQLite.exe" [2006-07-27 3142236]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\FSC\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Device Detector 2.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2008-2-21 106496]
LINKMAGIC.lnk - c:\program files\LINKMAGIC\LINKMAGIC.EXE [2008-3-6 1810432]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ckpNotify]
2007-05-24 09:13 24665 ----a-w- c:\windows\system32\ckpNotify.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_Service.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_GUI.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\scc.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_SDS.exe"=
"c:\\Program Files\\CheckPoint\\SecuRemote\\bin\\SR_Diagnostics.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
R1 FW1;SecuRemote Miniport;c:\windows\system32\drivers\fw.sys [24.5.2007 10:13 2234800]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [24.6.2011 20:17 123120]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [25.2.2008 6:54 51072]
R2 CP_OMDRV;Check Point Office Mode Module;c:\windows\system32\drivers\omdrv.sys [24.5.2007 10:13 36368]
R2 ekrn;ESET Service;c:\program files\Eset\ESET NOD32 Antivirus\ekrn.exe [22.9.2011 12:03 974944]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [14.10.2011 13:10 99896]
R2 VNASC;Check Point Virtual Network Adapter - SecureClient;c:\windows\system32\drivers\vnasc.sys [24.5.2007 10:13 110032]
R2 VPN-1;VPN-1 Module;c:\windows\system32\drivers\vpn.sys [24.5.2007 10:13 673456]
S1 cdc4086c;cdc4086c;c:\windows\system32\drivers\cdc4086c.sys [11.6.2009 6:13 0]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2010 21:10 135664]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2010 21:10 135664]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [30.6.2011 17:45 9216]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [14.10.2011 13:09 17408]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:10]
.
2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-03 20:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.kdpcr.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {F9740CE7-2A72-46DA-ACC3-E819FA57F3E1} - hxxps://www.vzp.cz/IISIPortal/docroot/p ... Signer.dll
FF - ProfilePath - c:\documents and settings\FSC\Application Data\Mozilla\Firefox\Profiles\99z50rk6.default\
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-05 12:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-682003330-299502267-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Celkový čas: 2012-02-05 12:24:12
ComboFix-quarantined-files.txt 2012-02-05 11:24
ComboFix2.txt 2011-12-05 10:43
ComboFix3.txt 2010-07-21 09:58
.
Před spuštěním: 37 964 271 616 bytes free
Po spuštění: Volných bajtů: 39 233 183 744
.
- - End Of File - - 1A33099E0188DFBA6FBD7B7456FDD03F


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 63 hostů