Prosim o kontrolu diky

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
sakiri
Level 3.5
Level 3.5
Příspěvky: 747
Registrován: červen 06
Pohlaví: Nespecifikováno
Stav:
Offline

Příspěvekod sakiri » 23 dub 2007 19:08

tak do toho řádku na Virustotalu zkopíruj tento text:
C:\WINDOWS\byyxvw.dll

Tím ho nemusíš hledat.
Nahoru
Reklama
Top
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 23 dub 2007 19:12

musim pockat az dojede ten prvni nebo muzou bezet na jednou oba?? :)) ja to resim protoze mi kvuli tomu zamrza PC asi :( ty viry mam na mysli.
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 23 dub 2007 19:27

Complete scanning result of "c_1p32.dll", received in VirusTotal at 04.23.2007, 18:54:18 (CET).
Antivirus Version Update Result
AhnLab-V3 2007.4.24.0 04.23.2007 no virus found
AntiVir 7.4.0.14 04.23.2007 TR/Baws.A
Authentium 4.93.8 04.23.2007 no virus found
Avast 4.7.981.0 04.23.2007 no virus found
AVG 7.5.0.464 04.22.2007 no virus found
BitDefender 7.2 04.23.2007 Trojan.Baws.A
CAT-QuickHeal 9.00 04.23.2007 no virus found
ClamAV devel-20070416 04.23.2007 no virus found
DrWeb 4.33 04.23.2007 no virus found
eSafe 7.0.15.0 04.23.2007 no virus found
eTrust-Vet 30.7.3589 04.23.2007 no virus found
Ewido 4.0 04.23.2007 no virus found
FileAdvisor 1 04.23.2007 High threat detected
Fortinet 2.85.0.0 04.23.2007 BHO.BM!tr
F-Prot 4.3.2.48 04.23.2007 no virus found
F-Secure 6.70.13030.0 04.23.2007 no virus found
Ikarus T3.1.1.5 04.23.2007 Backdoor.Win32.Hupigon.BV
Kaspersky 4.0.2.24 04.23.2007 no virus found
McAfee 5015 04.23.2007 no virus found
Microsoft 1.2405 04.23.2007 VirTool:Win32/Obfuscator.C
NOD32v2 2213 04.23.2007 no virus found
Norman 5.80.02 04.23.2007 W32/Suspicious_U.gen
Panda 9.0.0.4 04.23.2007 Suspicious file
Prevx1 V2 04.23.2007 Dropper.Payload
Sophos 4.16.0 04.20.2007 Troj/BHO-BM
Sunbelt 2.2.907.0 04.19.2007 VIPRE.Suspicious
Symantec 10 04.23.2007 Infostealer
TheHacker 6.1.6.095 04.15.2007 no virus found
VBA32 3.11.4 04.23.2007 no virus found
VirusBuster 4.3.7:9 04.23.2007 Packed/Upack
Webwasher-Gateway 6.0.1 04.23.2007 Trojan.Baws.A

Aditional Information
File size: 19625 bytes
MD5: 6e043e7be079586e6aa4f224a0fe1bc8
SHA1: 8cb290b171da37cd93d53fdb896a77f960095dc4
packers: UPACK
Bit9 info: http://fileadvisor.bit9.com/services/ex ... 24a0fe1bc8
packers: UPack
Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=0c1c89008141
Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.



http://www.virustotal.com/vt/en/resulta ... 127d7fc582 link kdyztak jestli to de :D
Nahoru
Uživatelský avatar
fredik
člen Security týmu
Master Level 7
Master Level 7
Příspěvky: 4680
Registrován: červenec 06
Pohlaví: Muž
Stav:
Offline

Příspěvekod fredik » 23 dub 2007 20:10

Zatím můžeš udělat toto:

Stáhni si Killbox. Rozbal ho a spusť, do volného řádku zkopíruj tento tučně označený text:
C:\WINDOWS\SYSTEM32\c_1p32.dll

a zaškrtni Delete on Reboot a Unregister .dll Before Deleting
pak stiskni bílý křížek v červeném kolečku. PC bude chtít restart tak to povol.

Pak projeď z prevence PC tímto:
Stáhni si Mwav. Proveď update a spusť prohlídku přes tlačítko Scan & Clean (nesmíš mít zatrhnutou volbu Scan Only). Pokud ještě něco najde tak to sám odstraní. Po skončení prohlídky bude chtít možná restart tak ho povol.

Pak pošli nový log z HJT a ten druhý výsledek souboru co chtěl sakiri.
Nahoru
sakiri
Level 3.5
Level 3.5
Příspěvky: 747
Registrován: červen 06
Pohlaví: Nespecifikováno
Stav:
Offline

Příspěvekod sakiri » 23 dub 2007 20:26

+Si stáhni Combofix a spusť ho.
postupuj dle pokynů během aplikování ComboFixu neklikej do zobrazujícího se okna může se stát totiž že to proces zastaví.
Po skončení se vytvoří log tak sem zkopíruj jeho obsah.

Důvod proč ho chci je jednoduchý.
Vundo, Virtumonde má takovou blbou "vlastnost" vytváří soubory se stejným názvem jako je ta .dll ale s jinou koncovkou např.: .ini , bak1 , bak2 apod. tak se podíváme jestli tam pro jistotu něco není.
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 24 dub 2007 21:16

Ten killBox vyhodi nakou hlasku PendingFileRenameOperations Registry data has been removed external process
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 24 dub 2007 21:20

a ten combo fix se mi na zacatku sekne pri startu XP kdyz sem to delal. Ted delam ten scan v Mwav teda :)
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 24 dub 2007 21:26

Log z toho hijackthis po skenovani Mwav

Logfile of HijackThis v1.99.1
Scan saved at 21:25:13, on 24.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\TBPanel.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Admin\Plocha\analyz2.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Gainward] C:\WINDOWS\TBPanel.exe /A
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.16\AsRunHelp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional 2005.SR1\RpcSandraSrv.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 24 dub 2007 22:31

vypis z kill boxu

Pocket Killbox version 2.0.0.648
Running on Windows XP as Admin(Administrator)
was started @ úterý, duben 24, 2007, 9:11 PM

# 1 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:12:26 PM
# 2 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


# 3 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


# 4 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:13:16 PM
# 5 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


# 6 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


# 7 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:14:40 PM
# 8 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


# 9 [Delete on Reboot]
Path = C:\WINDOWS\SYSTEM32\c_1p32.dll


PendingFileRenameOperations Registry Data has been Removed by External Process! @ 9:18:30 PM
Killbox Closed(Exit) @ 9:18:30 PM
__________________________________________________
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 24 dub 2007 22:31

combo fix

Kód: Vybrat vše

04-08-17 15:49      137216    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\TASKMGR.COM.vir
04-08-17 15:49      147968    --a------    C:\Qoobox\Quarantine\C\WINDOWS\REGEDIT.COM.vir
07-04-22 18:09      19625    --a------    C:\Qoobox\Quarantine\C\WINDOWS\system32\c_1p32.dll.vir
07-04-23 17:32      104    --a------    C:\Qoobox\Quarantine\C\DOCUME~1\Admin\Plocha\Internet.lnk.vir


Věpis CESTY slo§ky
S‚riov‚ źˇslo svazku je 1C56-0D91
C:\QOOBOX
\---Quarantine
    +---C
    |   +---DOCUME~1
    |   |   \---Admin
    |   |       \---Plocha
    |   |               Internet.lnk.vir
    |   |               
    |   \---WINDOWS
    |       |   REGEDIT.COM.vir
    |       |   
    |       \---system32
    |               c_1p32.dll.vir
    |               TASKMGR.COM.vir
    |               
    \---Registry_backups
Nahoru
sakiri
Level 3.5
Level 3.5
Příspěvky: 747
Registrován: červen 06
Pohlaví: Nespecifikováno
Stav:
Offline

Příspěvekod sakiri » 25 dub 2007 17:32

sorry že jsem se neozval. Neměl jsem čas.


Log z HJT vypadá v pořádku.

KillBox toho šmejda nesmazal ale Combofix ho "přejmenoval" tak že od něj nehrozí nebezpečí.

Jinak ten log z Combofixu má být uložený na C:\ComboFix.txt tak sem ho zkopíruj.
Nahoru
AlastoR
nováček
Příspěvky: 34
Registrován: duben 07
Pohlaví: Nespecifikováno
Stav:
Offline
Kontakt:
Kontaktovat uživatele AlastoR

Příspěvekod AlastoR » 25 dub 2007 18:20

"Admin" - 07-04-24 20:56:17 Service Pack 2
ComboFix 07-04-25.1V - Running from: "C:\Documents and Settings\Admin\Plocha\"


(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\c_1p32.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\Admin\Plocha\internet.lnk
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\regedit.com


((((((((((((((((((((((((((((((( Files Created from 2007-03-24 to 2007-04-24 ))))))))))))))))))))))))))))))))))


2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-04-23 17:05 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-04-23 17:01 147,968 --a------ C:\WINDOWS\R.COM
2007-04-23 17:01 137,216 --a------ C:\WINDOWS\system32\T.COM
2007-04-23 16:53 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-04-23 12:29 <DIR> d-------- C:\WINDOWS\nview
2007-04-23 12:29 <DIR> d-------- C:\WINDOWS\NV32763280.TMP
2007-04-23 12:29 <DIR> d-------- C:\NVIDIA
2007-04-23 12:11 <DIR> d-------- C:\WINDOWS\NV16722520.TMP
2007-04-23 12:10 928,096 --a------ C:\WINDOWS\system32\nvucode.bin
2007-04-23 11:23 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Command & Conquer 3 Tiberium Wars
2007-04-23 11:12 <DIR> d-------- C:\Program Files\Electronic Arts
2007-04-23 10:47 <DIR> d-------- C:\comand
2007-04-23 09:58 <DIR> d-------- C:\Program Files\Opera
2007-04-23 09:58 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Opera
2007-04-22 12:04 <DIR> d-------- C:\Temp
2007-04-21 20:14 <DIR> d-------- C:\Program Files\ICQToolbar
2007-04-21 20:13 <DIR> d-------- C:\Program Files\ICQLite
2007-04-21 16:47 <DIR> d-------- C:\Program Files\CyberLink
2007-04-21 14:53 <DIR> d-------- C:\Program Files\EA GAMES
2007-04-21 14:42 <DIR> d-------- C:\Fraps
2007-04-21 14:37 <DIR> d-------- C:\WINDOWS\NV772876.TMP
2007-04-19 18:20 <DIR> d-------- C:\CloneDVDTemp
2007-04-15 15:24 356,352 --a------ C:\WINDOWS\eSellerateEngine.dll
2007-04-15 15:24 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\DATAAP~1\TEMP
2007-04-15 14:18 0 --a------ C:\WINDOWS\qtsrig.exe
2007-04-14 19:16 0 --a------ C:\WINDOWS\ric.exe
2007-04-14 13:12 24,576 -ra------ C:\WINDOWS\system32\AsIO.dll
2007-04-14 13:12 12,664 -ra------ C:\WINDOWS\system32\drivers\AsIO.sys
2007-04-14 13:12 12,096 --a------ C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2007-04-14 13:12 10,304 --a------ C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2007-04-13 22:09 <DIR> d-------- C:\Program Files\SpeedFan
2007-04-13 15:24 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-04-13 15:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Adobe Systems
2007-04-12 17:52 4,608 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2007-04-12 17:52 <DIR> d-------- C:\Program Files\Norton AntiVirus
2007-04-11 20:00 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\ICQLite
2007-04-11 18:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\NVIDIA
2007-04-11 17:57 93,952 -ra------ C:\WINDOWS\system32\drivers\aeaudio.sys
2007-04-11 17:57 53,248 --------- C:\WINDOWS\system32\wdmioctl.dll
2007-04-11 17:57 49,152 --------- C:\WINDOWS\system32\DSndUp.exe
2007-04-11 17:57 45,056 --------- C:\WINDOWS\system32\CleanUp.exe
2007-04-11 17:57 293,888 -ra------ C:\WINDOWS\system32\drivers\ADIHdAud.sys
2007-04-11 17:57 139,776 -ra------ C:\WINDOWS\system32\drivers\adidts.sys
2007-04-11 17:57 1,285,632 --------- C:\WINDOWS\system32\SMMedia.dll
2007-04-11 17:24 <DIR> d-------- C:\Program Files\Ubisoft
2007-04-11 17:23 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\InstallShield
2007-04-11 17:02 <DIR> d-------- C:\Program Files\AquaMark3
2007-04-11 16:04 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-04-11 16:04 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-04-11 15:53 <DIR> d-------- C:\Program Files\THQ
2007-04-11 01:04 <DIR> d-------- C:\Program Files\Tomb Raider - Legend
2007-04-11 00:50 <DIR> d-------- C:\Program Files\Common Files\HP
2007-04-11 00:49 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-04-11 00:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Hewlett-Packard
2007-04-11 00:48 82,432 -ra------ C:\WINDOWS\system32\MSXML4r.dll
2007-04-11 00:48 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2007-04-11 00:48 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2007-04-11 00:48 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll
2007-04-11 00:48 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2007-04-11 00:48 1,230,336 -ra------ C:\WINDOWS\system32\MSXML4.dll
2007-04-11 00:48 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-04-11 00:47 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-04-11 00:46 51,088 -ra------ C:\WINDOWS\system32\drivers\hpzid412.sys
2007-04-11 00:46 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-04-11 00:45 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-04-11 00:45 65,536 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-04-11 00:45 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-04-11 00:45 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-04-11 00:45 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-04-11 00:45 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2007-04-11 00:45 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-04-11 00:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-04-11 00:44 <DIR> d-------- C:\Program Files\HP
2007-04-11 00:43 17,176 --------- C:\WINDOWS\hpomdl04.dat
2007-04-11 00:43 104,257 --a------ C:\WINDOWS\hpoins04.dat
2007-04-11 00:42 <DIR> d-------- C:\WINDOWS\system32\bak
2007-04-11 00:42 <DIR> d-------- C:\WINDOWS\bak
2007-04-10 22:44 <DIR> d-------- C:\DOCUME~1\LOCALS~1\DATAAP~1\Symantec
2007-04-10 21:19 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-10 21:16 <DIR> d-------- C:\Program Files\ASUS
2007-04-10 21:05 <DIR> d-------- C:\Program Files\QIP
2007-04-10 20:44 119,568 --a------ C:\WINDOWS\system32\vb6fr.dll
2007-04-10 20:44 <DIR> d-------- C:\Program Files\PC Wizard 2006
2007-04-10 15:48 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-04-10 15:48 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-04-10 15:48 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-04-10 15:48 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-04-10 15:48 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-04-10 15:48 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-10 15:48 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-04-10 15:48 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-04-10 15:38 <DIR> d-------- C:\Program Files\OpenAL
2007-04-10 10:55 24,064 --------- C:\WINDOWS\system32\msxml3a.dll
2007-04-10 10:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\CyberLink
2007-04-10 10:43 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\CyberLink
2007-04-10 10:31 <DIR> d-------- C:\Program Files\ffdshow
2007-04-09 22:35 <DIR> d-------- C:\Program Files\Real
2007-04-09 22:35 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-04-09 22:35 <DIR> d-------- C:\Program Files\Common Files\Real
2007-04-09 22:35 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Real
2007-04-09 22:29 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2007-04-09 22:29 26,624 --a------ C:\WINDOWS\system32\irmon.dll
2007-04-09 22:29 153,088 --a------ C:\WINDOWS\system32\irftp.exe
2007-04-09 00:58 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-04-09 00:58 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-04-09 00:56 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2007-04-09 00:56 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2007-04-09 00:56 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-09 00:39 <DIR> d-------- C:\Program Files\Ventrilo
2007-04-09 00:39 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-09 00:39 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Ventrilo
2007-04-08 23:09 <DIR> d-------- C:\Program Files\Prey
2007-04-08 19:23 409,600 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-04-08 19:23 114,688 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-04-08 18:47 5,632 --a------ C:\WINDOWS\system32\drivers\Entech64.sys
2007-04-08 18:47 3,972 --a------ C:\WINDOWS\system32\drivers\PciBus.sys
2007-04-08 18:47 21,664 --a------ C:\WINDOWS\system32\drivers\Entech.sys
2007-04-08 18:47 <DIR> d-------- C:\WINDOWS\system32\Futuremark
2007-04-08 18:46 <DIR> d-------- C:\Program Files\Futuremark
2007-04-08 16:35 <DIR> d-------- C:\Program Files\Valve
2007-04-08 13:15 <DIR> d-------- C:\WINDOWS\NV40123276.TMP
2007-04-08 13:07 <DIR> d-------- C:\Program Files\XP Codec Pack
2007-04-08 12:11 <DIR> d-------- C:\Program Files\DVDFab Decrypter 3
2007-04-08 12:11 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Google
2007-04-08 12:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Google
2007-04-08 12:01 56 -r-hs---- C:\WINDOWS\system32\AA25530C47.sys
2007-04-08 12:01 1,682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-04-08 12:01 <DIR> d-------- C:\Program Files\SiSoftware
2007-04-08 12:01 <DIR> d-------- C:\Program Files\Google
2007-04-08 12:00 <DIR> d-------- C:\Program Files\DivX
2007-04-08 11:59 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-04-08 11:59 <DIR> d-------- C:\Program Files\DVD Shrink
2007-04-08 11:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\DVD Shrink
2007-04-08 11:58 56,320 --------- C:\WINDOWS\system32\iyvu9_32.dll
2007-04-08 11:58 136,704 --------- C:\WINDOWS\system32\iacenc.dll
2007-04-08 11:58 <DIR> d-------- C:\Program Files\Ligos
2007-04-08 00:22 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Media Player Classic
2007-04-08 00:20 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-04-08 00:20 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-04-08 00:20 5,120 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-04-08 00:20 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-04-08 00:20 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-04-08 00:20 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-04-08 00:20 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-04-08 00:20 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-04-08 00:20 1,565,480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-04-08 00:20 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-04-08 00:20 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-04-08 00:08 <DIR> d-------- C:\WINDOWS\NV13522568.TMP
2007-04-08 00:04 <DIR> d-------- C:\Program Files\NuGardt Software
2007-04-07 21:29 <DIR> d-------- C:\Program Files\Sierra
2007-04-07 20:54 99,904 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-04-07 20:54 63,040 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-04-07 20:54 22,584 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-04-07 20:54 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-04-07 02:53 <DIR> d-------- C:\Program Files\HLSW
2007-04-07 02:49 <DIR> d-------- C:\Program Files\Yahoo!
2007-04-07 02:49 <DIR> d-------- C:\Program Files\CCleaner
2007-04-07 02:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Yahoo! Companion
2007-04-07 02:46 <DIR> d--hs---- C:\RECYCLER
2007-04-07 02:45 <DIR> d-------- C:\Program Files\Teamspeak2_RC2
2007-04-07 02:45 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\teamspeak2
2007-04-07 02:43 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\ICQ Toolbar
2007-04-07 02:31 <DIR> d-------- C:\Program Files\Activision
2007-04-07 02:30 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-04-07 02:24 <DIR> d-------- C:\Program Files\SymNetDrv
2007-04-07 02:17 75,264 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-07 02:17 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-04-07 02:17 58,240 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-07 02:17 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-07 02:17 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-04-07 02:16 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-07 02:16 9,291 --a------ C:\WINDOWS\system\VER.DLL
2007-04-07 02:16 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-07 02:16 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-07 02:16 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-07 02:16 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-07 02:16 75,264 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-07 02:16 70,272 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-07 02:16 69,632 --a------ C:\WINDOWS\notepad.exe
2007-04-07 02:16 69,008 --a------ C:\WINDOWS\system\mmsystem.dll
2007-04-07 02:16 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdycl.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdsl.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdpl.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdhu.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\kbdcr.dll
2007-04-07 02:16 6,656 --a------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-07 02:16 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-07 02:16 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-07 02:16 5,632 --a------ C:\WINDOWS\system32\kbdro.dll
2007-04-07 02:16 5,632 --a------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-07 02:16 5,632 --a------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-07 02:16 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-07 02:16 33,040 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-07 02:16 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-07 02:16 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-07 02:16 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-07 02:16 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-07 02:16 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-07 02:16 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-07 02:16 127,024 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-07 02:16 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-07 02:16 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-07 02:16 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-07 02:16 <DIR> dr------- C:\Program Files
2007-04-07 02:16 <DIR> dr------- C:\DOCUME~1\DEFAUL~1\Nabˇdka Start
2007-04-07 02:16 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Nabˇdka Start
2007-04-07 02:16 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Dokumenty
2007-04-07 02:16 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\ćablony
2007-04-07 02:16 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Okolnˇ tisk rny
2007-04-07 02:16 <DIR> d--h----- C:\DOCUME~1\DEFAUL~1\Okolnˇ sˇś
2007-04-07 02:16 <DIR> d--h----- C:\DOCUME~1\ALLUSE~1\ćablony
2007-04-07 02:16 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-07 02:16 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-07 02:16 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Plocha
2007-04-07 02:16 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Oblˇben‚ polo§ky
2007-04-07 02:16 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Dokumenty
2007-04-07 02:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Plocha
2007-04-07 02:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Oblˇben‚ polo§ky
2007-04-07 02:15 <DIR> dr-h----- C:\DOCUME~1\DEFAUL~1\Data aplikacˇ
2007-04-07 02:15 <DIR> dr-h----- C:\DOCUME~1\ALLUSE~1\Data aplikacˇ
2007-04-07 02:15 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-07 02:15 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-07 02:15 <DIR> d-------- C:\Documents and Settings
2007-04-07 02:11 91,904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-04-07 02:11 124,016 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-04-07 02:11 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-07 02:11 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-07 02:11 <DIR> dr------- C:\WINDOWS\Web
2007-04-07 02:11 <DIR> d--h----- C:\WINDOWS\inf
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1029
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system32
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\system
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\security
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Resources
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\repair
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\mui
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\msapps
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\msagent
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Media
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\ime
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Help
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Debug
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\Config
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS\addins
2007-04-07 02:11 <DIR> d-------- C:\WINDOWS
2007-04-07 02:11 <DIR> d-------- C:\Program Files\Symantec
2007-04-07 02:11 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-04-07 02:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Symantec
2007-04-07 02:11 <DIR> d-------- C:\DOCUME~1\Admin\DATAAP~1\Symantec
2007-04-07 02:09 <DIR> d---s---- C:\DOCUME~1\Admin\UserData
2007-04-07 02:03 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-04-07 02:03 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-07 01:41 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-04-07 01:37 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-04-07 01:37 <DIR> d-------- C:\Program Files\muvee Technologies
2007-04-07 01:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\muvee Technologies
2007-04-07 01:36 5,306 -ra------ C:\WINDOWS\system32\drivers\TBPanel.sys
2007-04-07 01:36 5,120 -ra------ C:\WINDOWS\TBManage.dll
2007-04-07 01:36 36,864 -ra------ C:\WINDOWS\GWLib.dll
2007-04-07 01:36 33,280 -ra------ C:\WINDOWS\DXTool.exe
2007-04-07 01:36 32,768 -ra------ C:\WINDOWS\TBPanelExt.dll
2007-04-07 01:36 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-07 01:36 26,624 -ra------ C:\WINDOWS\TBZoom.exe
2007-04-07 01:36 2,162,688 -ra------ C:\WINDOWS\TBPanel.exe
2007-04-07 01:36 <DIR> d-------- C:\WINDOWS\UI
2007-04-07 01:28 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-07 01:28 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-07 01:28 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-07 01:28 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-07 01:28 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-07 01:28 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-07 01:28 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-07 01:28 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-07 01:28 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-07 01:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-07 01:28 28,160 -ra------ C:\WINDOWS\system32\PostProc.dll
2007-04-07 01:28 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-07 01:28 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-07 01:28 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-07 01:28 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-07 01:28 <DIR> d-------- C:\Program Files\Analog Devices
2007-04-07 01:26 <DIR> d-------- C:\WINDOWS\ASUSInstAll
2007-04-07 01:24 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-07 01:24 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2007-04-07 01:23 52,736 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-07 01:23 486,400 -ra------ C:\WINDOWS\system32\AsusSetup.exe
2007-04-07 01:23 446,464 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2007-04-07 01:23 363,008 -ra------ C:\WINDOWS\system32\idecoiins.dll
2007-04-07 01:23 363,008 --a------ C:\WINDOWS\system32\idecoi.dll
2007-04-07 01:23 356,352 --------- C:\WINDOWS\system32\nvuide.exe
2007-04-07 01:23 35,840 --a------ C:\WINDOWS\system32\nvconrm.dll
2007-04-07 01:23 35,840 --a------ C:\WINDOWS\system32\NVCOI.DLL
2007-04-07 01:23 261,120 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-07 01:23 208,896 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-07 01:23 208,896 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-07 01:23 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-07 01:23 202,240 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2007-04-07 01:23 202,240 --a------ C:\WINDOWS\system32\fdco1.dll
2007-04-07 01:23 18,944 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-07 01:23 110,080 -ra------ C:\WINDOWS\system32\drivers\nvtcp.sys
2007-04-07 01:23 105,344 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2007-04-07 01:23 10,240 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-07 01:23 10,240 --a------ C:\WINDOWS\system32\bdco1.dll
2007-04-07 01:23 1,104,896 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-07 01:23 <DIR> d-------- C:\WINDOWS\NV15481552.TMP
2007-04-07 01:23 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-07 01:22 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2007-04-07 01:22 10,288 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2007-04-07 01:21 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-07 01:21 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-07 01:21 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Nabˇdka Start
2007-04-07 00:29 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-04-07 00:29 940,544 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-04-07 00:29 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-04-07 00:29 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-04-07 00:29 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-04-07 00:29 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-04-07 00:29 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-04-07 00:29 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-04-07 00:29 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-04-07 00:29 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-04-07 00:29 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-04-07 00:29 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-04-07 00:29 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-04-07 00:29 746,496 --a------ C:\WINDOWS\system32\ir50_32.dll
2007-04-07 00:29 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-04-07 00:29 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-04-07 00:29 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-07 00:29 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-04-07 00:29 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-07 00:29 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-04-07 00:29 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-04-07 00:29 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-04-07 00:29 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-04-07 00:29 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-04-07 00:29 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-04-07 00:29 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-04-07 00:29 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-04-07 00:29 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-04-07 00:29 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-07 00:29 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-04-07 00:29 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-04-07 00:29 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-04-07 00:29 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-04-07 00:29 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-04-07 00:29 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-04-07 00:29 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-04-07 00:29 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-04-07 00:29 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-04-07 00:29 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-04-07 00:29 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2007-04-07 00:29 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-07 00:29 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-04-07 00:29 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-04-07 00:29 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-04-07 00:29 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-04-07 00:29 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-04-07 00:29 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2007-04-07 00:29 463,360 --------- C:\WINDOWS\system32\xpob2res.dll
2007-04-07 00:29 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-04-07 00:29 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-04-07 00:29 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-04-07 00:29 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-04-07 00:29 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-04-07 00:29 431,104 --------- C:\WINDOWS\system32\wuapi.dll
2007-04-07 00:29 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2007-04-07 00:29 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2007-04-07 00:29 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2007-04-07 00:29 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-04-07 00:29 413,944 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-04-07 00:29 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2007-04-07 00:29 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-04-07 00:29 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-04-07 00:29 4,527,488 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-04-07 00:29 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-04-07 00:29 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-04-07 00:29 39,936 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2007-04-07 00:29 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2007-04-07 00:29 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-04-07 00:29 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-04-07 00:29 36,864 --------- C:\WINDOWS\system32\wups.dll
2007-04-07 00:29 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-04-07 00:29 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-04-07 00:29 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-04-07 00:29 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll
2007-04-07 00:29 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-04-07 00:29 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-04-07 00:29 32,866 --------- C:\WINDOWS\slrundll.exe
2007-04-07 00:29 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-04-07 00:29 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-04-07 00:29 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2007-04-07 00:29 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2007-04-07 00:29 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-04-07 00:29 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-04-07 00:29 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2007-04-07 00:29 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-04-07 00:29 3,994,624 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-04-07 00:29 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-04-07 00:29 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-04-07 00:29 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-04-07 00:29 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-04-07 00:29 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-04-07 00:29 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-04-07 00:29 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-04-07 00:29 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-04-07 00:29 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-04-07 00:29 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-04-07 00:29 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-04-07 00:29 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-04-07 00:29 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-04-07 00:29 263,040 --------- C:\WINDOWS\system32\drivers\http.sys
2007-04-07 00:29 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-04-07 00:29 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-04-07 00:29 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-04-07 00:29 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-04-07 00:29 25,088 --a------ C:\WINDOWS\system32\MsPMSNSv.dll
2007-04-07 00:29 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2007-04-07 00:29 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2007-04-07 00:29 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-04-07 00:29 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-04-07 00:29 22,528 --------- C:\WINDOWS\system32\fltmc.exe
2007-04-07 00:29 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-04-07 00:29 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-04-07 00:29 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-04-07 00:29 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-04-07 00:29 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2007-04-07 00:29 20,992 --------- C:\WINDOWS\system32\bthci.dll
2007-04-07 00:29 2,927,616 --------- C:\WINDOWS\system32\xpsp2res.dll
2007-04-07 00:29 2,113,536 --------- C:\WINDOWS\system32\dxdiagn.dll
2007-04-07 00:29 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2007-04-07 00:29 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-04-07 00:29 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2007-04-07 00:29 183,296 --------- C:\WINDOWS\system32\wuaueng1.dll
2007-04-07 00:29 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-04-07 00:29 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-04-07 00:29 173,056 --------- C:\WINDOWS\system32\wmerror.dll
2007-04-07 00:29 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-04-07 00:29 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-04-07 00:29 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-04-07 00:29 166,912 --------- C:\WINDOWS\system32\wuauclt1.exe
2007-04-07 00:29 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-04-07 00:29 16,896 --------- C:\WINDOWS\system32\fltlib.dll
2007-04-07 00:29 150,016 --a------ C:\WINDOWS\system32\wmidx.dll
2007-04-07 00:29 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-04-07 00:29 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-04-07 00:29 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-04-07 00:29 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-04-07 00:29 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-04-07 00:29 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2007-04-07 00:29 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-04-07 00:29 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-04-07 00:29 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-04-07 00:29 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-07 00:29 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2007-04-07 00:29 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-04-07 00:29 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-04-07 00:29 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-04-07 00:29 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-04-07 00:29 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-04-07 00:29 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-04-07 00:29 124,800 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-07 00:29 120,320 --------- C:\WINDOWS\system32\wuweb.dll
2007-04-07 00:29 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll
2007-04-07 00:29 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-04-07 00:29 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-04-07 00:29 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-04-07 00:29 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-04-07 00:29 116,224 --------- C:\WINDOWS\system32\p2p.dll
2007-04-07 00:29 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2007-04-07 00:29 112,640 --------- C:\WINDOWS\system32\wucltui.dll
2007-04-07 00:29 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-04-07 00:29 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-04-07 00:29 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-04-07 00:29 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-04-07 00:29 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-04-07 00:29 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-04-07 00:29 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-04-07 00:29 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-04-07 00:29 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-04-07 00:29 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-04-07 00:29 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-07 00:29 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-04-07 00:29 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-04-07 00:29 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-04-07 00:29 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-04-07 00:29 1,689,088 --------- C:\WINDOWS\system32\d3d9.dll
2007-04-07 00:29 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-04-07 00:29 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-04-07 00:29 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-04-07 00:29 1,003,008 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-04-07 00:29 <DIR> d-------- C:\WINDOWS\provisioning
2007-04-07 00:29 <DIR> d-------- C:\WINDOWS\peernet
2007-04-07 00:28 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-04-07 00:27 15,872 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-07 00:27 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-07 00:26 <DIR> d-------- C:\WINDOWS\EHome
2007-04-07 00:23 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-07 00:23 229,376 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-07 00:23 2,621,440 --ah----- C:\DOCUME~1\Admin\NTUSER.DAT
2007-04-07 00:23 <DIR> dr-h----- C:\DOCUME~1\Admin\Data aplikacˇ
2007-04-07 00:23 <DIR> dr------- C:\DOCUME~1\Admin\Oblˇben‚ polo§ky
2007-04-07 00:23 <DIR> dr------- C:\DOCUME~1\Admin\Nabˇdka Start
2007-04-07 00:23 <DIR> dr------- C:\DOCUME~1\Admin\Dokumenty
2007-04-07 00:23 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-07 00:23 <DIR> d--hs---- C:\System Volume Information
2007-04-07 00:23 <DIR> d--h----- C:\DOCUME~1\Admin\ćablony
2007-04-07 00:23 <DIR> d--h----- C:\DOCUME~1\Admin\Okolnˇ tisk rny
2007-04-07 00:23 <DIR> d--h----- C:\DOCUME~1\Admin\Okolnˇ sˇś
2007-04-07 00:23 <DIR> d-------- C:\DOCUME~1\NETWOR~1\Data aplikacˇ
2007-04-07 00:23 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Data aplikacˇ
2007-04-07 00:23 <DIR> d-------- C:\DOCUME~1\Admin\Plocha
2007-04-07 00:20 50 --------- C:\AUTOEXEC.BAT
2007-04-07 00:20 229,376 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-07 00:20 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-07 00:20 0 -rahs---- C:\MSDOS.SYS
2007-04-07 00:20 0 -rahs---- C:\IO.SYS
2007-04-07 00:20 0 --a------ C:\CONFIG.SYS
2007-04-07 00:20 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-07 00:20 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-07 00:20 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-07 00:20 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-07 00:20 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-07 00:19 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-07 00:19 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-07 00:19 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-07 00:19 73,344 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-07 00:19 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-07 00:19 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-07 00:19 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-07 00:19 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-07 00:19 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-07 00:19 47,616 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-07 00:19 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-07 00:19 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-07 00:19 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-07 00:19 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-07 00:19 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-07 00:19 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-07 00:19 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-07 00:19 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-07 00:19 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-07 00:19 275,968 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-07 00:19 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-07 00:19 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-07 00:19 240,128 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-07 00:19 21,812 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-07 00:19 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-07 00:19 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-07 00:19 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-07 00:19 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-07 00:19 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-07 00:19 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-07 00:19 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-07 00:19 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-07 00:19 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\Registration
2007-04-07 00:19 <DIR> d-------- C:\WINDOWS\PCHealth
2007-04-07 00:19 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-07 00:19 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-07 00:18 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-07 00:18 94,208 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-07 00:18 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-07 00:18 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-07 00:18 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-07 00:18 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-07 00:18 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-07 00:18 80,896 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-07 00:18 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-07 00:18 670,720 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-07 00:18 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-07 00:18 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-07 00:18 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-07 00:18 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-07 00:18 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-07 00:18 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-07 00:18 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-07 00:18 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-07 00:18 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-07 00:18 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-07 00:18 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-07 00:18 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-07 00:18 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-07 00:18 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-07 00:18 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-07 00:18 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-07 00:18 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-07 00:18 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-07 00:18 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-07 00:18 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-07 00:18 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-07 00:18 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-07 00:18 405,504 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-07 00:18 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-07 00:18 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-07 00:18 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-07 00:18 39,424 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-07 00:18 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-07 00:18 349,184 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-07 00:18 343,552 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-07 00:18 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-07 00:18 295,936 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-07 00:18 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-07 00:18 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-07 00:18 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-07 00:18 228,864 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-07 00:18 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-07 00:18 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-07 00:18 21,504 --a------ C:\WINDOWS\system32\msg.exe
2007-04-07 00:18 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-07 00:18 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-07 00:18 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-07 00:18 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-07 00:18 185,856 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-07 00:18 185,344 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-07 00:18 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-07 00:18 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-07 00:18 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-07 00:18 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-07 00:18 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-07 00:18 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-07 00:18 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-07 00:18 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-07 00:18 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-07 00:18 15,360 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-07 00:18 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-07 00:18 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-07 00:18 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-07 00:18 141,312 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-07 00:18 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-07 00:18 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-07 00:18 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-07 00:18 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-07 00:18 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-07 00:18 127,488 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-07 00:18 123,904 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-07 00:18 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-07 00:18 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-07 00:18 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-07 00:18 111,104 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-07 00:18 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-07 00:18 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-07 00:18 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-07 00:18 103,424 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-07 00:18 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-07 00:18 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-07 00:18 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-07 00:18 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-07 00:18 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-07 00:18 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-07 00:18 <DIR> d-------- C:\Program Files\Windows NT
2007-04-07 00:18 <DIR> d-------- C:\Program Files\Online Services
2007-04-07 00:18 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-07 00:18 <DIR> d-------- C:\Program Files\Messenger
2007-03-28 18:41 517,848 --a------ C:\WINDOWS\system32\SymNeti.dll
2007-03-28 18:41 47,192 --a------ C:\WINDOWS\system32\drivers\symndis.sys
2007-03-28 18:41 37,016 --a------ C:\WINDOWS\system32\drivers\symids.sys
2007-03-28 18:41 266,552 --a------ C:\WINDOWS\system32\drivers\symtdi.sys
2007-03-28 18:41 18,904 --a------ C:\WINDOWS\system32\drivers\symredrv.sys
2007-03-28 18:41 171,928 --a------ C:\WINDOWS\system32\drivers\symfw.sys
2007-03-28 18:41 132,824 --a------ C:\WINDOWS\system32\SymRedir.dll
2007-03-28 18:41 11,480 --a------ C:\WINDOWS\system32\drivers\symdns.sys


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-15 00:56 61958 --a------ C:\WINDOWS\system32\perfc005.dat
2007-04-15 00:56 379294 --a------ C:\WINDOWS\system32\perfh005.dat
2007-04-07 21:24 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-04-07 02:16 62 --ahs---- C:\DOCUME~1\Admin\DATAAP~1\desktop.ini


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
{055FD26D-3A88-4e15-963D-DC8493744B1D} C:\Program Files\ICQToolbar\toolbaru.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll
{BDF3E430-B101-42AD-A544-FADC6B084872} C:\Program Files\Norton AntiVirus\NavShExt.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Gainward"="C:\\WINDOWS\\TBPanel.exe /A"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
"SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"AsusStartupHelp"="C:\\Program Files\\ASUS\\AASP\\1.00.16\\AsRunHelp.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"LanguageShortcut"="\"C:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
"ICQ Lite"="\"C:\\Program Files\\ICQLite\\ICQLite.exe\" -minimize"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"="C:\\Program Files\\ICQLite\\ICQLite.exe -trayboot"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton AntiVirus - ProvŘýit tento poźˇtaź - Admin.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-24 20:59:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-04-24 21:00:57 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-04-24 21:00
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů