Prosím o kontrolu logu po napadeni win32.hllw.shadow.based
Napsal: 31 pro 2009 13:06
ComboFix 09-12-30.02 - Hugo 31.12.2009 12:55:31.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2842 [GMT 1:00]
Spuštěný z: d:\documents and settings\Hugo\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\$recycle.bin\S-1-5-21-441090678-3574309867-897022694-1000
d:\progra~1\EASYSE~1\BHO\7SUPer~1.dll
d:\progra~1\GOOGLE~1\17GOog~1.dll
d:\program files\GooglePlusVideos
d:\program files\GooglePlusVideos\17.GooglePlusVideos.dll
d:\program files\GooglePlusVideos\DeploymentHelper.exe
d:\program files\GooglePlusVideos\FFExt\chrome.manifest
d:\program files\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
d:\program files\GooglePlusVideos\FFExt\chrome\content\script-injector.js
d:\program files\GooglePlusVideos\FFExt\install.rdf
d:\program files\GooglePlusVideos\GooglePlusVideosLicense.txt
d:\program files\GooglePlusVideos\GooglePlusVideosXPCOM.dll
d:\program files\GooglePlusVideos\GVConfig.ini
d:\program files\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
d:\program files\GooglePlusVideos\MFC42U.DLL
d:\program files\GooglePlusVideos\Uninstall.bat
d:\recycler\S-1-5-21-1085031214-436374069-1417001333-1005
d:\recycler\S-1-5-21-1123561945-1229272821-682003330-1005
d:\recycler\S-1-5-21-527237240-1972579041-682003330-1005
D:\Thumbs.db
d:\windows\system32\Cache
d:\windows\system32\Dvbpws.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.
2009-12-31 10:35 . 2009-12-31 10:39 26190904 ----a-w- D:\sshquf2y.exe
2009-12-27 18:35 . 2009-12-27 18:35 -------- d--h--w- d:\windows\PIF
2009-12-27 15:08 . 2009-12-27 15:08 -------- d-----w- d:\program files\Toshiba
2009-12-26 02:35 . 2009-12-26 02:35 -------- d-----w- d:\documents and settings\LocalService\Plocha
2009-12-23 23:42 . 2009-12-23 23:50 -------- d-----w- d:\program files\The PC Jukebox
2009-12-23 23:41 . 1999-03-23 08:12 299520 ----a-w- d:\windows\uninst.exe
2009-12-23 12:01 . 2009-12-23 12:01 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-12-23 11:20 . 2009-12-23 11:20 -------- d-----w- d:\program files\Common Files\Skype
2009-12-23 11:11 . 2009-12-23 11:20 -------- d-----r- d:\program files\Skype
2009-12-21 16:55 . 2009-12-21 16:55 -------- d-----w- d:\program files\VideoLAN
2009-12-20 17:42 . 2009-10-16 10:19 872448 ----a-w- d:\windows\system32\rapture3d_oal.dll
2009-12-20 17:42 . 2009-07-13 18:04 839680 ----a-w- d:\windows\system32\mkl_vml_p4.dll
2009-12-20 17:42 . 2009-07-13 18:04 532480 ----a-w- d:\windows\system32\mkl_vml_p3.dll
2009-12-20 17:42 . 2009-07-13 18:04 512000 ----a-w- d:\windows\system32\mkl_vml_def.dll
2009-12-20 17:42 . 2009-07-13 18:04 3485696 ----a-w- d:\windows\system32\mkl_p4.dll
2009-12-20 17:42 . 2009-07-13 18:04 2793472 ----a-w- d:\windows\system32\mkl_p3.dll
2009-12-20 17:42 . 2009-07-13 18:04 2441216 ----a-w- d:\windows\system32\mkl_def.dll
2009-12-20 17:42 . 2009-07-13 18:04 2174976 ----a-w- d:\windows\system32\mkl_lapack32.dll
2009-12-20 17:42 . 2009-07-13 18:04 2125824 ----a-w- d:\windows\system32\mkl_lapack64.dll
2009-12-20 17:42 . 2009-07-13 18:04 184320 ----a-w- d:\windows\system32\libguide40.dll
2009-12-20 17:42 . 2009-12-20 17:42 -------- d-----w- d:\program files\BRS
2009-12-20 17:41 . 2009-09-04 16:44 515416 ----a-w- d:\windows\system32\XAudio2_5.dll
2009-12-20 17:41 . 2009-09-04 16:44 238936 ----a-w- d:\windows\system32\xactengine3_5.dll
2009-12-20 17:41 . 2009-09-04 16:29 1974616 ----a-w- d:\windows\system32\D3DCompiler_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 235344 ----a-w- d:\windows\system32\d3dx11_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 5501792 ----a-w- d:\windows\system32\d3dcsx_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 453456 ----a-w- d:\windows\system32\d3dx10_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 1892184 ----a-w- d:\windows\system32\D3DX9_42.dll
2009-12-16 11:55 . 2009-12-16 11:55 2287104 ----a-w- d:\windows\system32\TUKernel.exe
2009-12-16 11:40 . 2009-11-17 09:37 29512 ----a-w- d:\windows\system32\TURegOpt.exe
2009-12-16 11:40 . 2009-11-17 09:31 30024 ----a-w- d:\windows\system32\uxtuneup.dll
2009-12-16 11:40 . 2009-12-16 11:40 -------- d-----w- d:\program files\TuneUp Utilities 2010
2009-12-16 10:43 . 2009-12-16 10:43 -------- d-----w- d:\program files\Doublekiller Pro
2009-12-16 08:34 . 2009-12-16 08:34 -------- d-----w- d:\program files\Common Files\xing shared
2009-12-16 08:34 . 2009-12-16 08:34 -------- d-----w- d:\program files\Real
2009-12-16 08:33 . 2009-12-16 08:34 -------- d-----w- d:\program files\Common Files\Real
2009-12-16 08:32 . 2009-12-25 08:49 -------- d-----w- d:\program files\Google
2009-12-15 01:37 . 2009-12-15 01:37 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
2009-12-03 20:31 . 2008-04-14 07:51 159232 ----a-w- d:\windows\system32\ptpusd.dll
2009-12-03 20:31 . 2001-10-24 11:25 5632 ----a-w- d:\windows\system32\ptpusb.dll
2009-12-03 20:31 . 2008-04-13 23:15 15104 -c--a-w- d:\windows\system32\dllcache\usbscan.sys
2009-12-03 20:31 . 2008-04-13 23:15 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2009-12-03 14:59 . 2009-12-03 14:59 -------- d-----w- d:\program files\RecFree.com
2009-12-03 14:59 . 2009-12-03 14:59 -------- d-----w- d:\program files\EasySearch
2009-12-02 14:31 . 2009-12-02 14:32 -------- d-----w- d:\program files\DWG TrueView 2009
2009-12-02 14:11 . 2009-12-02 14:11 -------- d-----w- d:\program files\Microsoft WSE
2009-12-02 14:09 . 2009-12-02 14:30 -------- d-----w- d:\program files\Autodesk
2009-12-02 14:09 . 2009-12-02 14:18 -------- d-----w- d:\program files\Common Files\Autodesk Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 23:25 . 2009-07-04 07:58 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-12-20 17:41 . 2009-07-08 14:53 445016 ----a-w- d:\windows\system32\wrap_oal.dll
2009-12-20 17:41 . 2009-07-08 14:53 -------- d-----w- d:\program files\OpenAL
2009-12-20 17:41 . 2009-07-08 14:53 109144 ----a-w- d:\windows\system32\OpenAL32.dll
2009-12-20 17:30 . 2009-05-08 11:23 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-01 13:50 . 2001-10-25 14:00 89018 ----a-w- d:\windows\system32\perfc005.dat
2009-12-01 13:50 . 2001-10-25 14:00 467790 ----a-w- d:\windows\system32\perfh005.dat
2009-11-26 19:41 . 2009-11-26 19:41 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-11-26 19:41 . 2009-11-26 19:41 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-11-26 19:40 . 2009-11-26 19:40 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-26 19:39 . 2009-11-26 19:39 -------- d-----w- d:\program files\DIFX
2009-11-26 19:39 . 2009-11-26 19:39 -------- d-----w- d:\program files\PC Connectivity Solution
2009-11-22 09:50 . 2009-11-22 09:50 -------- d-----w- d:\program files\Common Files\ACD Systems
2009-11-22 09:50 . 2009-11-22 09:50 -------- d-----w- d:\program files\ACD Systems
2009-11-12 18:42 . 2009-11-12 18:42 -------- d-----w- d:\program files\CyberLink
2009-11-12 17:11 . 2009-11-12 17:11 -------- d-----w- d:\program files\Webteh
2009-11-11 14:34 . 2009-05-31 19:50 -------- d-----w- d:\program files\Common Files\Adobe
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- d:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- d:\windows\system32\xlivefnt.dll
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- d:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- d:\windows\system32\xliveinstallhost.exe
2009-10-29 07:43 . 2008-04-14 06:52 916480 ----a-w- d:\windows\system32\wininet.dll
2009-10-26 22:28 . 2009-06-28 13:09 4 ----a-w- d:\documents and settings\Hugo\WFSCHDL.dat
2009-10-26 22:28 . 2009-06-28 13:09 7780 ----a-w- d:\documents and settings\Hugo\FMCodec.dat
2009-10-21 05:40 . 2008-04-14 06:52 75776 ----a-w- d:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2008-04-14 06:51 25088 ----a-w- d:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 22:23 265728 ----a-w- d:\windows\system32\drivers\http.sys
2009-10-15 11:44 . 2009-12-20 17:41 809560 ----a-r- d:\windows\system32\tmpD0.tmp
2009-10-15 11:44 . 2009-12-20 17:41 809560 ----a-r- d:\windows\system32\tmpCF.tmp
2009-10-13 10:34 . 2008-04-14 06:51 271360 ----a-w- d:\windows\system32\oakley.dll
2009-10-12 13:40 . 2008-04-14 06:51 79872 ----a-w- d:\windows\system32\raschap.dll
2009-10-12 13:40 . 2008-04-14 06:51 150016 ----a-w- d:\windows\system32\rastls.dll
2009-10-06 10:56 . 2009-11-26 19:39 136704 ----a-w- d:\windows\system32\drivers\nmwcdnsu.sys
2009-10-06 10:56 . 2009-11-26 19:39 8320 ----a-w- d:\windows\system32\drivers\nmwcdnsuc.sys
2009-10-06 10:52 . 2009-11-26 19:39 7936 ----a-w- d:\windows\system32\drivers\usbser_lowerfltj.sys
2009-10-06 10:52 . 2009-11-26 19:39 660480 ----a-w- d:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52 . 2009-11-26 19:39 91136 ----a-w- d:\windows\system32\nmwcdcls.dll
2009-10-06 10:52 . 2009-11-26 19:39 7936 ----a-w- d:\windows\system32\drivers\usbser_lowerflt.sys
2009-10-06 10:52 . 2009-11-26 19:39 22016 ----a-w- d:\windows\system32\drivers\ccdcmbo.sys
2009-10-06 10:52 . 2009-11-26 19:39 17664 ----a-w- d:\windows\system32\drivers\ccdcmb.sys
2009-10-06 05:32 . 2009-10-06 05:33 411368 ----a-w- d:\windows\system32\deploytk.dll
2002-07-10 08:22 . 2002-07-10 08:22 81920 ----a-w- d:\program files\Common Files\msado25.tlb
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
2009-03-09 23:46 139264 ----a-w- d:\program files\RecFree.com\RecFreeToolbar\1.0.23.0\escort.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0508F8F1-08E3-43EE-AAA8-09AD09803084}"= "d:\program files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll" [2009-03-09 172032]
[HKEY_CLASSES_ROOT\clsid\{0508f8f1-08e3-43ee-aaa8-09ad09803084}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"WinFastDTV"="d:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-05-16 69632]
"WinFast Schedule"="d:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-05-22 405504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\D:^Documents and Settings^Hugo^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=d:\documents and settings\Hugo\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=d:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 00:12 483328 ----a-w- d:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- d:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- d:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-06 05:32 149280 ----a-w- d:\program files\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\Czech\\setup.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trackmania nations forever\\TmForever.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trackmania nations forever\\TmForeverLauncher.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\gti racing\\GTIRacing.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\xpand rally\\xpandrally.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\xpand rally\\ChromEd.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trials 2 second edition\\launcher.exe"=
"d:\\Games\\Steam\\SteamApps\\beneji\\day of defeat source\\hl2.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Games\\Steam\\Steam.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Games\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Games\\Steam\\SteamApps\\beneji\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\DC strong\\StrongDC.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"d:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"d:\\Games\\Red Faction Guerrilla\\rfg.exe"=
"d:\\Games\\OF Dragon Rising\\OFDR.exe"=
"d:\\Games\\Prototype\\prototypef.exe"=
"d:\\Games\\Dead Space\\Dead Space.exe"=
"c:\\Games\\DiRT2\\dirt2_game.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1841:TCP"= 1841:TCP:tqmec
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [17.11.2009 10:34 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 WFLR6654;WinFast DTV1800 H (Video);d:\windows\system32\drivers\wfeaglxt.sys [11.5.2009 17:58 393088]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [9.6.2009 19:06 639224]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\install\Everest ultimate Build 1771\kerneld.wnt [16.7.2009 15:06 27248]
S3 ggflt;SEMC USB Flash Driver Filter;d:\windows\system32\drivers\ggflt.sys [11.9.2009 15:37 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;d:\windows\system32\drivers\nmwcdnsu.sys [26.11.2009 20:39 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;d:\windows\system32\drivers\nmwcdnsuc.sys [26.11.2009 20:39 8320]
S3 WFIOCTL;WFIOCTL;d:\program files\WinFast\WFDTV\WFIOCTL.sys [11.5.2009 18:09 9446]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
vqgedd
.
Obsah adresáře 'Naplánované úlohy'
2009-12-24 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
2009-12-31 d:\windows\Tasks\Automatic troubleshooting.job
- d:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-11-17 09:40]
.
.
------- Doplňkový sken -------
.
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {EDE1A2D1-9920-4D0F-A0EB-A2B4749A5918} = 192.168.200.4,212.24.128.8
.
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\install\Everest ultimate Build 1771\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1272)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-31 13:01:31
ComboFix-quarantined-files.txt 2009-12-31 12:01
Před spuštěním: Volných bajtů: 14 511 783 936
Po spuštění: Volných bajtů: 15 931 363 328
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Windows XP Professional z Decka" /noexecute=optin /fastdetect /usepmtimer /TUTag=G01GDA /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Windows XP Professional z Decka (TuneUp Backup)" /noexecute=optin /fastdetect /usepmtimer /TUTag=G01GDA-BAK
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - D9A1BEE3582EA97103D5828CB008EE8A
dekuji
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2842 [GMT 1:00]
Spuštěný z: d:\documents and settings\Hugo\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\$recycle.bin\S-1-5-21-441090678-3574309867-897022694-1000
d:\progra~1\EASYSE~1\BHO\7SUPer~1.dll
d:\progra~1\GOOGLE~1\17GOog~1.dll
d:\program files\GooglePlusVideos
d:\program files\GooglePlusVideos\17.GooglePlusVideos.dll
d:\program files\GooglePlusVideos\DeploymentHelper.exe
d:\program files\GooglePlusVideos\FFExt\chrome.manifest
d:\program files\GooglePlusVideos\FFExt\chrome\content\googleplusvideos.xul
d:\program files\GooglePlusVideos\FFExt\chrome\content\script-injector.js
d:\program files\GooglePlusVideos\FFExt\install.rdf
d:\program files\GooglePlusVideos\GooglePlusVideosLicense.txt
d:\program files\GooglePlusVideos\GooglePlusVideosXPCOM.dll
d:\program files\GooglePlusVideos\GVConfig.ini
d:\program files\GooglePlusVideos\IGooglePlusVideosXPCOM.xpt
d:\program files\GooglePlusVideos\MFC42U.DLL
d:\program files\GooglePlusVideos\Uninstall.bat
d:\recycler\S-1-5-21-1085031214-436374069-1417001333-1005
d:\recycler\S-1-5-21-1123561945-1229272821-682003330-1005
d:\recycler\S-1-5-21-527237240-1972579041-682003330-1005
D:\Thumbs.db
d:\windows\system32\Cache
d:\windows\system32\Dvbpws.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-31 )))))))))))))))))))))))))))))))
.
2009-12-31 10:35 . 2009-12-31 10:39 26190904 ----a-w- D:\sshquf2y.exe
2009-12-27 18:35 . 2009-12-27 18:35 -------- d--h--w- d:\windows\PIF
2009-12-27 15:08 . 2009-12-27 15:08 -------- d-----w- d:\program files\Toshiba
2009-12-26 02:35 . 2009-12-26 02:35 -------- d-----w- d:\documents and settings\LocalService\Plocha
2009-12-23 23:42 . 2009-12-23 23:50 -------- d-----w- d:\program files\The PC Jukebox
2009-12-23 23:41 . 1999-03-23 08:12 299520 ----a-w- d:\windows\uninst.exe
2009-12-23 12:01 . 2009-12-23 12:01 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-12-23 11:20 . 2009-12-23 11:20 -------- d-----w- d:\program files\Common Files\Skype
2009-12-23 11:11 . 2009-12-23 11:20 -------- d-----r- d:\program files\Skype
2009-12-21 16:55 . 2009-12-21 16:55 -------- d-----w- d:\program files\VideoLAN
2009-12-20 17:42 . 2009-10-16 10:19 872448 ----a-w- d:\windows\system32\rapture3d_oal.dll
2009-12-20 17:42 . 2009-07-13 18:04 839680 ----a-w- d:\windows\system32\mkl_vml_p4.dll
2009-12-20 17:42 . 2009-07-13 18:04 532480 ----a-w- d:\windows\system32\mkl_vml_p3.dll
2009-12-20 17:42 . 2009-07-13 18:04 512000 ----a-w- d:\windows\system32\mkl_vml_def.dll
2009-12-20 17:42 . 2009-07-13 18:04 3485696 ----a-w- d:\windows\system32\mkl_p4.dll
2009-12-20 17:42 . 2009-07-13 18:04 2793472 ----a-w- d:\windows\system32\mkl_p3.dll
2009-12-20 17:42 . 2009-07-13 18:04 2441216 ----a-w- d:\windows\system32\mkl_def.dll
2009-12-20 17:42 . 2009-07-13 18:04 2174976 ----a-w- d:\windows\system32\mkl_lapack32.dll
2009-12-20 17:42 . 2009-07-13 18:04 2125824 ----a-w- d:\windows\system32\mkl_lapack64.dll
2009-12-20 17:42 . 2009-07-13 18:04 184320 ----a-w- d:\windows\system32\libguide40.dll
2009-12-20 17:42 . 2009-12-20 17:42 -------- d-----w- d:\program files\BRS
2009-12-20 17:41 . 2009-09-04 16:44 515416 ----a-w- d:\windows\system32\XAudio2_5.dll
2009-12-20 17:41 . 2009-09-04 16:44 238936 ----a-w- d:\windows\system32\xactengine3_5.dll
2009-12-20 17:41 . 2009-09-04 16:29 1974616 ----a-w- d:\windows\system32\D3DCompiler_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 235344 ----a-w- d:\windows\system32\d3dx11_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 5501792 ----a-w- d:\windows\system32\d3dcsx_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 453456 ----a-w- d:\windows\system32\d3dx10_42.dll
2009-12-20 17:41 . 2009-09-04 16:29 1892184 ----a-w- d:\windows\system32\D3DX9_42.dll
2009-12-16 11:55 . 2009-12-16 11:55 2287104 ----a-w- d:\windows\system32\TUKernel.exe
2009-12-16 11:40 . 2009-11-17 09:37 29512 ----a-w- d:\windows\system32\TURegOpt.exe
2009-12-16 11:40 . 2009-11-17 09:31 30024 ----a-w- d:\windows\system32\uxtuneup.dll
2009-12-16 11:40 . 2009-12-16 11:40 -------- d-----w- d:\program files\TuneUp Utilities 2010
2009-12-16 10:43 . 2009-12-16 10:43 -------- d-----w- d:\program files\Doublekiller Pro
2009-12-16 08:34 . 2009-12-16 08:34 -------- d-----w- d:\program files\Common Files\xing shared
2009-12-16 08:34 . 2009-12-16 08:34 -------- d-----w- d:\program files\Real
2009-12-16 08:33 . 2009-12-16 08:34 -------- d-----w- d:\program files\Common Files\Real
2009-12-16 08:32 . 2009-12-25 08:49 -------- d-----w- d:\program files\Google
2009-12-15 01:37 . 2009-12-15 01:37 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
2009-12-03 20:31 . 2008-04-14 07:51 159232 ----a-w- d:\windows\system32\ptpusd.dll
2009-12-03 20:31 . 2001-10-24 11:25 5632 ----a-w- d:\windows\system32\ptpusb.dll
2009-12-03 20:31 . 2008-04-13 23:15 15104 -c--a-w- d:\windows\system32\dllcache\usbscan.sys
2009-12-03 20:31 . 2008-04-13 23:15 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2009-12-03 14:59 . 2009-12-03 14:59 -------- d-----w- d:\program files\RecFree.com
2009-12-03 14:59 . 2009-12-03 14:59 -------- d-----w- d:\program files\EasySearch
2009-12-02 14:31 . 2009-12-02 14:32 -------- d-----w- d:\program files\DWG TrueView 2009
2009-12-02 14:11 . 2009-12-02 14:11 -------- d-----w- d:\program files\Microsoft WSE
2009-12-02 14:09 . 2009-12-02 14:30 -------- d-----w- d:\program files\Autodesk
2009-12-02 14:09 . 2009-12-02 14:18 -------- d-----w- d:\program files\Common Files\Autodesk Shared
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-23 23:25 . 2009-07-04 07:58 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-12-20 17:41 . 2009-07-08 14:53 445016 ----a-w- d:\windows\system32\wrap_oal.dll
2009-12-20 17:41 . 2009-07-08 14:53 -------- d-----w- d:\program files\OpenAL
2009-12-20 17:41 . 2009-07-08 14:53 109144 ----a-w- d:\windows\system32\OpenAL32.dll
2009-12-20 17:30 . 2009-05-08 11:23 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-01 13:50 . 2001-10-25 14:00 89018 ----a-w- d:\windows\system32\perfc005.dat
2009-12-01 13:50 . 2001-10-25 14:00 467790 ----a-w- d:\windows\system32\perfh005.dat
2009-11-26 19:41 . 2009-11-26 19:41 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-11-26 19:41 . 2009-11-26 19:41 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-11-26 19:40 . 2009-11-26 19:40 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-11-26 19:39 . 2009-11-26 19:39 -------- d-----w- d:\program files\DIFX
2009-11-26 19:39 . 2009-11-26 19:39 -------- d-----w- d:\program files\PC Connectivity Solution
2009-11-22 09:50 . 2009-11-22 09:50 -------- d-----w- d:\program files\Common Files\ACD Systems
2009-11-22 09:50 . 2009-11-22 09:50 -------- d-----w- d:\program files\ACD Systems
2009-11-12 18:42 . 2009-11-12 18:42 -------- d-----w- d:\program files\CyberLink
2009-11-12 17:11 . 2009-11-12 17:11 -------- d-----w- d:\program files\Webteh
2009-11-11 14:34 . 2009-05-31 19:50 -------- d-----w- d:\program files\Common Files\Adobe
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- d:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- d:\windows\system32\xlivefnt.dll
2009-11-02 17:05 . 2009-11-02 17:05 167064 ----a-w- d:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05 71832 ----a-w- d:\windows\system32\xliveinstallhost.exe
2009-10-29 07:43 . 2008-04-14 06:52 916480 ----a-w- d:\windows\system32\wininet.dll
2009-10-26 22:28 . 2009-06-28 13:09 4 ----a-w- d:\documents and settings\Hugo\WFSCHDL.dat
2009-10-26 22:28 . 2009-06-28 13:09 7780 ----a-w- d:\documents and settings\Hugo\FMCodec.dat
2009-10-21 05:40 . 2008-04-14 06:52 75776 ----a-w- d:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2008-04-14 06:51 25088 ----a-w- d:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2008-04-13 22:23 265728 ----a-w- d:\windows\system32\drivers\http.sys
2009-10-15 11:44 . 2009-12-20 17:41 809560 ----a-r- d:\windows\system32\tmpD0.tmp
2009-10-15 11:44 . 2009-12-20 17:41 809560 ----a-r- d:\windows\system32\tmpCF.tmp
2009-10-13 10:34 . 2008-04-14 06:51 271360 ----a-w- d:\windows\system32\oakley.dll
2009-10-12 13:40 . 2008-04-14 06:51 79872 ----a-w- d:\windows\system32\raschap.dll
2009-10-12 13:40 . 2008-04-14 06:51 150016 ----a-w- d:\windows\system32\rastls.dll
2009-10-06 10:56 . 2009-11-26 19:39 136704 ----a-w- d:\windows\system32\drivers\nmwcdnsu.sys
2009-10-06 10:56 . 2009-11-26 19:39 8320 ----a-w- d:\windows\system32\drivers\nmwcdnsuc.sys
2009-10-06 10:52 . 2009-11-26 19:39 7936 ----a-w- d:\windows\system32\drivers\usbser_lowerfltj.sys
2009-10-06 10:52 . 2009-11-26 19:39 660480 ----a-w- d:\windows\system32\nmwcdcocls.dll
2009-10-06 10:52 . 2009-11-26 19:39 91136 ----a-w- d:\windows\system32\nmwcdcls.dll
2009-10-06 10:52 . 2009-11-26 19:39 7936 ----a-w- d:\windows\system32\drivers\usbser_lowerflt.sys
2009-10-06 10:52 . 2009-11-26 19:39 22016 ----a-w- d:\windows\system32\drivers\ccdcmbo.sys
2009-10-06 10:52 . 2009-11-26 19:39 17664 ----a-w- d:\windows\system32\drivers\ccdcmb.sys
2009-10-06 05:32 . 2009-10-06 05:33 411368 ----a-w- d:\windows\system32\deploytk.dll
2002-07-10 08:22 . 2002-07-10 08:22 81920 ----a-w- d:\program files\Common Files\msado25.tlb
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D286E828-E6B9-484d-A058-D7323666DE33}]
2009-03-09 23:46 139264 ----a-w- d:\program files\RecFree.com\RecFreeToolbar\1.0.23.0\escort.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{0508F8F1-08E3-43EE-AAA8-09AD09803084}"= "d:\program files\RecFree.com\RecFreeToolbar\1.0.23.0\escorTlbr.dll" [2009-03-09 172032]
[HKEY_CLASSES_ROOT\clsid\{0508f8f1-08e3-43ee-aaa8-09ad09803084}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\escorTlbr.DskBnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-08-26 16851456]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"WinFastDTV"="d:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-05-16 69632]
"WinFast Schedule"="d:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-05-22 405504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2004-12-21 45056]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\D:^Documents and Settings^Hugo^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=d:\documents and settings\Hugo\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=d:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 00:12 483328 ----a-w- d:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 04:24 286720 ----a-w- d:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- d:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-06 05:32 149280 ----a-w- d:\program files\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\Czech\\setup.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trackmania nations forever\\TmForever.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trackmania nations forever\\TmForeverLauncher.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\gti racing\\GTIRacing.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\xpand rally\\xpandrally.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\xpand rally\\ChromEd.exe"=
"d:\\Games\\Steam\\SteamApps\\common\\trials 2 second edition\\launcher.exe"=
"d:\\Games\\Steam\\SteamApps\\beneji\\day of defeat source\\hl2.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Games\\Steam\\Steam.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Games\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Games\\Steam\\SteamApps\\beneji\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\DC strong\\StrongDC.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"d:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"d:\\Games\\Red Faction Guerrilla\\rfg.exe"=
"d:\\Games\\OF Dragon Rising\\OFDR.exe"=
"d:\\Games\\Prototype\\prototypef.exe"=
"d:\\Games\\Dead Space\\Dead Space.exe"=
"c:\\Games\\DiRT2\\dirt2_game.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1841:TCP"= 1841:TCP:tqmec
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [17.11.2009 10:34 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 WFLR6654;WinFast DTV1800 H (Video);d:\windows\system32\drivers\wfeaglxt.sys [11.5.2009 17:58 393088]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [9.6.2009 19:06 639224]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\install\Everest ultimate Build 1771\kerneld.wnt [16.7.2009 15:06 27248]
S3 ggflt;SEMC USB Flash Driver Filter;d:\windows\system32\drivers\ggflt.sys [11.9.2009 15:37 13224]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;d:\windows\system32\drivers\nmwcdnsu.sys [26.11.2009 20:39 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;d:\windows\system32\drivers\nmwcdnsuc.sys [26.11.2009 20:39 8320]
S3 WFIOCTL;WFIOCTL;d:\program files\WinFast\WFDTV\WFIOCTL.sys [11.5.2009 18:09 9446]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
vqgedd
.
Obsah adresáře 'Naplánované úlohy'
2009-12-24 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]
2009-12-31 d:\windows\Tasks\Automatic troubleshooting.job
- d:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-11-17 09:40]
.
.
------- Doplňkový sken -------
.
IE: Convert link target to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - d:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {EDE1A2D1-9920-4D0F-A0EB-A2B4749A5918} = 192.168.200.4,212.24.128.8
.
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\install\Everest ultimate Build 1771\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1272)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-31 13:01:31
ComboFix-quarantined-files.txt 2009-12-31 12:01
Před spuštěním: Volných bajtů: 14 511 783 936
Po spuštění: Volných bajtů: 15 931 363 328
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Windows XP Professional z Decka" /noexecute=optin /fastdetect /usepmtimer /TUTag=G01GDA /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Windows XP Professional z Decka (TuneUp Backup)" /noexecute=optin /fastdetect /usepmtimer /TUTag=G01GDA-BAK
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - D9A1BEE3582EA97103D5828CB008EE8A
dekuji
