Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Fb vir

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#16 Příspěvek od AngusCZ »

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

25.7.2011 22:22:38
mbam-log-2011-07-25 (22-22-22).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 310844
Uplynulý čas: 3 hodin, 3 minut, 42 sekund

Infikované procesy v paměti: 9
Infikované moduly v paměti: 0
Infikované klíče v registru: 23
Infikované hodnoty v registru: 10
Infikované datové položky v registru: 5
Infikované složky: 0
Infikované soubory: 51

Infikované procesy v paměti:
c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Dropper) -> 1956 -> No action taken.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 1964 -> No action taken.
c:\WINDOWS\systemup.exe (Trojan.Agent) -> 268 -> No action taken.
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> 3296 -> No action taken.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> 3144 -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 3024 -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 3400 -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 2924 -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 3040 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\glaide32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Delf) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Value: {3B62CA4B-3794-4A44-88D8-2AEE76E79727} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Value: {3B62CA4B-3794-4A44-88D8-2AEE76E79727} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Delf) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Delf) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\systemup.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\services32.exe (Trojan.Dropper) -> No action taken.
c:\documents and settings\Jonas\local settings\data aplikací\Google\Chrome\user data\Default\Cache\f_0057d5 (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP739\A0435773.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP739\A0435774.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436955.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436956.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436957.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436958.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437953.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437954.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437955.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437956.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438146.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438147.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438148.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438149.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438155.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438156.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438157.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438158.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438162.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438163.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438164.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438165.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438198.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438199.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438200.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438201.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438301.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438302.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438303.exe (Trojan.Dropper) -> No action taken.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438304.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\Temp\4234781.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\Temp\5983033.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\Temp\8817190.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\update.tray-12-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\documents and settings\Jonas\data aplikací\wiaserva.log (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\crt.dat (Malware.Trace) -> No action taken.
c:\WINDOWS\system32\drivers\glaide32.sys (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> No action taken.
c:\WINDOWS\Temp\878841948.exe (Trojan.FakeAlert.Gen) -> No action taken.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\sysdriver32_.exe (Trojan.Delf) -> No action taken.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> No action taken.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#17 Příspěvek od vyosek »

Nalezy smazte - bude dalsi log o ten poprosim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#18 Příspěvek od AngusCZ »

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

25.7.2011 22:37:05
mbam-log-2011-07-25 (22-37-04).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 310844
Uplynulý čas: 3 hodin, 3 minut, 42 sekund

Infikované procesy v paměti: 9
Infikované moduly v paměti: 0
Infikované klíče v registru: 23
Infikované hodnoty v registru: 10
Infikované datové položky v registru: 5
Infikované složky: 0
Infikované soubory: 51

Infikované procesy v paměti:
c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Dropper) -> 1956 -> Unloaded process successfully.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 1964 -> Unloaded process successfully.
c:\WINDOWS\systemup.exe (Trojan.Agent) -> 268 -> Unloaded process successfully.
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> 3296 -> Unloaded process successfully.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> 3144 -> Unloaded process successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 3024 -> Unloaded process successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> 3400 -> Unloaded process successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 2924 -> Unloaded process successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> 3040 -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\glaide32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent) -> Value: systemup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Value: {3B62CA4B-3794-4A44-88D8-2AEE76E79727} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{3B62CA4B-3794-4A44-88D8-2AEE76E79727} (Trojan.Vundo) -> Value: {3B62CA4B-3794-4A44-88D8-2AEE76E79727} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Delf) -> Value: sysdriver32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Delf) -> Value: sysdriver32_.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BITS\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemRoot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv\ImagePath (Hijack.WindowsUpdates) -> Bad: (%fystemroot%\system32\svchost.exe -k netsvcs) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Delete on reboot.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\update.tray-12-0\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\update.tray-7-0\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\systemup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\services32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Jonas\local settings\data aplikací\Google\Chrome\user data\Default\Cache\f_0057d5 (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP739\A0435773.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP739\A0435774.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436955.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436956.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436957.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0436958.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437953.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437954.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437955.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP740\A0437956.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438146.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438147.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438148.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438149.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438155.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438156.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438157.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438158.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438162.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438163.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438164.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438165.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438198.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438199.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438200.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438201.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438301.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438302.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438303.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{73ce58e6-90ed-448b-8a37-77b2864618b4}\RP741\A0438304.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\4234781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\5983033.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\8817190.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\update.tray-12-0-lnk\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\Jonas\data aplikací\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\crt.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\drivers\glaide32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\878841948.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\WINDOWS\sysdriver32.exe (Trojan.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\sysdriver32_.exe (Trojan.Delf) -> Quarantined and deleted successfully.
c:\WINDOWS\update.2\svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#19 Příspěvek od vyosek »

Zkuste nyni aplikovat ten opravny skript pro OTL jak jsem psal....
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#20 Příspěvek od AngusCZ »

All processes killed
========== OTL ==========
Service AVG Security Toolbar Service stopped successfully!
Service AVG Security Toolbar Service deleted successfully!
Service AppMgmt stopped successfully!
Service AppMgmt deleted successfully!
Service aawserviceACDaemon stopped successfully!
Service aawserviceACDaemon deleted successfully!
Error: No service named srvsysdriver32 was found to stop!
Service\Driver key srvsysdriver32 not found.
File C:\windows\sysdriver32.exe not found.
Error: No service named srvbtcclient was found to stop!
Service\Driver key srvbtcclient not found.
File C:\WINDOWS\update.5.0\svchost.exe not found.
Error: No service named srviecheck was found to stop!
Service\Driver key srviecheck not found.
File C:\WINDOWS\update.2\svchost.exe not found.
Error: No service named wxpdrivers was found to stop!
Service\Driver key wxpdrivers not found.
File C:\WINDOWS\update.1\svchost.exe not found.
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Error: No service named avgtdix was found to stop!
Service\Driver key avgtdix not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Unable to set value : HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E!
Unable to set value : HKU\S-1-5-21-1275210071-920026266-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E!
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
C:\Program Files\MyAshampoo\prxtbMyA0.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
C:\Program Files\uTorrentBar\tbuTo1.dll moved successfully.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll moved successfully.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BrotherSoft Extreme Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: "http://search.conduit.com/?ctid=CT27766 ... hSource=13" removed from browser.startup.homepage
Prefs.js: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.2.0185 removed from extensions.enabledItems
Prefs.js: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.3.3.2 removed from extensions.enabledItems
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
Prefs.js: "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\searchplugin folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\modules folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\META-INF folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\defaults folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\chrome folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com\chrome\content folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-33.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.gif moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.src moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\sweetim.xml moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\searchplugins\winamp-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B62CA4B-3794-4A44-88D8-2AEE76E79727}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B62CA4B-3794-4A44-88D8-2AEE76E79727}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45D62B9F-37D5-4A13-8540-81ED1EE7BE46}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45D62B9F-37D5-4A13-8540-81ED1EE7BE46}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a3bc75a2-1f87-4686-aa43-5347d756017c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a3bc75a2-1f87-4686-aa43-5347d756017c}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTo1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eee6c35c-6118-11dc-9c72-001320c79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eee6c35c-6118-11dc-9c72-001320c79847}\ deleted successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
File C:\Program Files\uTorrentBar\tbuTo1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\1105171117\ICQToolBar.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}\ not found.
File C:\Program Files\MyAshampoo\prxtbMyA0.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
File C:\Program Files\uTorrentBar\tbuTo1.dll not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry key HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\257215.exe deleted successfully.
C:\WINDOWS\Temp\257215.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6084484.exe deleted successfully.
C:\WINDOWS\Temp\6084484.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7153574.exe deleted successfully.
C:\WINDOWS\Temp\7153574.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\72516206-loader2.exe deleted successfully.
C:\WINDOWS\Temp\72516206-loader2.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8375444.exe deleted successfully.
C:\Documents and Settings\Jonas\Local Settings\Temp\8375444.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AVG8_TRAY deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe not found.
File C:\windows\sysdriver32.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe not found.
File C:\windows\sysdriver32_.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systemup not found.
File C:\WINDOWS\systemup.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 not found.
File C:\WINDOWS\update.tray-12-0\svchost.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 not found.
File C:\WINDOWS\update.tray-7-0\svchost.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv not found.
File C:\WINDOWS\services32.exe not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Infodelivery\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableSecureUIAPaths deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\avgsecuritytoolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C}\ deleted successfully.
File {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\urqpnljj\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\windmv32\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{846a4945-f4e1-11df-8ac2-001921a736a8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{846a4945-f4e1-11df-8ac2-001921a736a8}\ not found.
C:\windows\update.tray-7-0-lnk folder moved successfully.
C:\windows\update.tray-7-0 folder moved successfully.
C:\windows\rpcminer folder moved successfully.
C:\windows\phoenix\kernels\poclbm folder moved successfully.
C:\windows\phoenix\kernels\phatk folder moved successfully.
C:\windows\phoenix\kernels folder moved successfully.
C:\windows\phoenix folder moved successfully.
C:\windows\update.5.0 folder moved successfully.
C:\windows\update.2 folder moved successfully.
C:\windows\av_ico folder moved successfully.
C:\windows\update.1 folder moved successfully.
C:\windows\update.tray-12-0-lnk folder moved successfully.
C:\windows\update.tray-12-0 folder moved successfully.
C:\windows\System32\CONFIG.TMP deleted successfully.
C:\windows\System32\SET96.tmp deleted successfully.
C:\windows\System32\SET9B.tmp deleted successfully.
C:\windows\002685_.tmp deleted successfully.
C:\windows\SET3.tmp deleted successfully.
C:\windows\SET4.tmp deleted successfully.
C:\windows\SET8.tmp deleted successfully.
C:\WINDOWS\info1 moved successfully.
File C:\windows\sysdriver32_.exe not found.
File C:\windows\sysdriver32.exe not found.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
File C:\windows\systemup.exe not found.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\loader2.exe_ok moved successfully.
File C:\windows\services32.exe not found.
C:\WINDOWS\system32\vuqbumcn.ini moved successfully.
C:\WINDOWS\system32\oqyoynnq.ini moved successfully.
C:\WINDOWS\system32\lgsauxmi.ini moved successfully.
C:\WINDOWS\system32\nkfuvnag.ini moved successfully.
C:\WINDOWS\system32\wajnhiyi.ini moved successfully.
C:\WINDOWS\system32\wivvhmvc.ini moved successfully.
C:\WINDOWS\system32\uijsiahk.ini moved successfully.
C:\WINDOWS\system32\iycatrtf.ini moved successfully.
C:\WINDOWS\system32\aabtixsk.ini moved successfully.
C:\WINDOWS\system32\swwmraht.ini moved successfully.
C:\WINDOWS\system32\vrjdnadq.ini moved successfully.
C:\WINDOWS\system32\vjfbaoac.ini moved successfully.
C:\WINDOWS\system32\jyuwexck.ini moved successfully.
C:\WINDOWS\system32\HRqYcJlm.ini2 moved successfully.
C:\WINDOWS\system32\HRqYcJlm.ini moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\Opt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\Essentials folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster\BackLnk folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit\Game Booster folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\IObit folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Toolbars\Internet Explorer\cache folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Toolbars folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data\contentdb folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\data folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf\users\592932387 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf\users\379343573 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf\users folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\conf folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\SweetIM folder moved successfully.
C:\Documents and Settings\Jonas\Data aplikací\ICQ Toolbar folder moved successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP245.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP76C.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7CE.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7D5.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8FE.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9B6.tmp folder deleted successfully.
C:\windows\SoftwareDistribution\Download\2276f493c4f60476e857aafedebb5513\BIT4C2.tmp deleted successfully.
C:\windows\system32\config\systemprofile\Local Settings\Temp\CR_17A42.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\windows\system32\config\systemprofile\Local Settings\Temp\CR_17A42.tmp folder deleted successfully.
C:\windows\twain_32\hpqgnds2.tmp deleted successfully.
ADS C:\Documents and Settings\Jonas\Plocha\14.rar:SummaryInformation deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.1\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\services32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-12-0\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.2\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-7-0-lnk\svchost.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ not found.
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E!
Unable to set value : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E!
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate1ca7b204bb05e20 stopped successfully!
Service gupdate1ca7b204bb05e20 deleted successfully!
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File\Folder C:\Documents and Settings\Jonas\Dokumenty\Downloads\Flash-Player.exe not found.
File\Folder C:\WINDOWS\update.tray-7-0-lnk not found.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files\SweetIM\Toolbars folder moved successfully.
C:\Program Files\SweetIM\Messenger\resources\images folder moved successfully.
C:\Program Files\SweetIM\Messenger\resources folder moved successfully.
C:\Program Files\SweetIM\Messenger folder moved successfully.
C:\Program Files\SweetIM folder moved successfully.
C:\Program Files\uTorrentBar folder moved successfully.
File\Folder C:\WINDOWS\update.5.0 not found.
File\Folder C:\WINDOWS\update.2.0 not found.
File\Folder C:\WINDOWS\update.tray-7-0 not found.
File\Folder C:\WINDOWS\update.tray-12-0 not found.
File\Folder C:\WINDOWS\update.1 not found.
C:\Program Files\ICQ6Toolbar\1105171117 folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 396850 bytes
->Temporary Internet Files folder emptied: 674781 bytes
->FireFox cache emptied: 14862255 bytes
->Google Chrome cache emptied: 6810853 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Jonas
->Temp folder emptied: 59986222 bytes
->Temporary Internet Files folder emptied: 55500409 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 426472316 bytes
->Google Chrome cache emptied: 262684449 bytes
->Flash cache emptied: 3422639 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 10021562 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3390668 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 173005001 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 94777097 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 061,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: Jonas
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07252011_231339

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Jonas\Local Settings\Temp\Temporary Internet Files\Content.IE5\POXT93AI\0CQ5CAHWU9Q7CA20XT1PCASF6PORCAMZHRY0CA665EMCCA85YGRNCAVAF6PWCATVDP3ICA2NFJVACA4EYGNWCAJOY4ASCA98KFHTCAMGL7CYCAAJ8XC6CACHTRTHCADFI7IJCAJ5Q6PXCA76OREWCA69A3CKCAYMEAKCCAY6ETPO.htm not found!
File\Folder C:\Documents and Settings\Jonas\Local Settings\Temp\Temporary Internet Files\Content.IE5\POXT93AI\FPKLCAQYSH10CA5GQQ5OCA2YS6PBCA2OVCZZCA48IS5WCAP1F10SCA6SXCRICA4GG9MDCA6HGL9XCAQNWJ1GCAAC7NA2CADVJLROCAAM31QNCAEYQXNUCAPAD4IOCAGDEP7ECA2WWR90CAME2GFOCACX7N4UCA7E11MKCA5LZU2J.htm not found!

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#21 Příspěvek od vyosek »

Super :wink:

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#22 Příspěvek od AngusCZ »

ComboFix 11-07-25.03 - Administrator 25.07.2011 23:50:10.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.895.728 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Jonas\WINDOWS
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\iecheck_iplist.txt
c:\windows\iplist.txt
c:\windows\proc_list1.log
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\shimg.dll
c:\windows\ufa.rar
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
c:\windows\winsetupapi.log
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-25 21:13 . 2011-07-25 21:13 -------- d-----w- C:\_OTL
2011-07-25 17:12 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 17:12 . 2011-07-25 17:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-25 17:12 . 2011-07-25 17:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-25 17:12 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-25 16:48 . 2011-07-25 16:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Mozilla
2011-07-25 16:30 . 2011-07-25 16:30 -------- d-----w- c:\windows\ufa
2011-07-25 15:30 . 2011-07-25 15:32 512 ----a-w- C:\PhysicalMBR.bin
2011-07-25 11:17 . 2011-07-25 11:17 -------- d-----w- c:\program files\trend micro
2011-07-24 15:56 . 2011-07-25 14:05 -------- d-----w- C:\Valve
2011-07-24 15:16 . 2011-07-24 15:16 -------- d-----w- c:\program files\Guitar and Bass
2011-07-24 15:16 . 2011-07-24 15:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Guitar and Bass
2011-07-24 14:12 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-24 14:12 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-24 14:12 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-24 14:12 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-24 14:12 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-24 14:12 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-24 14:12 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-24 14:12 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-24 14:12 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-24 14:12 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-23 17:31 . 2011-07-24 15:55 -------- d-----w- c:\program files\Valve
2011-07-15 18:46 . 2011-07-15 18:46 -------- d-----w- c:\program files\IObit
2011-07-09 19:15 . 2011-07-13 13:15 -------- d-----w- c:\program files\FlatOut2
2011-07-09 18:15 . 2011-07-09 18:15 -------- d-----w- c:\program files\FlatOut 2 Mod Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 12:02 . 2011-06-11 12:02 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-05-15 17:10 . 2011-05-15 17:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-15 17:10 . 2011-05-15 17:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-06-24 10:30 . 2011-04-30 10:19 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-20 09:17 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-03-20 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-03-20 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2010-12-30 1242448]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-06 39408]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-06-29 124216]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-23 16049664]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2006-11-11 09:07 11952 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\SIERRA\\Half-Life\\hlds.exe"=
"c:\\SIERRA\\Half-Life\\valve\\cs-nonsteam\\hl.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\jonas66940\\zombie panic! source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\jonas66940\\zombie panic! source dedicated server\\srcds.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\steamapps\\anguscz\\zombie panic! source\\hl2.exe"=
"c:\\SIERRA\\Half-Life\\hl.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4.2.2011 23:23 218688]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [21.11.2010 17:28 47616]
R3 gmoups2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [25.11.2009 16:49 17408]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [25.11.2009 16:49 14848]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [25.11.2009 16:49 9984]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.12.2009 13:43 133104]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [28.8.2006 23:54 10664]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 19:12 41272]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{846a4945-f4e1-11df-8ac2-001921a736a8}]
\Shell\AutoRun\command - F:\LGAutoRun.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-12 11:43]
.
2010-07-15 c:\windows\Tasks\Install_NSS.job
- c:\program files\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 81.19.45.14 81.19.45.1
FF - ProfilePath - c:\documents and settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2776682&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
URLSearchHooks-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
URLSearchHooks-{EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
URLSearchHooks-{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShell.dll
SafeBoot-63025988.sys
AddRemove-avast - c:\program files\AVAST Software\Avast\aswRunDll.exe
AddRemove-avg8uninstall - c:\program files\AVG\AVG8\setup.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-uTorrentBar Toolbar - c:\progra~1\UTORRE~1\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 23:58
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\system32\wuapi.dll.mui.wusetup.289296.bak 23576 bytes executable
c:\windows\system32\wuapi.dll.wusetup.286984.bak 561688 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.308296.bak 1809944 bytes executable
c:\documents and settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\pluginreg.dat.bak 16631 bytes
c:\documents and settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\prefs.js.BAK 89479 bytes
.
sken byl úspešně dokončen
skryté soubory: 5
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\securom\!caution! never delete or change any key*]
"??"=hex:5c,2c,ed,9b,5b,6d,47,b7,b1,4d,8a,0b,c8,0c,a7,97,71,8c,00,11,f9,57,08,
b3,c5,06,6f,03,00,0d,bd,8f,f8,65,31,33,37,40,76,a1,fc,4e,a3,de,95,d2,bb,de,\
"??"=hex:ec,7f,62,96,57,2c,d6,08,cc,a5,1f,55,b4,c4,7c,48
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(560)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1416)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 00:05:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 22:05
.
Před spuštěním: Volných bajtů: 20 935 442 432
Po spuštění: Volných bajtů: 20 797 333 504
.
- - End Of File - - 5639AEC7F3FE09E3D3745D883FEA0749
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#23 Příspěvek od vyosek »

Skript pro OTL - vlozte jej a klik na Opravit - log pak sem

Kód: Vybrat vše

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv]
"ImagePath"=hex(2):"%systemroot%\system32\svchost.exe -k netsvcs"
"Type"=dword:00000020
"Start"=dword:00000002
"ErrorControl"=dword:00000001

:commands
[REBOOT]
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#24 Příspěvek od AngusCZ »

========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\\"ErrorControl"|dword:00000001 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ImagePath"|hex(2):"%systemroot%\system32\svchost.exe -k netsvcs" /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Type"|dword:00000020 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"Start"|dword:00000002 /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wuauserv\\"ErrorControl"|dword:00000001 /E : value set successfully!
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.26.1 log created on 07262011_001502
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#25 Příspěvek od vyosek »

:arrow: Pokud nemate, tak presunte Combofix na plochu
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    KillAll::

Folder::
c:\windows\ufa

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"DAEMON Tools Lite"=-
"Skype"=-
"swg"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2776682

Firefox::
FF - ProfilePath - c:\documents and settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT27766 ... hSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... ource=2&q=

Reboot::
  • Ulozte vytvoreny TXT jako CFScript.txt
  • Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
    Obrázek
  • Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
:arrow: Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#26 Příspěvek od AngusCZ »

Bohužel, Conbofix mi píše že mám zaple AWG i avast ale ty už v pc nejsou.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#27 Příspěvek od vyosek »

Prozente PC timhle http://download.avg.com/filedir/util/su ... 1_1184.exe a jeste pak timto http://files.avast.com/files/eng/aswclear.exe

Pak by melo CF frcet bez problemu
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#28 Příspěvek od AngusCZ »

Pořád stejný problém avast už je prič ale awg pořád hlasí chybu
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Fb vir

#29 Příspěvek od vyosek »

Tak jej odkliknete, jsou tam nekde jen drobnosti asi, domazneme rucne
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
AngusCZ
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 25 črc 2011 12:09

Re: Fb vir

#30 Příspěvek od AngusCZ »

ComboFix 11-07-25.03 - Jonas 26.07.2011 12:02:48.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.895.548 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jonas\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jonas\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ufa
c:\windows\ufa\ufa.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-25 23:22 . 2011-07-25 23:22 -------- d-----w- c:\program files\Reference Assemblies
2011-07-25 23:07 . 2011-07-25 23:07 -------- d-----w- c:\program files\MSXML 4.0
2011-07-25 22:52 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-07-25 22:51 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-07-25 22:50 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-07-25 22:48 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-07-25 22:43 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-07-25 22:42 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-07-25 22:42 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-07-25 22:41 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-07-25 22:23 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-07-25 22:14 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-07-25 22:13 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-07-25 22:06 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-07-25 22:06 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-07-25 21:13 . 2011-07-25 21:13 -------- d-----w- C:\_OTL
2011-07-25 17:12 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-25 17:12 . 2011-07-25 17:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-25 17:12 . 2011-07-25 17:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-25 17:12 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-25 16:48 . 2011-07-25 16:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Mozilla
2011-07-25 15:30 . 2011-07-25 15:32 512 ----a-w- C:\PhysicalMBR.bin
2011-07-25 11:17 . 2011-07-25 11:17 -------- d-----w- c:\program files\trend micro
2011-07-24 15:56 . 2011-07-25 14:05 -------- d-----w- C:\Valve
2011-07-24 15:16 . 2011-07-24 15:16 -------- d-----w- c:\program files\Guitar and Bass
2011-07-24 15:16 . 2011-07-24 15:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Guitar and Bass
2011-07-24 14:12 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-24 14:12 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-23 17:31 . 2011-07-24 15:55 -------- d-----w- c:\program files\Valve
2011-07-15 18:46 . 2011-07-15 18:46 -------- d-----w- c:\program files\IObit
2011-07-09 19:15 . 2011-07-13 13:15 -------- d-----w- c:\program files\FlatOut2
2011-07-09 18:15 . 2011-07-09 18:15 -------- d-----w- c:\program files\FlatOut 2 Mod Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 12:02 . 2011-06-11 12:02 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-06-06 11:35 . 2004-08-18 14:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-15 17:10 . 2011-05-15 17:10 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-15 17:10 . 2011-05-15 17:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 15:32 . 2008-05-05 18:06 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2004-08-18 14:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2004-08-18 14:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-06-24 10:30 . 2011-04-30 10:19 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-25_21.58.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-30 17:19 . 2009-08-06 17:24 44768 c:\windows\system32\wups2.dll
+ 2008-05-05 18:06 . 2009-08-06 17:24 35552 c:\windows\system32\wups.dll
+ 2004-08-18 14:00 . 2009-06-25 08:27 54272 c:\windows\system32\wdigest.dll
+ 2007-11-13 11:31 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2004-08-18 14:00 . 2009-06-15 10:45 78336 c:\windows\system32\telnet.exe
+ 2008-05-05 18:31 . 2007-07-27 21:11 26488 c:\windows\system32\spupdsvc.exe
- 2008-05-05 18:31 . 2007-11-30 11:18 26488 c:\windows\system32\spupdsvc.exe
+ 2004-08-18 14:00 . 2010-08-17 13:17 58880 c:\windows\system32\spoolsv.exe
+ 2008-05-15 13:45 . 2010-07-05 13:13 18296 c:\windows\system32\spmsg.dll
- 2004-08-18 14:00 . 2009-02-03 19:58 56832 c:\windows\system32\secur32.dll
+ 2004-08-18 14:00 . 2009-06-25 08:27 56832 c:\windows\system32\secur32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 79872 c:\windows\system32\raschap.dll
+ 2004-08-18 14:00 . 2009-10-12 13:40 79872 c:\windows\system32\raschap.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 44544 c:\windows\system32\pngfilt.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 44544 c:\windows\system32\pngfilt.dll
- 2004-08-18 14:00 . 2011-04-01 07:49 67448 c:\windows\system32\perfc009.dat
+ 2004-08-18 14:00 . 2011-07-25 23:11 67448 c:\windows\system32\perfc009.dat
+ 2004-08-18 14:00 . 2011-07-25 23:11 78052 c:\windows\system32\perfc005.dat
- 2004-08-18 14:00 . 2011-04-01 07:49 78052 c:\windows\system32\perfc005.dat
+ 2004-08-17 15:49 . 2009-11-27 17:14 17920 c:\windows\system32\msyuv.dll
+ 2004-08-18 14:00 . 2009-11-27 16:09 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-18 14:00 . 2009-11-27 16:09 11264 c:\windows\system32\msrle32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 11264 c:\windows\system32\msrle32.dll
+ 2007-08-13 16:54 . 2011-04-25 15:45 52224 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 16:54 . 2009-02-20 17:13 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-18 14:00 . 2009-09-04 21:05 58880 c:\windows\system32\msasn1.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-17 15:49 . 2009-11-27 16:09 48128 c:\windows\system32\iyuv_32.dll
- 2008-05-05 18:06 . 2008-04-14 03:21 81920 c:\windows\system32\isign32.dll
+ 2008-05-05 18:06 . 2010-11-18 18:15 81920 c:\windows\system32\isign32.dll
+ 2007-08-13 16:39 . 2011-04-25 12:00 13824 c:\windows\system32\ieudinit.exe
- 2007-08-13 16:39 . 2009-02-20 10:20 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-18 14:00 . 2011-04-25 15:45 44544 c:\windows\system32\iernonce.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 44544 c:\windows\system32\iernonce.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 78336 c:\windows\system32\ieencode.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 78336 c:\windows\system32\ieencode.dll
- 2004-08-18 14:00 . 2009-02-20 10:20 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-18 14:00 . 2011-04-25 12:00 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-18 14:00 . 2010-06-17 14:03 80384 c:\windows\system32\iccvid.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 80384 c:\windows\system32\iccvid.dll
+ 2007-08-13 16:36 . 2011-04-25 15:45 63488 c:\windows\system32\icardie.dll
- 2007-08-13 16:36 . 2009-02-20 17:13 63488 c:\windows\system32\icardie.dll
+ 2004-08-18 14:00 . 2009-10-15 16:32 81920 c:\windows\system32\fontsub.dll
+ 2004-08-18 14:00 . 2010-11-02 15:17 40960 c:\windows\system32\drivers\ndproxy.sys
+ 2004-08-18 14:00 . 2009-06-24 11:18 92928 c:\windows\system32\drivers\ksecdd.sys
+ 2004-08-18 14:00 . 2009-04-20 17:19 45568 c:\windows\system32\dnsrslvr.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 45568 c:\windows\system32\dnsrslvr.dll
+ 2008-05-05 18:06 . 2009-08-06 17:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2009-06-25 08:27 . 2009-06-25 08:27 54272 c:\windows\system32\dllcache\wdigest.dll
+ 2009-06-15 10:45 . 2009-06-15 10:45 78336 c:\windows\system32\dllcache\telnet.exe
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2009-02-03 19:58 . 2009-06-25 08:27 56832 c:\windows\system32\dllcache\secur32.dll
- 2009-02-03 19:58 . 2009-02-03 19:58 56832 c:\windows\system32\dllcache\secur32.dll
+ 2009-10-12 13:40 . 2009-10-12 13:40 79872 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2009-11-27 17:14 . 2009-11-27 17:14 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2004-08-18 14:00 . 2009-11-27 16:09 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-05-06 13:37 . 2011-04-25 15:45 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-05-06 13:37 . 2009-02-20 17:13 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-09-04 21:05 . 2009-09-04 21:05 58880 c:\windows\system32\dllcache\msasn1.dll
+ 2009-06-24 11:18 . 2009-06-24 11:18 92928 c:\windows\system32\dllcache\ksecdd.sys
- 2004-08-18 14:00 . 2009-02-20 17:13 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2010-11-18 18:15 . 2010-11-18 18:15 81920 c:\windows\system32\dllcache\isign32.dll
- 2008-05-06 13:37 . 2009-02-20 10:20 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-05-06 13:37 . 2011-04-25 12:00 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2004-08-18 14:00 . 2009-02-20 17:13 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 44544 c:\windows\system32\dllcache\iernonce.dll
- 2009-02-20 17:13 . 2009-02-20 17:13 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2009-02-20 17:13 . 2011-04-25 15:45 78336 c:\windows\system32\dllcache\ieencode.dll
- 2004-08-18 14:00 . 2009-02-20 10:20 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-18 14:00 . 2011-04-25 12:00 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-05-06 13:37 . 2011-04-25 15:45 63488 c:\windows\system32\dllcache\icardie.dll
- 2008-05-06 13:37 . 2009-02-20 17:13 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-04-20 17:19 . 2009-04-20 17:19 45568 c:\windows\system32\dllcache\dnsrslvr.dll
+ 2011-04-26 11:07 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-04-25 15:45 . 2011-04-25 15:45 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-01-13 14:02 . 2010-01-13 14:02 86016 c:\windows\system32\dllcache\cabview.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2009-07-17 19:04 . 2009-07-17 19:04 58880 c:\windows\system32\dllcache\atl.dll
+ 2010-03-05 14:42 . 2010-03-05 14:42 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-18 14:00 . 2011-04-26 11:07 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 17408 c:\windows\system32\corpol.dll
+ 2004-08-18 14:00 . 2010-01-13 14:02 86016 c:\windows\system32\cabview.dll
+ 2004-08-18 14:00 . 2009-11-27 16:09 84992 c:\windows\system32\avifil32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 84992 c:\windows\system32\avifil32.dll
+ 2004-08-18 14:00 . 2009-07-17 19:04 58880 c:\windows\system32\atl.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 58880 c:\windows\system32\atl.dll
+ 2004-08-18 14:00 . 2010-03-05 14:42 65536 c:\windows\system32\asycfilt.dll
+ 2011-07-25 23:07 . 2011-07-25 23:07 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe
+ 2011-07-25 23:30 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB2530548-IE7\pngfilt.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 52224 c:\windows\ie7updates\KB2530548-IE7\msfeedsbs.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 27648 c:\windows\ie7updates\KB2530548-IE7\jsproxy.dll
+ 2011-07-25 23:30 . 2009-02-20 10:20 13824 c:\windows\ie7updates\KB2530548-IE7\ieudinit.exe
+ 2011-07-25 23:30 . 2009-02-20 17:13 44544 c:\windows\ie7updates\KB2530548-IE7\iernonce.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 78336 c:\windows\ie7updates\KB2530548-IE7\ieencode.dll
+ 2011-07-25 23:30 . 2009-02-20 10:20 70656 c:\windows\ie7updates\KB2530548-IE7\ie4uinit.exe
+ 2011-07-25 23:30 . 2009-02-20 17:13 63488 c:\windows\ie7updates\KB2530548-IE7\icardie.dll
+ 2011-07-25 23:30 . 2008-04-14 03:21 35328 c:\windows\ie7updates\KB2530548-IE7\corpol.dll
+ 2008-10-14 16:57 . 2009-11-27 17:14 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2011-07-26 10:08 . 2011-07-26 10:08 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\3f3ff3edbe8ba918c7b91c5c6dd0c37a\System.ComponentModel.DataAnnotations.ni.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-05-05 05:25 . 2011-02-17 12:54 5632 c:\windows\system32\xpsp4res.dll
+ 2001-10-24 12:25 . 2009-11-27 16:09 8704 c:\windows\system32\tsbyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-12-14 10:25 . 2009-12-14 10:25 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-12-14 10:24 . 2009-12-14 10:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-18 14:00 . 2009-04-01 21:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-18 14:00 . 2009-07-13 21:43 286208 c:\windows\system32\wmpdxm.dll
- 2004-08-18 14:00 . 2008-04-14 03:22 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-18 14:00 . 2009-06-10 06:16 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-18 14:00 . 2009-12-24 07:04 177664 c:\windows\system32\wintrust.dll
+ 2004-08-18 14:00 . 2011-04-26 11:07 293376 c:\windows\system32\winsrv.dll
- 2004-08-18 14:00 . 2008-04-14 03:22 293376 c:\windows\system32\winsrv.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 832512 c:\windows\system32\wininet.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 233472 c:\windows\system32\webcheck.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 233472 c:\windows\system32\webcheck.dll
+ 2004-08-18 14:00 . 2011-03-04 06:43 434176 c:\windows\system32\vbscript.dll
+ 2004-08-18 14:00 . 2010-04-16 15:38 406016 c:\windows\system32\usp10.dll
- 2004-08-18 14:00 . 2008-04-14 03:22 406016 c:\windows\system32\usp10.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 105984 c:\windows\system32\url.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 105984 c:\windows\system32\url.dll
+ 2004-08-18 14:00 . 2010-08-27 08:03 119808 c:\windows\system32\t2embed.dll
+ 2004-08-18 14:00 . 2009-08-26 08:02 247326 c:\windows\system32\strmdll.dll
- 2004-08-18 14:00 . 2008-10-03 10:04 247326 c:\windows\system32\strmdll.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 14:00 . 2009-07-27 23:19 135168 c:\windows\system32\shsvcs.dll
+ 2004-08-18 14:00 . 2009-12-08 09:25 474112 c:\windows\system32\shlwapi.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-18 14:00 . 2011-01-21 14:44 440320 c:\windows\system32\shimgvw.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 270848 c:\windows\system32\sbe.dll
+ 2004-08-18 14:00 . 2011-02-09 13:53 270848 c:\windows\system32\sbe.dll
+ 2004-08-18 14:00 . 2010-08-16 08:45 590848 c:\windows\system32\rpcrt4.dll
+ 2004-08-18 14:00 . 2009-10-12 13:40 150016 c:\windows\system32\rastls.dll
- 2004-08-18 14:00 . 2011-04-01 07:49 432492 c:\windows\system32\perfh009.dat
+ 2004-08-18 14:00 . 2011-07-25 23:11 432492 c:\windows\system32\perfh009.dat
+ 2004-08-18 14:00 . 2011-07-25 23:11 429024 c:\windows\system32\perfh005.dat
- 2004-08-18 14:00 . 2011-04-01 07:49 429024 c:\windows\system32\perfh005.dat
+ 2004-08-18 14:00 . 2010-12-20 17:32 551936 c:\windows\system32\oleaut32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 551936 c:\windows\system32\oleaut32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 249856 c:\windows\system32\odbc32.dll
+ 2004-08-18 14:00 . 2010-11-09 14:52 249856 c:\windows\system32\odbc32.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 102912 c:\windows\system32\occache.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 102912 c:\windows\system32\occache.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 271360 c:\windows\system32\oakley.dll
+ 2004-08-18 14:00 . 2009-10-13 10:34 271360 c:\windows\system32\oakley.dll
+ 2004-08-18 14:00 . 2010-12-09 15:15 713216 c:\windows\system32\ntdll.dll
+ 2004-08-18 14:00 . 2008-06-20 16:04 247296 c:\windows\system32\mswsock.dll
- 2004-08-18 14:00 . 2008-06-20 17:49 247296 c:\windows\system32\mswsock.dll
+ 2004-08-18 14:00 . 2009-08-05 09:01 205312 c:\windows\system32\mswebdvd.dll
+ 2004-08-18 14:00 . 2009-09-11 14:19 136192 c:\windows\system32\msv1_0.dll
+ 2008-05-05 18:04 . 2011-01-27 11:57 677888 c:\windows\system32\mstsc.exe
- 2008-05-05 18:04 . 2008-04-14 03:22 677888 c:\windows\system32\mstsc.exe
- 2004-08-18 14:00 . 2009-02-20 17:13 671232 c:\windows\system32\mstime.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 671232 c:\windows\system32\mstime.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 193024 c:\windows\system32\msrating.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 193024 c:\windows\system32\msrating.dll
+ 2008-05-05 18:04 . 2009-12-17 07:42 343552 c:\windows\system32\mspaint.exe
- 2008-05-05 18:04 . 2008-04-14 03:22 343552 c:\windows\system32\mspaint.exe
+ 2004-08-18 14:00 . 2011-04-25 15:45 478208 c:\windows\system32\mshtmled.dll
+ 2007-08-13 16:54 . 2011-04-25 15:45 468480 c:\windows\system32\msfeeds.dll
+ 2006-10-18 19:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll
- 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2004-08-18 14:00 . 2011-02-08 13:33 974848 c:\windows\system32\mfc42u.dll
+ 2004-08-18 14:00 . 2011-02-08 13:33 978944 c:\windows\system32\mfc42.dll
+ 2004-08-18 14:00 . 2010-09-18 06:53 953856 c:\windows\system32\mfc40u.dll
+ 2004-08-18 14:00 . 2010-09-18 06:53 954368 c:\windows\system32\mfc40.dll
+ 2004-08-18 14:00 . 2010-12-20 17:25 729088 c:\windows\system32\lsasrv.dll
+ 2004-08-18 14:00 . 2009-05-07 15:33 346624 c:\windows\system32\localspl.dll
+ 2004-08-18 14:00 . 2010-12-22 12:34 301568 c:\windows\system32\kerberos.dll
- 2004-08-18 14:00 . 2008-05-09 10:56 512000 c:\windows\system32\jscript.dll
+ 2004-08-18 14:00 . 2011-03-04 06:43 512000 c:\windows\system32\jscript.dll
- 2007-08-13 16:34 . 2009-02-20 17:13 268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2011-04-25 15:45 268288 c:\windows\system32\iertutil.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 192512 c:\windows\system32\iepeers.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 384512 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 10:27 . 2011-04-25 15:45 380928 c:\windows\system32\ieapfltr.dll
- 2004-08-18 14:00 . 2009-02-20 05:14 161792 c:\windows\system32\ieakui.dll
+ 2004-08-18 14:00 . 2011-04-21 10:56 161792 c:\windows\system32\ieakui.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 230400 c:\windows\system32\ieaksie.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 153088 c:\windows\system32\ieakeng.dll
+ 2008-05-05 20:00 . 2011-07-25 23:32 118152 c:\windows\system32\FNTCACHE.DAT
- 2008-05-05 20:00 . 2011-07-25 17:04 118152 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-18 14:00 . 2011-04-25 15:45 133120 c:\windows\system32\extmgr.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 133120 c:\windows\system32\extmgr.dll
+ 2004-08-18 14:00 . 2011-02-09 13:53 186880 c:\windows\system32\encdec.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 186880 c:\windows\system32\encdec.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 214528 c:\windows\system32\dxtrans.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-18 14:00 . 2010-02-11 12:02 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-18 14:00 . 2011-02-17 13:18 357888 c:\windows\system32\drivers\srv.sys
+ 2004-08-18 14:00 . 2011-04-21 13:37 105472 c:\windows\system32\drivers\mup.sys
- 2004-08-18 14:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-18 14:00 . 2011-02-16 13:22 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-18 14:00 . 2011-03-03 06:54 149504 c:\windows\system32\dnsapi.dll
+ 2009-04-15 11:18 . 2010-07-16 11:58 219136 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-18 14:00 . 2009-04-01 21:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-18 14:00 . 2009-07-13 21:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
+ 2009-06-10 06:16 . 2009-06-10 06:16 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2009-12-24 07:04 . 2009-12-24 07:04 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2011-04-26 11:07 . 2011-04-26 11:07 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 832512 c:\windows\system32\dllcache\wininet.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-05-05 18:07 . 2011-04-30 08:50 766464 c:\windows\system32\dllcache\vgx.dll
+ 2008-05-09 10:56 . 2011-03-04 06:43 434176 c:\windows\system32\dllcache\vbscript.dll
+ 2010-04-16 15:38 . 2010-04-16 15:38 406016 c:\windows\system32\dllcache\usp10.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 105984 c:\windows\system32\dllcache\url.dll
+ 2008-06-20 11:08 . 2010-02-11 12:02 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-18 14:00 . 2009-08-26 08:02 247326 c:\windows\system32\dllcache\strmdll.dll
- 2004-08-18 14:00 . 2008-10-03 10:04 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-16 11:12 . 2011-02-17 13:18 357888 c:\windows\system32\dllcache\srv.sys
+ 2008-12-05 06:57 . 2011-04-29 17:25 151552 c:\windows\system32\dllcache\schannel.dll
+ 2009-07-27 23:19 . 2009-07-27 23:19 135168 c:\windows\system32\dllcache\shsvcs.dll
+ 2009-12-08 09:25 . 2009-12-08 09:25 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2011-01-21 14:44 . 2011-01-21 14:44 440320 c:\windows\system32\dllcache\shimgvw.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
+ 2009-10-12 13:40 . 2009-10-12 13:40 150016 c:\windows\system32\dllcache\rastls.dll
+ 2010-12-20 17:32 . 2010-12-20 17:32 551936 c:\windows\system32\dllcache\oleaut32.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 102912 c:\windows\system32\dllcache\occache.dll
+ 2009-10-13 10:34 . 2009-10-13 10:34 271360 c:\windows\system32\dllcache\oakley.dll
+ 2009-04-15 11:29 . 2010-12-09 15:15 713216 c:\windows\system32\dllcache\ntdll.dll
- 2008-06-20 17:49 . 2008-06-20 17:49 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:49 . 2008-06-20 16:04 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2008-10-14 16:57 . 2009-08-05 09:01 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2009-06-25 08:27 . 2009-09-11 14:19 136192 c:\windows\system32\dllcache\msv1_0.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 671232 c:\windows\system32\dllcache\mstime.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 193024 c:\windows\system32\dllcache\msrating.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 193024 c:\windows\system32\dllcache\msrating.dll
+ 2009-12-17 07:42 . 2009-12-17 07:42 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 478208 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-05-06 13:37 . 2011-04-25 15:45 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
+ 2008-11-13 13:09 . 2011-04-29 16:19 456320 c:\windows\system32\dllcache\mrxsmb.sys
+ 2010-03-30 10:24 . 2010-03-30 10:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2004-08-18 14:00 . 2011-02-08 13:33 974848 c:\windows\system32\dllcache\mfc42u.dll
+ 2011-02-08 13:33 . 2011-02-08 13:33 978944 c:\windows\system32\dllcache\mfc42.dll
+ 2004-08-18 14:00 . 2010-09-18 06:53 954368 c:\windows\system32\dllcache\mfc40.dll
+ 2009-04-15 11:29 . 2010-12-20 17:25 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2009-05-07 15:33 . 2009-05-07 15:33 346624 c:\windows\system32\dllcache\localspl.dll
+ 2011-01-27 11:57 . 2011-01-27 11:57 677888 c:\windows\system32\dllcache\lhmstsc.exe
+ 2009-06-25 08:27 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2008-05-09 10:56 . 2008-05-09 10:56 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-05-09 10:56 . 2011-03-04 06:43 512000 c:\windows\system32\dllcache\jscript.dll
+ 2008-08-13 08:58 . 2011-05-02 15:32 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-05-05 18:06 . 2011-04-21 10:58 634648 c:\windows\system32\dllcache\iexplore.exe
- 2008-05-06 13:37 . 2009-02-20 17:13 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-05-06 13:37 . 2011-04-25 15:45 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-05-06 13:37 . 2011-04-25 15:45 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2004-08-18 14:00 . 2009-02-20 05:14 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-18 14:00 . 2011-04-21 10:56 161792 c:\windows\system32\dllcache\ieakui.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-06-20 17:49 . 2011-03-03 06:54 149504 c:\windows\system32\dllcache\dnsapi.dll
+ 2011-02-15 12:56 . 2011-02-15 12:56 290432 c:\windows\system32\dllcache\atmfd.dll
+ 2008-06-20 11:40 . 2011-02-16 13:22 138496 c:\windows\system32\dllcache\afd.sys
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
- 2004-08-18 14:00 . 2009-02-20 17:13 124928 c:\windows\system32\dllcache\advpack.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 124928 c:\windows\system32\dllcache\advpack.dll
+ 2010-02-12 04:35 . 2010-02-12 04:35 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2011-07-25 23:01 . 2011-07-25 23:01 262144 c:\windows\system32\config\systemprofile\NtUser.dat
- 2004-08-18 14:00 . 2008-04-14 03:21 617472 c:\windows\system32\comctl32.dll
+ 2004-08-18 14:00 . 2010-08-23 16:12 617472 c:\windows\system32\comctl32.dll
+ 2004-08-18 14:00 . 2011-02-15 12:56 290432 c:\windows\system32\atmfd.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 124928 c:\windows\system32\advpack.dll
- 2004-08-18 14:00 . 2009-02-20 17:13 124928 c:\windows\system32\advpack.dll
+ 2004-08-18 14:00 . 2010-02-12 04:35 100864 c:\windows\system32\6to4svc.dll
- 2008-05-05 18:06 . 2008-04-14 03:22 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2008-05-05 18:06 . 2010-06-14 14:31 744448 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2008-07-25 10:17 . 2008-07-25 10:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-02-09 10:22 . 2010-02-09 10:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2010-09-23 19:02 . 2010-09-23 19:02 798208 c:\windows\Installer\3f56f.msp
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\3f568.msp
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\3f55d.msp
+ 2011-07-25 23:07 . 2011-07-25 23:07 429568 c:\windows\Installer\3f556.msi
+ 2011-07-25 23:29 . 2007-07-12 23:32 765952 c:\windows\ie7updates\KB2544521-IE7\vgx.dll
+ 2011-07-25 23:29 . 2010-07-05 13:13 391032 c:\windows\ie7updates\KB2544521-IE7\spuninst\updspapi.dll
+ 2011-07-25 23:29 . 2010-07-05 13:13 233848 c:\windows\ie7updates\KB2544521-IE7\spuninst\spuninst.exe
+ 2011-07-25 23:30 . 2009-03-03 00:14 826368 c:\windows\ie7updates\KB2530548-IE7\wininet.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 233472 c:\windows\ie7updates\KB2530548-IE7\webcheck.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 105984 c:\windows\ie7updates\KB2530548-IE7\url.dll
+ 2011-07-25 23:30 . 2010-07-05 13:13 391032 c:\windows\ie7updates\KB2530548-IE7\spuninst\updspapi.dll
+ 2011-07-25 23:30 . 2010-07-05 13:13 233848 c:\windows\ie7updates\KB2530548-IE7\spuninst\spuninst.exe
+ 2011-07-25 23:30 . 2009-02-20 17:13 102912 c:\windows\ie7updates\KB2530548-IE7\occache.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 671232 c:\windows\ie7updates\KB2530548-IE7\mstime.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 193024 c:\windows\ie7updates\KB2530548-IE7\msrating.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 477696 c:\windows\ie7updates\KB2530548-IE7\mshtmled.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 459264 c:\windows\ie7updates\KB2530548-IE7\msfeeds.dll
+ 2011-07-25 23:30 . 2009-02-28 04:54 636072 c:\windows\ie7updates\KB2530548-IE7\iexplore.exe
+ 2011-07-25 23:30 . 2009-02-20 17:13 268288 c:\windows\ie7updates\KB2530548-IE7\iertutil.dll
+ 2011-07-25 23:30 . 2007-08-13 16:54 191488 c:\windows\ie7updates\KB2530548-IE7\iepeers.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 385024 c:\windows\ie7updates\KB2530548-IE7\iedkcs32.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 383488 c:\windows\ie7updates\KB2530548-IE7\ieapfltr.dll
+ 2011-07-25 23:30 . 2009-02-20 05:14 161792 c:\windows\ie7updates\KB2530548-IE7\ieakui.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 230400 c:\windows\ie7updates\KB2530548-IE7\ieaksie.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 153088 c:\windows\ie7updates\KB2530548-IE7\ieakeng.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 133120 c:\windows\ie7updates\KB2530548-IE7\extmgr.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 214528 c:\windows\ie7updates\KB2530548-IE7\dxtrans.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 347136 c:\windows\ie7updates\KB2530548-IE7\dxtmsft.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 124928 c:\windows\ie7updates\KB2530548-IE7\advpack.dll
+ 2008-11-13 13:09 . 2011-04-29 16:19 456320 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2009-12-14 10:25 . 2009-12-14 10:25 303104 c:\windows\assembly\temp\2BJRZ8GOW4\System.Runtime.Remoting.dll
+ 2011-07-26 10:11 . 2011-07-26 10:11 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d0965d4e9baa17b7f6cc80e9506439c0\System.Web.Routing.ni.dll
+ 2011-07-26 10:08 . 2011-07-26 10:08 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\6a74fbf28403feb768f2b0a323a4ac04\System.Security.ni.dll
+ 2011-07-26 10:10 . 2011-07-26 10:10 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\5ec6f124bed991ca55e5b43d1a90f654\System.Management.Instrumentation.ni.dll
+ 2011-07-26 10:10 . 2011-07-26 10:10 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\abd07da71b9a0e02c9f207cf59e3fb2f\System.Data.Services.Design.ni.dll
+ 2011-07-26 10:09 . 2011-07-26 10:09 939520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\aab7aaa9b2cce53e3cd2534ae2f1b689\System.Data.Services.Client.ni.dll
+ 2011-07-26 10:09 . 2011-07-26 10:09 755200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4690f2f7d6d2a5cb2420702b6019ffbf\System.Data.Entity.Design.ni.dll
+ 2011-07-26 10:08 . 2011-07-26 10:08 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\336a6cf524e01270ef4b9e907287d00d\System.Data.DataSetExtensions.ni.dll
+ 2011-07-26 10:07 . 2011-07-26 10:07 970752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8ecc7122ea648279a4af7247279b2d2b\System.Configuration.ni.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2009-12-14 10:26 . 2009-12-14 10:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-12-14 10:26 . 2009-12-14 10:26 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2009-12-14 10:26 . 2009-12-14 10:26 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2004-08-18 14:00 . 2009-11-21 16:03 471552 c:\windows\AppPatch\aclayers.dll
+ 2011-07-25 22:23 . 2010-10-23 00:47 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll
+ 2011-07-25 22:51 . 2010-08-23 16:12 1054208 c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
+ 2009-07-20 22:03 . 2009-07-20 22:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll
+ 2004-08-18 14:00 . 2010-04-06 02:52 2462720 c:\windows\system32\WMVCore.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 1168896 c:\windows\system32\urlmon.dll
+ 2004-08-18 14:00 . 2011-01-21 14:44 8466432 c:\windows\system32\shell32.dll
- 2004-08-18 14:00 . 2008-04-14 03:21 1437696 c:\windows\system32\query.dll
+ 2004-08-18 14:00 . 2009-07-17 16:17 1437696 c:\windows\system32\query.dll
+ 2004-08-18 14:00 . 2010-02-05 18:27 1294336 c:\windows\system32\quartz.dll
+ 2004-08-18 14:00 . 2010-07-16 12:00 1287680 c:\windows\system32\ole32.dll
+ 2004-08-18 14:00 . 2010-12-09 15:14 2194944 c:\windows\system32\ntoskrnl.exe
+ 2004-08-17 15:45 . 2010-12-09 15:14 2071552 c:\windows\system32\ntkrnlpa.exe
+ 2008-04-14 03:21 . 2009-07-31 08:05 1372672 c:\windows\system32\msxml6.dll
+ 2009-07-20 22:05 . 2009-07-20 22:05 1348432 c:\windows\system32\msxml4.dll
+ 2004-08-18 14:00 . 2010-06-14 07:43 1172480 c:\windows\system32\msxml3.dll
+ 2008-05-05 18:04 . 2011-02-02 07:58 2067456 c:\windows\system32\mstscax.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 3608576 c:\windows\system32\mshtml.dll
+ 2007-08-13 16:54 . 2011-04-25 15:45 6076416 c:\windows\system32\ieframe.dll
+ 2007-02-12 14:10 . 2010-07-05 20:32 2452872 c:\windows\system32\ieapfltr.dat
+ 2004-08-18 14:00 . 2010-04-06 02:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
+ 2008-10-16 11:12 . 2011-06-06 11:35 1858944 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-18 14:00 . 2011-04-25 15:45 1168896 c:\windows\system32\dllcache\urlmon.dll
+ 2008-06-17 19:02 . 2011-01-21 14:44 8466432 c:\windows\system32\dllcache\shell32.dll
+ 2009-07-17 16:17 . 2009-07-17 16:17 1437696 c:\windows\system32\dllcache\query.dll
+ 2008-05-07 05:12 . 2010-02-05 18:27 1294336 c:\windows\system32\dllcache\quartz.dll
+ 2010-07-16 12:00 . 2010-07-16 12:00 1287680 c:\windows\system32\dllcache\ole32.dll
+ 2008-10-16 11:11 . 2010-12-09 15:14 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 03:21 . 2009-07-31 08:05 1372672 c:\windows\system32\dllcache\msxml6.dll
+ 2008-11-13 13:09 . 2010-06-14 07:43 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-05-05 18:04 . 2009-06-10 07:21 2066432 c:\windows\system32\dllcache\mstscax.dll
+ 2010-01-29 15:01 . 2010-01-29 15:01 1315328 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-18 14:00 . 2011-04-25 15:45 3608576 c:\windows\system32\dllcache\mshtml.dll
+ 2011-02-02 07:58 . 2011-02-02 07:58 2067456 c:\windows\system32\dllcache\lhmstscx.dll
+ 2008-05-06 13:37 . 2011-04-25 15:45 6076416 c:\windows\system32\dllcache\ieframe.dll
+ 2008-05-06 13:37 . 2010-07-05 20:32 2452872 c:\windows\system32\dllcache\ieapfltr.dat
+ 2011-07-25 23:30 . 2009-02-20 17:13 1160192 c:\windows\ie7updates\KB2530548-IE7\urlmon.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 3595264 c:\windows\ie7updates\KB2530548-IE7\mshtml.dll
+ 2011-07-25 23:30 . 2009-02-20 17:13 6066176 c:\windows\ie7updates\KB2530548-IE7\ieframe.dll
+ 2011-07-25 23:30 . 2008-07-09 14:25 2455488 c:\windows\ie7updates\KB2530548-IE7\ieapfltr.dat
+ 2008-10-16 11:11 . 2010-12-09 15:14 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-10-16 11:11 . 2010-12-09 15:14 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-07-25 23:12 . 2011-07-25 23:12 3311104 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\a359b7de2c93bf3e302b8fbe81185474\WindowsBase.ni.dll
+ 2011-07-26 10:10 . 2011-07-26 10:10 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\a52d4a11f7f6e4fe7c77ad1fc5e6e963\System.IdentityModel.ni.dll
+ 2011-07-26 10:10 . 2011-07-26 10:10 1800704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\f6c99ab69d318c8439598023a83767e3\System.Deployment.ni.dll
+ 2011-07-26 10:09 . 2011-07-26 10:09 1326080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\dbc30839b578eba6c6987cf85aec5f4f\System.Data.Services.ni.dll
+ 2011-07-25 23:19 . 2011-07-25 23:19 2510848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\046873c6da8b022506cf8d8103d4de96\System.Data.Linq.ni.dll
+ 2011-07-26 10:09 . 2011-07-26 10:09 9903104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\5675feea93c0fe533ff0ada333199f3c\System.Data.Entity.ni.dll
+ 2011-07-25 23:18 . 2011-07-25 23:18 2294784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\9d8a1e3add264f3cc1a968d79748b1ed\System.Core.ni.dll
+ 2011-07-25 23:17 . 2011-07-25 23:17 2125824 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\fee686ce428b5ce11e9dd18348e8830d\ReachFramework.ni.dll
+ 2011-07-25 23:17 . 2011-07-25 23:17 1656832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ea00e1303f5b3bc4cc8d8c7812241089\PresentationUI.ni.dll
+ 2011-07-26 10:08 . 2011-07-26 10:08 1620480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\8b9ad7b7128a8101b1158a2e1acbeb63\Microsoft.Build.Tasks.ni.dll
+ 2011-07-26 10:08 . 2011-07-26 10:08 1965568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\224bcc5357c017e02c01aa21ce3c544e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-12-14 10:26 . 2009-12-14 10:26 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2009-12-14 10:24 . 2009-12-14 10:24 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-12-14 10:25 . 2009-12-14 10:26 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2009-12-14 10:25 . 2009-12-14 10:25 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-07-25 23:10 . 2011-07-25 23:10 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2004-08-18 14:00 . 2010-08-25 21:36 10841088 c:\windows\system32\wmp.dll
+ 2008-05-05 19:16 . 2011-07-01 07:54 49089992 c:\windows\system32\MRT.exe
+ 2004-08-18 14:00 . 2010-08-25 21:36 10841088 c:\windows\system32\dllcache\wmp.dll
+ 2011-07-25 23:20 . 2011-07-25 23:20 12428800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\418f50cb29904548eabc0e4f6e788516\System.Windows.Forms.ni.dll
+ 2011-07-26 10:11 . 2011-07-26 10:11 17313792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\13151b519aa1c9d50a9ffb7597f0c2a5\System.ServiceModel.ni.dll
+ 2011-07-25 23:16 . 2011-07-25 23:16 14320128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\372a084465556a94e586908cebe7aee8\PresentationFramework.ni.dll
+ 2011-07-25 23:14 . 2011-07-25 23:14 12213248 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9b4747b29182ad8ffc638b9578ee5283\PresentationCore.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-03-20 09:17 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-03-20 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin1.dll" [2011-03-20 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-23 16049664]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-25 61440]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\SIERRA\\Half-Life\\hlds.exe"=
"c:\\SIERRA\\Half-Life\\valve\\cs-nonsteam\\hl.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\jonas66940\\zombie panic! source\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\jonas66940\\zombie panic! source dedicated server\\srcds.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\steamapps\\anguscz\\zombie panic! source\\hl2.exe"=
"c:\\SIERRA\\Half-Life\\hl.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4.2.2011 23:23 218688]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [21.11.2010 17:28 47616]
R3 gmoups2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [25.11.2009 16:49 17408]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [25.11.2009 16:49 14848]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [25.11.2009 16:49 9984]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.12.2009 13:43 133104]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [28.8.2006 23:54 10664]
S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys --> c:\windows\system32\DRIVERS\lgbtport.sys [?]
S3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys --> c:\windows\system32\DRIVERS\lgbtbus.sys [?]
S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys --> c:\windows\system32\DRIVERS\lgvmodem.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 19:12 41272]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-12 11:43]
.
.
------- Doplňkový sken -------
.
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 81.19.45.14 81.19.45.1
FF - ProfilePath - c:\documents and settings\Jonas\Data aplikací\Mozilla\Firefox\Profiles\48oqf0sn.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-avgrsstarter - avgrsstx.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 12:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1275210071-920026266-839522115-1004\Software\securom\!caution! never delete or change any key*]
"??"=hex:5c,2c,ed,9b,5b,6d,47,b7,b1,4d,8a,0b,c8,0c,a7,97,71,8c,00,11,f9,57,08,
b3,c5,06,6f,03,00,0d,bd,8f,f8,65,31,33,37,40,76,a1,fc,4e,a3,de,95,d2,bb,de,\
"??"=hex:ec,7f,62,96,57,2c,d6,08,cc,a5,1f,55,b4,c4,7c,48
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(560)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(272)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 12:18:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 10:18
ComboFix2.txt 2011-07-25 22:05
.
Před spuštěním: Volných bajtů: 19 464 732 672
Po spuštění: Volných bajtů: 19 417 669 632
.
- - End Of File - - 720A7C7A241DCC2BEF230FFC2C208BE2
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“