Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kryptik/injector aspol :D

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Kryptik/injector aspol :D

#1 Příspěvek od Jespi »

Zdravim prosim o kontrolu
ComboFix 10-02-18.05 - Jespi 18.02.2010 22:23:56.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2854 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\sfcfiles.dll
.
---- Předchozí spuštění -------
.
c:\documents and settings\Jespi\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\program files\Cheat Engine\dbk32.sys
c:\windows\mqcd.dbt
c:\windows\system32\23rh46g.4e
c:\windows\system32\3f5uk.sr
c:\windows\system32\467.zt
c:\windows\system32\bb52fkri.few
c:\windows\system32\crt.dat
c:\windows\system32\crt4.dll
c:\windows\system32\ctfmon .exe
c:\windows\system32\fe6hbfe1.an
c:\windows\system32\kboem32.dat

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS


((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 21:19 . 2010-02-18 21:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-02-18 21:17 . 2008-04-14 07:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-18 21:12 . 2010-02-18 21:13 -------- d-----w- c:\program files\ICQ6.5
2010-02-18 20:59 . 2010-02-18 20:59 -------- d-----w- c:\windows\LastGood.Tmp
2010-02-18 20:58 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-18 20:31 . 2010-02-18 21:20 3863834 ----a-r- C:\ComboFix.exe
2010-02-18 14:09 . 2010-02-18 14:09 -------- d-----w- c:\program files\ESET
2010-02-18 13:04 . 2010-02-18 13:04 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-----r- c:\documents and settings\NetworkService\Oblíbené položky
2010-02-18 09:20 . 2010-02-18 09:22 -------- d-----w- c:\program files\WinClamAVShield
2010-02-18 09:19 . 2010-02-18 09:19 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-18 09:19 . 2010-02-18 20:51 -------- d-----w- c:\program files\Spyware Terminator
2010-02-18 09:17 . 2010-02-18 14:23 -------- d-----w- C:\!KillBox
2010-02-18 08:44 . 2008-04-14 07:52 578560 -c--a-w- c:\windows\system32\dllcache\user32.dll
2010-02-15 16:55 . 2010-02-15 16:55 737280 ----a-w- c:\windows\iun6002.exe
2010-02-15 16:55 . 2010-02-15 16:55 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-02-15 15:57 . 2010-02-15 15:57 -------- d-----w- C:\Ventrilo
2010-02-14 12:20 . 2010-02-14 12:20 -------- d-sh--w- c:\windows\ftpcache
2010-02-10 14:54 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
2010-02-10 14:54 . 2010-02-10 14:54 -------- d-----w- c:\program files\PremiumSoft
2010-02-08 14:15 . 2010-02-08 14:15 -------- d-----w- c:\program files\OO Software
2010-02-08 14:10 . 2010-02-08 14:10 -------- d-----w- c:\program files\Recuva
2010-02-07 16:34 . 2010-02-07 16:34 -------- d-----w- C:\Logs
2010-02-07 15:27 . 2010-02-15 15:40 -------- d-----w- c:\program files\World of Warcraft
2010-02-07 10:58 . 2010-02-07 16:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-02-06 14:47 . 2010-02-06 14:47 -------- d-----w- c:\windows\system32\URTTEMP
2010-02-05 18:09 . 2010-02-05 19:02 -------- d-----w- c:\program files\Pivot Stickfigure Animator
2010-02-04 02:03 . 2010-02-04 02:03 -------- d-----w- C:\totalcmd
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-02-03 13:46 . 2010-02-03 13:46 -------- d-----w- c:\program files\QIP
2010-02-03 03:21 . 2010-02-03 03:21 -------- d-----w- c:\program files\LS
2010-02-02 15:06 . 2010-02-02 15:06 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\windows\system32\AGEIA
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-02 15:06 . 2010-02-15 15:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-02 15:02 . 2010-02-02 15:02 -------- d-----w- c:\program files\Deep Silver
2010-02-01 17:20 . 2010-02-01 17:20 -------- d-----w- c:\program files\EA Sports
2010-01-26 23:15 . 2010-01-26 23:15 -------- d--h--w- c:\windows\PIF
2010-01-26 10:26 . 2010-01-26 10:27 -------- d-----w- c:\program files\Crawler
2010-01-24 19:35 . 2010-01-24 19:35 -------- d-----w- c:\program files\Bethesda Softworks
2010-01-24 12:12 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-01-23 20:45 . 2010-01-23 20:47 -------- d-----w- c:\program files\MagicISO
2010-01-20 16:57 . 2010-01-20 16:57 -------- d-sh--w- c:\documents and settings\Jespi\PrivacIE
2010-01-20 16:13 . 2010-01-20 16:13 -------- d-----w- c:\windows\system32\LogFiles
2010-01-20 16:13 . 2010-01-20 16:13 -------- d-----w- c:\windows\system32\drivers\umdf
2010-01-20 16:12 . 2010-01-20 16:24 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-01-20 16:12 . 2010-01-20 16:12 -------- d-----w- c:\windows\system32\xlive
2010-01-20 15:58 . 2010-01-20 16:00 -------- d-----w- c:\program files\Rockstar Games
2010-01-20 14:38 . 2009-11-25 02:44 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2010-01-20 14:38 . 2009-11-25 02:26 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-01-20 14:38 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-01-20 14:38 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-01-20 14:38 . 2009-11-25 02:18 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2010-01-20 14:38 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-01-20 14:38 . 2010-02-01 00:29 -------- d-----w- c:\program files\ATI
2010-01-20 14:37 . 2010-01-20 14:37 -------- d-----w- C:\ATI

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 21:23 . 2006-03-02 12:00 83652 ----a-w- c:\windows\system32\perfc005.dat
2010-02-18 21:23 . 2006-03-02 12:00 440316 ----a-w- c:\windows\system32\perfh005.dat
2010-02-18 20:41 . 2010-01-16 16:33 -------- d-----w- c:\program files\Cheat Engine
2010-02-18 13:15 . 2010-01-13 14:16 -------- d-----w- c:\program files\The KMPlayer
2010-02-13 23:52 . 2010-01-10 15:32 -------- d-----w- c:\program files\SpeedFan
2010-02-02 15:02 . 2010-01-10 13:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-20 14:51 . 2010-01-10 16:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 14:45 . 2010-01-10 13:17 -------- d-----w- c:\program files\ATI Technologies
2010-01-18 19:20 . 2010-01-18 19:20 -------- d-----w- c:\program files\GoldWave
2010-01-18 14:10 . 2010-01-18 14:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-18 14:10 . 2010-01-18 14:10 -------- d-----w- c:\program files\Java
2010-01-17 12:31 . 2010-01-17 12:20 -------- d-----w- c:\program files\Lightsmark 2008
2010-01-17 11:36 . 2010-01-17 11:22 -------- d-----w- c:\program files\CPU Speed Pro
2010-01-17 11:16 . 2010-01-10 15:03 -------- d-----w- c:\program files\ASUS
2010-01-16 21:32 . 2010-01-16 21:28 3 ----a-w- c:\windows\sbacknt.bin
2010-01-16 21:28 . 2010-01-16 21:28 152904 ----a-w- c:\windows\system32\vghd.scr
2010-01-15 22:07 . 2010-01-14 17:53 -------- d-----w- c:\program files\Microsoft Works
2010-01-15 18:57 . 2010-01-15 18:57 -------- d-----w- c:\program files\CooL Wallpaper Changer
2010-01-14 20:46 . 2010-01-14 19:19 -------- d-----w- c:\program files\Magic Video Converter
2010-01-14 18:33 . 2010-01-14 18:33 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 17:53 . 2010-01-10 16:42 -------- d-----w- c:\program files\MSBuild
2010-01-14 17:52 . 2010-01-14 17:52 -------- d-----w- c:\program files\Microsoft.NET
2010-01-14 17:51 . 2010-01-14 17:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-14 17:48 . 2010-01-14 17:48 -------- d-----w- c:\program files\Ashampoo
2010-01-14 17:39 . 2010-01-14 17:39 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-12 18:35 . 2010-01-12 18:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-12 18:33 . 2010-01-12 18:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-12 17:46 . 2010-01-10 13:01 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-12 17:46 . 2010-01-10 13:01 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-12 17:16 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp
2010-01-12 17:15 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp Detect
2010-01-10 16:42 . 2010-01-10 16:42 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 16:39 . 2010-01-10 16:39 -------- d-----w- c:\program files\MSXML 6.0
2010-01-10 15:35 . 2010-01-10 13:02 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 15:13 . 2010-01-10 15:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-10 15:00 . 2010-01-10 15:00 -------- d-----w- c:\program files\Realtek
2010-01-10 15:00 . 2010-01-10 15:00 315392 ----a-w- c:\windows\HideWin.exe
2010-01-10 14:54 . 2010-01-10 14:54 -------- d-----w- c:\program files\Intel
2010-01-10 13:57 . 2010-01-10 13:57 0 ----a-w- c:\windows\nsreg.dat
2010-01-10 13:22 . 2010-01-10 13:22 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-10 13:19 . 2010-01-10 13:19 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-10 13:17 . 2010-01-10 13:16 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-10 13:14 . 2010-01-10 13:14 -------- d-----w- c:\program files\T-Mobile
2010-01-10 13:02 . 2010-01-10 13:02 -------- d-----w- c:\program files\microsoft frontpage
2010-01-10 13:00 . 2010-01-10 13:00 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-10 12:59 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2006-03-02 12:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2006-03-02 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-27 17:14 . 2006-03-02 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2006-03-02 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-25 03:50 . 2008-08-06 07:20 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:27 . 2010-01-10 13:17 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26 . 2008-08-06 07:20 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2008-08-06 07:20 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2008-08-06 07:20 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2008-08-06 07:20 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2008-08-06 07:20 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2010-01-10 13:17 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59 . 2008-08-06 07:20 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:43 . 2008-08-06 07:20 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42 . 2010-01-10 13:17 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2010-01-10 13:17 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-25 02:26 . 2008-08-06 07:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2008-08-06 07:20 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:19 . 2008-08-06 07:20 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2008-08-06 07:20 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2008-08-06 07:20 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2008-08-06 07:20 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

Kód: Vybrat vše

<pre>
c:\program files\Spyware Terminator\spywareterminatorshield .exe
</pre>
------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\atapi.sys
[-] 2006-03-02 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\asyncmac.sys
[-] 2006-03-02 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

[-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2006-03-02 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\kbdclass.sys
[-] 2006-03-02 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ndis.sys
[-] 2006-03-02 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntfs.sys
[-] 2006-03-02 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

[-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2006-03-02 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748_1$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tcpip.sys
[-] 2006-03-02 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys

[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\browser.dll
[-] 2006-03-02 . F219E27E88107A50544153898DD8178E . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lsass.exe
[-] 2006-03-02 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netman.dll
[-] 2006-03-02 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll

[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\qmgr.dll
[-] 2006-03-02 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 2B269C916766BDB43404F043B763427D . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . BEF7BB41E666EAA34BE7E99C2B107DB8 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\rpcss.dll
[-] 2006-03-02 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll

[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\ERDNT\cache\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 4F9F7B567970B524F31D9970A23F7C24 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-09 . 33081FED75032291EE0E008D5385E86F . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\services.exe
[-] 2006-03-02 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe

[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\spoolsv.exe
[-] 2006-03-02 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\winlogon.exe
[-] 2006-03-02 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-03-02 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\cryptsvc.dll
[-] 2006-03-02 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

[-] 2008-07-07 20:32 . 398314DF0B21338C4996B469101750D1 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974_1$\es.dll
[-] 2008-04-14 07:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\es.dll
[-] 2006-03-02 12:00 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\imm32.dll
[-] 2006-03-02 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

[-] 2009-03-21 . 9A4D2A6C4B7BD60851553C095CD71AF8 . 984576 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 8D18BA8E854890074B6FB92D7D0C02FA . 987648 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426_1$\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\kernel32.dll
[-] 2006-03-02 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll

[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\linkinfo.dll
[-] 2006-03-02 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\lpk.dll
[-] 2006-03-02 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

[-] 2009-12-21 . 8BE0CC683F604CA2DA29589DA96D6FD1 . 5942784 . . [8.00.6001.18876] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2009-12-21 . 8BE0CC683F604CA2DA29589DA96D6FD1 . 5942784 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . 8BE0CC683F604CA2DA29589DA96D6FD1 . 5942784 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . FCB06A625ED7A348C4CE48716995937A . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll
[-] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\2bf25c1ca989169e2bb8c182b7dc42d2\SP3GDR\mshtml.dll
[-] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\2bf25c1ca989169e2bb8c182b7dc42d2\SP3QFE\mshtml.dll
[-] 2009-10-29 . 047210A2613A8C847CFDD6191F8445F6 . 3084288 . . [6.00.2900.3640] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2009-10-29 . 620A3A8FEAF5A007236013A3AC109905 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
[-] 2009-10-29 . 2FFAE4FBC441238EA6491BF44B40E85D . 3091968 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mshtml.dll
[-] 2006-03-02 . 43E8D8091527AA91EB0B2A553447B3D8 . 3070464 . . [6.00.2900.2853] . . c:\windows\$NtUninstallKB976325$\mshtml.dll
[-] 2006-02-21 . CDD766C610E7DE86CCE91CD339C79BCF . 3073024 . . [6.00.2900.2853] . . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll

[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2006-03-02 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll

[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . A6E79B60AC73241E5721AB6A573D2B24 . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll
[-] 2008-06-20 . 37BABA5DBD9027837FDC27E5D6EF33E1 . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748_1$\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mswsock.dll
[-] 2006-03-02 . 64C078BD4EFD441C3F159EDC5EA4420A . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

[-] 2009-02-06 . 1F43B8C0F4C767FBED89711C30E704D9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . 1F43B8C0F4C767FBED89711C30E704D9 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\netlogon.dll
[-] 2006-03-02 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

[-] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 7D9B31E0903E2809DA5FC10A94813091 . 2182528 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntoskrnl.exe
[-] 2009-12-09 . B214F89473F73C0733D9C402F36E2125 . 2188160 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntoskrnl.exe
[-] 2009-12-09 . 3B0DC252A20C8A938ED21073EE736AEA . 2191360 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2009-12-09 . 3B0DC252A20C8A938ED21073EE736AEA . 2191360 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntoskrnl.exe
[-] 2009-12-09 . 3B0DC252A20C8A938ED21073EE736AEA . 2191360 . . [5.1.2600.5913] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2009-12-09 . 07A58A2A4460A4B7A58E0920F4CFA729 . 2147328 . . [5.1.2600.5913] . . c:\windows\ERDNT\cache\ntoskrnl.exe
[-] 2009-12-09 . 07A58A2A4460A4B7A58E0920F4CFA729 . 2147328 . . [5.1.2600.5913] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-08-04 . F61EB18DA0AA630E2F8A944ED6BD3BF9 . 2191360 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 3742270B8C90A97A0BDD25DED1201AA9 . 2147328 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 90DFE2B714EDEF95891C979720E23B4F . 2188160 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 92DC801F65557AA134F2B76CE81811B7 . 2138112 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-09 . 6499BF91CF62B4319D6ED7E99D0B6998 . 2147328 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486_1$\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2008-04-14 . 27C7A7AED8A477F6A0C7D3AD00AB9419 . 2147328 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntoskrnl.exe
[-] 2006-03-02 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntoskrnl.exe

[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\powrprof.dll
[-] 2006-03-02 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\scecli.dll
[-] 2006-03-02 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfc.dll
[-] 2006-03-02 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe
[-] 2006-03-02 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\tapisrv.dll
[-] 2006-03-02 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\user32.dll
[-] 2006-03-02 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll

[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\userinit.exe
[-] 2006-03-02 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#2 Příspěvek od Jespi »

[-] 2009-12-21 . 75A4A1378971D84FF6A7D766F4A7BC59 . 916480 . . [8.00.6001.18876] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2009-12-21 . 75A4A1378971D84FF6A7D766F4A7BC59 . 916480 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . 75A4A1378971D84FF6A7D766F4A7BC59 . 916480 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[-] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\SoftwareDistribution\Download\2bf25c1ca989169e2bb8c182b7dc42d2\SP3GDR\wininet.dll
[-] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\SoftwareDistribution\Download\2bf25c1ca989169e2bb8c182b7dc42d2\SP3QFE\wininet.dll
[-] 2009-10-29 . 4604205DC7290A9F26A0C16536964513 . 663040 . . [6.00.2900.3640] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2009-10-29 . 6A0AC16511C25008628F632963F24475 . 668160 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll
[-] 2009-10-29 . 7443D3D3D1025FEA4BF7BC35EA1F93BD . 669696 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
[-] 2009-10-29 . 719DD998B030FEA03C19E6B43113205B . 669696 . . [6.00.2900.3640] . . c:\windows\$hf_mig$\KB976325\SP2QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\wininet.dll
[-] 2006-03-02 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB976325$\wininet.dll

[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ws2_32.dll
[-] 2006-03-02 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe
[-] 2006-03-02 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe


[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ctfmon.exe
[-] 2006-03-02 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#3 Příspěvek od Jespi »

[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\shsvcs.dll
[-] 2006-03-02 . 8BA76BD2A943F642F267A296A15776D2 . 134656 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\regsvc.dll
[-] 2006-03-02 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\schedsvc.dll
[-] 2006-03-02 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ssdpsrv.dll
[-] 2006-03-02 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\termsrv.dll
[-] 2006-03-02 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

[-] 2006-03-02 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2006-03-02 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\aec.sys
[-] 2004-08-03 21:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ip6fw.sys
[-] 2006-03-02 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 07:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-04-14 03:21 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mfc40u.dll
[-] 2006-03-02 12:00 . A9D81C87BEF253D4CE3A5F8CEE2526C4 . 924432 . . [4.1.6140] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\msgsvc.dll
[-] 2006-03-02 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

[-] 2008-04-14 07:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2008-04-14 03:21 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\ERDNT\cache\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2006-03-02 12:00 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll

[-] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 76D45A9AFAD9FFE3070814DE95648EC7 . 2059904 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2GDR\ntkrnlpa.exe
[-] 2009-12-09 . D9FB61F23249B39EE9922A2CC3001DD0 . 2065280 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP2QFE\ntkrnlpa.exe
[-] 2009-12-09 . 166530C022AB3A0F9EADB20633AE034E . 2068224 . . [5.1.2600.5913] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2009-12-09 . 166530C022AB3A0F9EADB20633AE034E . 2068224 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\b01e2a98fa99f911cd6c6f8e632ad978\SP3GDR\ntkrnlpa.exe
[-] 2009-12-09 . 166530C022AB3A0F9EADB20633AE034E . 2068224 . . [5.1.2600.5913] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2009-12-09 . B2CEA3C57AA8230C7BCC0B2AF35EC55A . 2025984 . . [5.1.2600.5913] . . c:\windows\ERDNT\cache\ntkrnlpa.exe
[-] 2009-12-09 . B2CEA3C57AA8230C7BCC0B2AF35EC55A . 2025984 . . [5.1.2600.5913] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 182A95C233C9C254FEE7F047E6CA73D1 . 2068224 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . C50A3A3C9724135FFBD9CB31355F9341 . 2025984 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-08-04 . 90E58FFA70A7951899BBF5551A9D246A . 2065152 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 6E8CF0F62C5E0D3B05BA7E27C6D81810 . 2017792 . . [5.1.2600.3610] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . 6DD6966FA0FF770A3E5545875557C7F1 . 2025984 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486_1$\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . 9F12E026DC0B0C43F521114EFB3A3ACC . 2025984 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572_1$\ntkrnlpa.exe
[-] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntkrnlpa.exe
[-] 2006-03-02 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB971486_0$\ntkrnlpa.exe

[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ERDNT\cache\ntmssvc.dll
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 07:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\ntmssvc.dll
[-] 2006-03-02 12:00 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\upnphost.dll
[-] 2006-03-02 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll

c:\windows\System32\cngaudit.dll ... chybí !!
.
((((((((((((((((((((((((((((( SnapShot@2010-02-18_20.43.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-18 21:19 . 2010-02-18 21:19 16384 c:\windows\Temp\Perflib_Perfdata_324.dat
- 2010-01-20 16:13 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2010-01-20 16:13 . 2008-07-08 12:59 18296 c:\windows\system32\spmsg.dll
+ 2010-02-18 20:58 . 2008-04-14 06:55 40192 c:\windows\system32\ReinstallBackups\0022\DriverFiles\i386\intelppm.sys
+ 2010-02-18 20:58 . 2008-04-14 06:55 40192 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\intelppm.sys
+ 2006-03-02 12:00 . 2010-02-18 21:23 71846 c:\windows\system32\perfc009.dat
- 2006-03-02 12:00 . 2010-02-18 20:41 71846 c:\windows\system32\perfc009.dat
- 2010-01-10 13:04 . 2010-02-18 13:00 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-01-10 13:04 . 2010-02-18 21:19 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2010-02-18 21:19 . 2010-02-18 21:19 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012010021820100219\index.dat
+ 2010-01-10 13:04 . 2010-02-18 21:19 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2010-01-10 13:04 . 2010-02-18 13:00 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-02-18 21:19 . 2010-02-18 21:19 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat
- 2010-01-10 13:04 . 2010-02-18 13:00 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-01-10 13:04 . 2010-02-18 21:19 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-01-12 18:02 . 2008-04-14 07:51 57344 c:\windows\$NtUninstallKB974571_1$\msasn1.dll
+ 2010-01-12 18:01 . 2008-04-14 07:51 79872 c:\windows\$NtUninstallKB974318_1$\raschap.dll
+ 2010-01-12 17:59 . 2009-07-17 18:57 58880 c:\windows\$NtUninstallKB973507_1$\atl.dll
+ 2010-01-12 17:58 . 2008-04-14 07:51 84992 c:\windows\$NtUninstallKB971557_1$\avifil32.dll
+ 2010-01-12 17:57 . 2008-04-14 07:52 75776 c:\windows\$NtUninstallKB970430_1$\strmfilt.dll
+ 2010-01-12 17:57 . 2008-04-14 07:51 24576 c:\windows\$NtUninstallKB970430_1$\httpapi.dll
+ 2010-01-12 17:56 . 2008-04-14 07:52 49152 c:\windows\$NtUninstallKB968389_1$\wdigest.dll
+ 2010-01-12 17:56 . 2009-02-03 19:58 56832 c:\windows\$NtUninstallKB968389_1$\secur32.dll
+ 2010-01-12 17:56 . 2008-04-13 23:01 92288 c:\windows\$NtUninstallKB968389_1$\ksecdd.sys
+ 2010-01-12 17:55 . 2008-04-14 07:51 80896 c:\windows\$NtUninstallKB961371-v2_1$\fontsub.dll
+ 2010-01-12 17:54 . 2008-04-14 07:52 77824 c:\windows\$NtUninstallKB960859_1$\telnet.exe
+ 2010-01-12 17:53 . 2008-04-14 07:51 56320 c:\windows\$NtUninstallKB959426_1$\secur32.dll
+ 2010-01-12 17:50 . 2009-02-06 16:54 35328 c:\windows\$NtUninstallKB956572_1$\sc.exe
+ 2010-01-12 17:49 . 2008-04-14 07:51 73728 c:\windows\$NtUninstallKB952954_1$\mscms.dll
+ 2010-01-12 17:49 . 2008-04-14 07:51 91648 c:\windows\$NtUninstallKB952004_1$\mtxoci.dll
+ 2010-01-12 17:49 . 2008-04-14 07:51 66560 c:\windows\$NtUninstallKB952004_1$\mtxclu.dll
+ 2010-01-12 17:49 . 2008-04-14 07:51 58880 c:\windows\$NtUninstallKB952004_1$\msdtclog.dll
+ 2010-01-12 17:47 . 2008-04-14 07:51 82944 c:\windows\$NtUninstallKB946648_1$\msgsc.dll
- 2010-01-12 17:47 . 2008-04-14 07:51 82944 c:\windows\$NtUninstallKB946648$\msgsc.dll
+ 2010-01-12 17:45 . 2008-04-14 07:52 121856 c:\windows\system32\xmllite.dll
- 2010-01-12 17:45 . 2009-01-07 17:21 121856 c:\windows\system32\xmllite.dll
+ 2010-02-18 20:58 . 2008-04-13 21:06 144384 c:\windows\system32\ReinstallBackups\0019\DriverFiles\hdaudbus.sys
+ 2010-02-18 20:58 . 2008-04-13 21:06 144384 c:\windows\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys
+ 2006-03-02 12:00 . 2010-02-18 21:23 443588 c:\windows\system32\perfh009.dat
- 2006-03-02 12:00 . 2010-02-18 20:41 443588 c:\windows\system32\perfh009.dat
+ 2010-01-10 15:59 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB975467_0$\spuninst\updspapi.dll
+ 2010-01-10 15:59 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB975467_0$\spuninst\spuninst.exe
+ 2010-01-10 15:59 . 2009-06-25 08:48 133632 c:\windows\$NtUninstallKB975467_0$\msv1_0.dll
- 2010-01-10 15:59 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB975467$\spuninst\updspapi.dll
- 2010-01-10 15:59 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB975467$\spuninst\spuninst.exe
+ 2010-01-10 16:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB975025_0$\spuninst\updspapi.dll
+ 2010-01-10 16:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB975025_0$\spuninst\spuninst.exe
- 2010-01-10 16:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB975025$\spuninst\updspapi.dll
- 2010-01-10 16:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB975025$\spuninst\spuninst.exe
+ 2010-01-12 18:02 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974571_1$\spuninst\updspapi.dll
+ 2010-01-12 18:02 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974571_1$\spuninst\spuninst.exe
- 2010-01-12 18:02 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974571$\spuninst\updspapi.dll
- 2010-01-12 18:02 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974571$\spuninst\spuninst.exe
+ 2010-01-12 18:02 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974392_1$\spuninst\updspapi.dll
+ 2010-01-12 18:02 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974392_1$\spuninst\spuninst.exe
+ 2010-01-12 18:02 . 2008-04-14 07:51 271360 c:\windows\$NtUninstallKB974392_1$\oakley.dll
- 2010-01-12 18:02 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974392$\spuninst\updspapi.dll
- 2010-01-12 18:02 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974392$\spuninst\spuninst.exe
+ 2010-01-12 18:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974318_1$\spuninst\updspapi.dll
+ 2010-01-12 18:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974318_1$\spuninst\spuninst.exe
+ 2010-01-12 18:01 . 2008-04-14 07:51 150528 c:\windows\$NtUninstallKB974318_1$\rastls.dll
- 2010-01-12 18:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974318$\spuninst\updspapi.dll
- 2010-01-12 18:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974318$\spuninst\spuninst.exe
+ 2010-01-12 18:01 . 2009-08-26 08:16 247326 c:\windows\$NtUninstallKB974112_1$\strmdll.dll
+ 2010-01-12 18:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974112_1$\spuninst\updspapi.dll
+ 2010-01-12 18:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974112_1$\spuninst\spuninst.exe
- 2010-01-12 18:01 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB974112$\spuninst\updspapi.dll
- 2010-01-12 18:01 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB974112$\spuninst\spuninst.exe
+ 2010-01-12 18:00 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB973869_1$\spuninst\updspapi.dll
+ 2010-01-12 18:00 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB973869_1$\spuninst\spuninst.exe
- 2010-01-12 18:00 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB973869$\spuninst\updspapi.dll
- 2010-01-12 18:00 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB973869$\spuninst\spuninst.exe
+ 2010-01-12 18:00 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973815_1$\spuninst\updspapi.dll
+ 2010-01-12 18:00 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973815_1$\spuninst\spuninst.exe
+ 2010-01-12 18:00 . 2008-04-14 07:51 204288 c:\windows\$NtUninstallKB973815_1$\mswebdvd.dll
- 2010-01-12 18:00 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973815$\spuninst\updspapi.dll
- 2010-01-12 18:00 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973815$\spuninst\spuninst.exe
+ 2010-01-12 18:00 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973687_2$\spuninst\updspapi.dll
+ 2010-01-12 18:00 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB973687_2$\spuninst\spuninst.exe
- 2010-01-12 18:00 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973687$\spuninst\updspapi.dll
- 2010-01-12 18:00 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB973687$\spuninst\spuninst.exe
+ 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973507_1$\spuninst\updspapi.dll
+ 2010-01-12 17:59 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973507_1$\spuninst\spuninst.exe
- 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973507$\spuninst\updspapi.dll
- 2010-01-12 17:59 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973507$\spuninst\spuninst.exe
+ 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973354_1$\spuninst\updspapi.dll
+ 2010-01-12 17:59 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973354_1$\spuninst\spuninst.exe
- 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB973354$\spuninst\updspapi.dll
- 2010-01-12 17:59 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB973354$\spuninst\spuninst.exe
+ 2010-01-12 17:59 . 2008-12-16 12:32 354304 c:\windows\$NtUninstallKB971737_1$\winhttp.dll
+ 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971737_1$\spuninst\updspapi.dll
+ 2010-01-12 17:59 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971737_1$\spuninst\spuninst.exe
- 2010-01-12 17:59 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971737$\spuninst\updspapi.dll
- 2010-01-12 17:59 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971737$\spuninst\spuninst.exe
+ 2010-01-12 17:58 . 2008-04-14 07:52 132096 c:\windows\$NtUninstallKB971657_1$\wkssvc.dll
+ 2010-01-12 17:58 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971657_1$\spuninst\updspapi.dll
+ 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971657_1$\spuninst\spuninst.exe
- 2010-01-12 17:58 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971657$\spuninst\updspapi.dll
- 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971657$\spuninst\spuninst.exe
+ 2010-01-12 17:58 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB971633_1$\spuninst\updspapi.dll
+ 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971633_1$\spuninst\spuninst.exe
- 2010-01-12 17:58 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB971633$\spuninst\updspapi.dll
- 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971633$\spuninst\spuninst.exe
+ 2010-01-12 17:58 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB971557_1$\spuninst\updspapi.dll
+ 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971557_1$\spuninst\spuninst.exe
- 2010-01-12 17:58 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB971557$\spuninst\updspapi.dll
- 2010-01-12 17:58 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB971557$\spuninst\spuninst.exe
+ 2010-01-12 17:57 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971486_1$\spuninst\updspapi.dll
+ 2010-01-12 17:57 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB971486_1$\spuninst\spuninst.exe
- 2010-01-12 17:57 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB971486$\spuninst\updspapi.dll
- 2010-01-12 17:57 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB971486$\spuninst\spuninst.exe
+ 2010-01-12 17:57 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB970430_1$\spuninst\updspapi.dll
+ 2010-01-12 17:57 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB970430_1$\spuninst\spuninst.exe
+ 2010-01-12 17:57 . 2008-04-13 23:23 264832 c:\windows\$NtUninstallKB970430_1$\http.sys
- 2010-01-12 17:57 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB970430$\spuninst\updspapi.dll
- 2010-01-12 17:57 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB970430$\spuninst\spuninst.exe
+ 2010-01-12 17:57 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB970238_1$\spuninst\updspapi.dll
+ 2010-01-12 17:57 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB970238_1$\spuninst\spuninst.exe
+ 2010-01-12 17:57 . 2008-04-14 07:51 584704 c:\windows\$NtUninstallKB970238_1$\rpcrt4.dll
- 2010-01-12 17:57 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB970238$\spuninst\updspapi.dll
- 2010-01-12 17:57 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB970238$\spuninst\spuninst.exe
+ 2010-01-12 17:56 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB969947_1$\spuninst\updspapi.dll
+ 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB969947_1$\spuninst\spuninst.exe
- 2010-01-12 17:56 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB969947$\spuninst\updspapi.dll
- 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB969947$\spuninst\spuninst.exe
+ 2010-01-12 17:56 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB969059_1$\spuninst\updspapi.dll
+ 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB969059_1$\spuninst\spuninst.exe
- 2010-01-12 17:56 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB969059$\spuninst\updspapi.dll
- 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB969059$\spuninst\spuninst.exe
+ 2010-01-12 17:56 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB968389_1$\spuninst\updspapi.dll
+ 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB968389_1$\spuninst\spuninst.exe
+ 2010-01-12 17:56 . 2008-12-05 06:57 144896 c:\windows\$NtUninstallKB968389_1$\schannel.dll
+ 2010-01-12 17:56 . 2008-04-14 07:51 132608 c:\windows\$NtUninstallKB968389_1$\msv1_0.dll
+ 2010-01-12 17:56 . 2009-02-09 10:56 728064 c:\windows\$NtUninstallKB968389_1$\lsasrv.dll
+ 2010-01-12 17:56 . 2008-04-14 07:51 299520 c:\windows\$NtUninstallKB968389_1$\kerberos.dll
- 2010-01-12 17:56 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB968389$\spuninst\updspapi.dll
- 2010-01-12 17:56 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB968389$\spuninst\spuninst.exe
+ 2010-01-12 17:55 . 2008-07-09 12:06 391032 c:\windows\$NtUninstallKB967715_1$\spuninst\updspapi.dll
+ 2010-01-12 17:55 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB967715_1$\spuninst\spuninst.exe
- 2010-01-12 17:55 . 2008-07-09 12:06 391032 c:\windows\$NtUninstallKB967715$\spuninst\updspapi.dll
- 2010-01-12 17:55 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB967715$\spuninst\spuninst.exe
+ 2010-01-12 17:55 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB961501_1$\spuninst\updspapi.dll
+ 2010-01-12 17:55 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB961501_1$\spuninst\spuninst.exe
+ 2010-01-12 17:55 . 2008-04-14 07:51 344064 c:\windows\$NtUninstallKB961501_1$\localspl.dll
- 2010-01-12 17:55 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB961501$\spuninst\updspapi.dll
- 2010-01-12 17:55 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB961501$\spuninst\spuninst.exe
+ 2010-01-12 17:55 . 2008-04-14 07:52 117760 c:\windows\$NtUninstallKB961371-v2_1$\t2embed.dll
+ 2010-01-12 17:55 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB961371-v2_1$\spuninst\updspapi.dll
+ 2010-01-12 17:55 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB961371-v2_1$\spuninst\spuninst.exe
- 2010-01-12 17:55 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB961371-v2$\spuninst\updspapi.dll
- 2010-01-12 17:55 . 2009-05-26 11:40 233848 c:\windows\$NtUninstallKB961371-v2$\spuninst\spuninst.exe
+ 2010-01-12 17:54 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB961118_1$\spuninst\updspapi.dll
+ 2010-01-12 17:54 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB961118_1$\spuninst\spuninst.exe
- 2010-01-12 17:54 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB961118$\spuninst\updspapi.dll
- 2010-01-12 17:54 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe
+ 2010-01-12 17:54 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB960859_1$\spuninst\updspapi.dll
+ 2010-01-12 17:54 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB960859_1$\spuninst\spuninst.exe
- 2010-01-12 17:54 . 2009-05-26 11:40 391032 c:\windows\$NtUninstallKB960859$\spuninst\updspapi.dll
- 2010-01-12 17:54 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB960859$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2008-04-14 07:52 354304 c:\windows\$NtUninstallKB960803_1$\winhttp.dll
+ 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB960803_1$\spuninst\updspapi.dll
+ 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB960803_1$\spuninst\spuninst.exe
- 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB960803$\spuninst\updspapi.dll
- 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB960803$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB960225_1$\spuninst\updspapi.dll
+ 2010-01-12 17:53 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB960225_1$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2008-04-14 07:51 144384 c:\windows\$NtUninstallKB960225_1$\schannel.dll
- 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB960225$\spuninst\updspapi.dll
- 2010-01-12 17:53 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB960225$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB959426_1$\spuninst\updspapi.dll
+ 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB959426_1$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2008-04-14 07:51 988160 c:\windows\$NtUninstallKB959426_1$\kernel32.dll
- 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB959426$\spuninst\updspapi.dll
- 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB959426$\spuninst\spuninst.exe
+ 2010-01-12 17:53 . 2008-04-13 23:45 334848 c:\windows\$NtUninstallKB958687_1$\srv.sys
+ 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB958687_1$\spuninst\updspapi.dll
+ 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB958687_1$\spuninst\spuninst.exe
- 2010-01-12 17:53 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB958687$\spuninst\updspapi.dll
- 2010-01-12 17:53 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB958687$\spuninst\spuninst.exe
+ 2010-01-12 17:52 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB958644_1$\spuninst\updspapi.dll
+ 2010-01-12 17:52 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB958644_1$\spuninst\spuninst.exe
+ 2010-01-12 17:52 . 2008-04-14 07:51 337408 c:\windows\$NtUninstallKB958644_1$\netapi32.dll
- 2010-01-12 17:52 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB958644$\spuninst\updspapi.dll
- 2010-01-12 17:52 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB958644$\spuninst\spuninst.exe
+ 2010-01-12 17:52 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB957097_1$\spuninst\updspapi.dll
+ 2010-01-12 17:52 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB957097_1$\spuninst\spuninst.exe
+ 2010-01-12 17:52 . 2008-04-13 23:47 456576 c:\windows\$NtUninstallKB957097_1$\mrxsmb.sys
- 2010-01-12 17:52 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB957097$\spuninst\updspapi.dll
- 2010-01-12 17:52 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB957097$\spuninst\spuninst.exe
+ 2010-01-12 17:51 . 2009-06-21 22:07 153088 c:\windows\$NtUninstallKB956844_1$\triedit.dll
+ 2010-01-12 17:51 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB956844_1$\spuninst\updspapi.dll
+ 2010-01-12 17:51 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB956844_1$\spuninst\spuninst.exe
- 2010-01-12 17:51 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB956844$\spuninst\updspapi.dll
- 2010-01-12 17:51 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB956844$\spuninst\spuninst.exe
+ 2010-01-12 17:51 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB956803_1$\spuninst\updspapi.dll
+ 2010-01-12 17:51 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB956803_1$\spuninst\spuninst.exe
+ 2010-01-12 17:51 . 2008-06-20 11:40 138496 c:\windows\$NtUninstallKB956803_1$\afd.sys
- 2010-01-12 17:51 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB956803$\spuninst\updspapi.dll
- 2010-01-12 17:51 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB956803$\spuninst\spuninst.exe
+ 2010-01-12 17:51 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB956802_1$\spuninst\updspapi.dll
+ 2010-01-12 17:51 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB956802_1$\spuninst\spuninst.exe
+ 2010-01-12 17:51 . 2008-04-14 07:51 285184 c:\windows\$NtUninstallKB956802_1$\gdi32.dll
- 2010-01-12 17:51 . 2008-07-08 12:59 391032 c:\windows\$NtUninstallKB956802$\spuninst\updspapi.dll
- 2010-01-12 17:51 . 2008-07-08 12:59 233848 c:\windows\$NtUninstallKB956802$\spuninst\spuninst.exe
+ 2010-01-12 17:50 . 2008-04-14 07:52 218112 c:\windows\$NtUninstallKB956572_1$\wmiprvse.exe
+ 2010-01-12 17:50 . 2008-04-14 07:52 437248 c:\windows\$NtUninstallKB956572_1$\wmiprvsd.dll
+ 2010-01-12 17:50 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB956572_1$\spuninst\updspapi.dll
+ 2010-01-12 17:50 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB956572_1$\spuninst\spuninst.exe
+ 2010-01-12 17:50 . 2008-04-14 07:52 108544 c:\windows\$NtUninstallKB956572_1$\services.exe
+ 2010-01-12 17:50 . 2008-04-14 07:51 399360 c:\windows\$NtUninstallKB956572_1$\rpcss.dll
+ 2010-01-12 17:50 . 2008-04-14 07:51 284160 c:\windows\$NtUninstallKB956572_1$\pdh.dll
+ 2010-01-12 17:50 . 2008-04-14 07:51 700928 c:\windows\$NtUninstallKB956572_1$\ntdll.dll
+ 2010-01-12 17:50 . 2008-04-14 07:51 727040 c:\windows\$NtUninstallKB956572_1$\lsasrv.dll
+ 2010-01-12 17:50 . 2008-04-14 07:51 472064 c:\windows\$NtUninstallKB956572_1$\fastprox.dll
+ 2010-01-12 17:50 . 2008-04-14 07:51 684032 c:\windows\$NtUninstallKB956572_1$\advapi32.dll
- 2010-01-12 17:50 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB956572$\spuninst\updspapi.dll
- 2010-01-12 17:50 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB956572$\spuninst\spuninst.exe
+ 2010-01-12 17:50 . 2008-07-09 12:06 391032 c:\windows\$NtUninstallKB955069_1$\spuninst\updspapi.dll
+ 2010-01-12 17:50 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB955069_1$\spuninst\spuninst.exe
- 2010-01-12 17:50 . 2008-07-09 12:06 391032 c:\windows\$NtUninstallKB955069$\spuninst\updspapi.dll
- 2010-01-12 17:50 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB955069$\spuninst\spuninst.exe
+ 2010-01-12 17:49 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB952954_1$\spuninst\updspapi.dll
+ 2010-01-12 17:49 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB952954_1$\spuninst\spuninst.exe
- 2010-01-12 17:49 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB952954$\spuninst\updspapi.dll
- 2010-01-12 17:49 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB952954$\spuninst\spuninst.exe
+ 2010-01-12 17:49 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB952287_1$\spuninst\updspapi.dll
+ 2010-01-12 17:49 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB952287_1$\spuninst\spuninst.exe
+ 2010-01-12 17:49 . 2008-05-01 14:33 331776 c:\windows\$NtUninstallKB952287_1$\msadce.dll
- 2010-01-12 17:49 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB952287$\spuninst\updspapi.dll
- 2010-01-12 17:49 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB952287$\spuninst\spuninst.exe
+ 2010-01-12 17:49 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB952004_1$\spuninst\updspapi.dll
+ 2010-01-12 17:49 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB952004_1$\spuninst\spuninst.exe
+ 2010-01-12 17:49 . 2008-04-14 07:51 161792 c:\windows\$NtUninstallKB952004_1$\msdtcuiu.dll
+ 2010-01-12 17:49 . 2008-04-14 07:51 956928 c:\windows\$NtUninstallKB952004_1$\msdtctm.dll
+ 2010-01-12 17:49 . 2008-04-14 07:51 427008 c:\windows\$NtUninstallKB952004_1$\msdtcprx.dll
- 2010-01-12 17:49 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB952004$\spuninst\updspapi.dll
- 2010-01-12 17:49 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB952004$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2008-04-13 23:30 225664 c:\windows\$NtUninstallKB951748_1$\tcpip6.sys
+ 2010-01-12 17:48 . 2008-04-13 23:50 361344 c:\windows\$NtUninstallKB951748_1$\tcpip.sys
+ 2010-01-12 17:48 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB951748_1$\spuninst\updspapi.dll
+ 2010-01-12 17:48 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB951748_1$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2008-04-14 07:51 247296 c:\windows\$NtUninstallKB951748_1$\mswsock.dll
+ 2010-01-12 17:48 . 2008-04-14 07:51 147968 c:\windows\$NtUninstallKB951748_1$\dnsapi.dll
+ 2010-01-12 17:48 . 2008-04-13 23:49 138112 c:\windows\$NtUninstallKB951748_1$\afd.sys
- 2010-01-12 17:48 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB951748$\spuninst\updspapi.dll
- 2010-01-12 17:48 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB951748$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB951376-v2_1$\spuninst\updspapi.dll
+ 2010-01-12 17:48 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB951376-v2_1$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2008-04-14 06:45 272896 c:\windows\$NtUninstallKB951376-v2_1$\bthport.sys
- 2010-01-12 17:48 . 2007-11-30 11:18 391032 c:\windows\$NtUninstallKB951376-v2$\spuninst\updspapi.dll
- 2010-01-12 17:48 . 2007-11-30 11:18 233848 c:\windows\$NtUninstallKB951376-v2$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB951066_1$\spuninst\updspapi.dll
+ 2010-01-12 17:48 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB951066_1$\spuninst\spuninst.exe
+ 2010-01-12 17:48 . 2008-04-14 07:51 691712 c:\windows\$NtUninstallKB951066_1$\inetcomm.dll
- 2010-01-12 17:48 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB951066$\spuninst\updspapi.dll
- 2010-01-12 17:48 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB951066$\spuninst\spuninst.exe
+ 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB950974_1$\spuninst\updspapi.dll
+ 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB950974_1$\spuninst\spuninst.exe
+ 2010-01-12 17:47 . 2008-04-14 07:51 246272 c:\windows\$NtUninstallKB950974_1$\es.dll
- 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB950974$\spuninst\updspapi.dll
- 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB950974$\spuninst\spuninst.exe
+ 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB950762_1$\spuninst\updspapi.dll
+ 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB950762_1$\spuninst\spuninst.exe
+ 2010-01-12 17:47 . 2008-04-13 23:25 202624 c:\windows\$NtUninstallKB950762_1$\rmcast.sys
- 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB950762$\spuninst\updspapi.dll
- 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB950762$\spuninst\spuninst.exe
+ 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB946648_1$\spuninst\updspapi.dll
+ 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB946648_1$\spuninst\spuninst.exe
- 2010-01-12 17:47 . 2007-11-30 12:39 391032 c:\windows\$NtUninstallKB946648$\spuninst\updspapi.dll
- 2010-01-12 17:47 . 2007-11-30 12:39 233848 c:\windows\$NtUninstallKB946648$\spuninst\spuninst.exe
+ 2010-01-12 17:46 . 2008-04-14 07:52 215552 c:\windows\$NtUninstallKB923561_1$\wordpad.exe
+ 2010-01-12 17:46 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB923561_1$\spuninst\updspapi.dll
+ 2010-01-12 17:46 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB923561_1$\spuninst\spuninst.exe
- 2010-01-12 17:46 . 2008-07-09 07:36 391032 c:\windows\$NtUninstallKB923561$\spuninst\updspapi.dll
- 2010-01-12 17:46 . 2008-07-09 07:36 233848 c:\windows\$NtUninstallKB923561$\spuninst\spuninst.exe
+ 2008-04-14 07:37 . 2008-04-14 07:37 1054208 c:\windows\WinSxS\InstallTemp\2854294\comctl32.dll
+ 2010-01-12 18:00 . 2009-07-31 04:35 1172480 c:\windows\$NtUninstallKB973687_2$\msxml3.dll
+ 2010-01-12 17:59 . 2008-04-14 07:51 1314816 c:\windows\$NtUninstallKB973354_1$\msoe.dll
+ 2010-01-12 17:58 . 2008-04-14 07:51 1290752 c:\windows\$NtUninstallKB971633_1$\quartz.dll
+ 2010-01-12 17:57 . 2009-02-09 11:26 2147328 c:\windows\$NtUninstallKB971486_1$\ntoskrnl.exe
+ 2010-01-12 17:57 . 2009-02-09 11:26 2025984 c:\windows\$NtUninstallKB971486_1$\ntkrpamp.exe
+ 2010-01-12 17:57 . 2009-02-09 11:26 2025984 c:\windows\$NtUninstallKB971486_1$\ntkrnlpa.exe
+ 2010-01-12 17:57 . 2009-02-09 11:26 2147328 c:\windows\$NtUninstallKB971486_1$\ntkrnlmp.exe
+ 2010-01-12 17:56 . 2008-04-14 06:45 1845632 c:\windows\$NtUninstallKB969947_1$\win32k.sys
+ 2010-01-12 17:56 . 2008-04-14 07:51 1437696 c:\windows\$NtUninstallKB969059_1$\query.dll
+ 2010-01-12 17:55 . 2008-04-14 07:51 8465408 c:\windows\$NtUninstallKB967715_1$\shell32.dll
+ 2010-01-12 17:50 . 2008-04-14 07:06 2147328 c:\windows\$NtUninstallKB956572_1$\ntoskrnl.exe
+ 2010-01-12 17:50 . 2008-04-14 07:06 2025984 c:\windows\$NtUninstallKB956572_1$\ntkrnlpa.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\program files\Internet Explorer\qipsearchbar.dll" [2009-07-09 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-09 11:08 150768 ----a-w- c:\program files\Internet Explorer\qipsearchbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-18 3037696]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-18 2166784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]
"Adobe_Reader"="c:\program files\internet explorer\wmpscfgs.exe" [N/A]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]
@="Service"

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [18.2.2010 10:19 142592]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [21.7.2009 16:48 66288]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2010 19:33 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter
DcomLaunch REG_MULTI_SZ DcomLaunch TermService
eapsvcs REG_MULTI_SZ eaphost
dot3svc REG_MULTI_SZ dot3svc
WudfServiceGroup REG_MULTI_SZ WUDFSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
CryptSvc
DMServer
DHCP
ERSvc
EventSystem
HidServ
LanmanWorkstation
Messenger
Netman
TrkWks
W32Time
WZCSVC
wscsvc
xmlprov
WmdmPmSN
napagent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
Alerter
LmHosts

.
.
------- Doplňkový sken -------
.
uStart Page = res://c:\windows\system32\ieframe.dll/dnserror.htm#hxxp://seznam.cz
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Jespi\Data aplikací\Mozilla\Firefox\Profiles\gb9gcsvk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 22:27
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1960408961-261478967-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:5d,c6,fd,50,eb,45,87,11,25,92,40,01,21,a8,fc,a8,d8,b5,e3,9e,83,
b4,eb,c3,83,c3,23,76,61,cf,d9,07,0c,5d,6f,6d,e4,12,e8,fe,5f,30,9a,82,69,0c,\
"rkeysecu"=hex:c6,1d,d9,cf,19,a6,ee,bc,10,c9,b5,1c,13,97,06,36

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10a.exe"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{8D8763AB-E93B-4812-964E-F04E0008FD50}\Version]
@Denied: (A) (Everyone)
@="{8D8763AB-E93B-4812-964E-F04E0008FD50}"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\Flash10a.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\Flash10a.ocx, 1"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""

[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"

[HKEY_LOCAL_MACHINE\softwareSoftware\Microsoft\Windows NT\CurrentVersion\Windows]
@Denied: (Full) (Everyone)
@Denied: (Full) (Everyone)
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(744)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-18 22:28:33
ComboFix-quarantined-files.txt 2010-02-18 21:28

Před spuštěním: Volných bajtů: 48 805 281 792
Po spuštění: Volných bajtů: 48 777 154 560

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 3CDA24920206C87A0E6904E32F94AFB0
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Kryptik/injector aspol :D

#4 Příspěvek od Unlimited_Killer »

Dobrý večer, na logu se pracuje. :welcome:
inactive
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Kryptik/injector aspol :D

#5 Příspěvek od Unlimited_Killer »

Jdeme na to. :D

1) Skript do ComboFix-u
  • Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
  • Do něj vkopírujte následující text:

    Kód: Vybrat vše

    KillAll::

RenV::
c:\program files\Spyware Terminator\spywareterminatorshield .exe

Restore::
c:\windows\system32\drivers\atapi.sys
c:\windows\system32\drivers\asyncmac.sys
c:\windows\system32\drivers\beep.sys
c:\windows\system32\drivers\kbdclass.sys
c:\windows\system32\drivers\ndis.sys
c:\windows\system32\drivers\ntfs.sys
c:\windows\system32\drivers\null.sys
c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\browser.dll
c:\windows\system32\lsass.exe
c:\windows\system32\netman.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\services.exe
c:\windows\system32\spoolsv.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\comctl32.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\es.dll
c:\windows\system32\imm32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\lpk.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\ntoskrnl.exe
c:\windows\system32\powrprof.dll
c:\windows\system32\scecli.dll
c:\windows\system32\sfc.dll
c:\windows\system32\svchost.exe
c:\windows\system32\tapisrv.dll
c:\windows\system32\user32.dll
c:\windows\system32\userinit.exe
c:\windows\system32\wininet.dll
c:\windows\system32\ws2_32.dll
c:\windows\explorer.exe
c:\windows\system32\ctfmon.exe
c:\windows\system32\shsvcs.dll
c:\windows\system32\regsvc.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\drivers\acpiec.sys
c:\windows\system32\drivers\aec.sys
c:\windows\system32\drivers\agp440.sys
c:\windows\system32\drivers\ip6fw.sys
c:\windows\system32\mfc40u.dll
c:\windows\system32\msgsvc.dll
c:\windows\system32\mspmsnsv.dll
c:\windows\system32\ntkrnlpa.exe
c:\windows\system32\ntmssvc.dll
c:\windows\system32\upnphost.dll
c:\windows\System32\cngaudit.dll

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"=-
[-HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[-HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe_Reader"=-

File::
c:\program files\Internet Explorer\qipsearchbar.dll

Collect::
c:\program files\internet explorer\wmpscfgs.exe

RegLock::
[HKEY_USERS\S-1-5-21-1960408961-261478967-725345543-1004\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{8D8763AB-E93B-4812-964E-F04E0008FD50}\Version]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
[HKEY_LOCAL_MACHINE\softwareSoftware\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
[HKEY_LOCAL_MACHINE\softwareSoftware\Microsoft\Windows NT\CurrentVersion\Windows]

Reboot::
  • Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
  • Přetáhněte tento soubor nad ComboFix a pusťte ho.
  • I tento soubor, i ComboFix musí být na Ploše!
    Obrázek
  • ComboFix se spustí a vykoná příkazy ze skriptu.
  • Počítač bude pravděpodobně restartován.
  • Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
inactive
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#6 Příspěvek od Jespi »

vir mi to neodstranilo..porad mi blokuje internet(pisu z druyhho pc)
ComboFix 10-02-18.05 - Jespi 19.02.2010 18:25:43.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2889 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý


FILE ::
"c:\program files\Internet Explorer\qipsearchbar.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\qipsearchbar.dll

c:\windows\explorer.exe . . . je infikován!!

Nakažená kopie c:\windows\system32\browser.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\browser.dll

c:\windows\System32\cngaudit.dll . . . je infikován!!

Nakažená kopie c:\windows\system32\comctl32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\comctl32.dll

Nakažená kopie c:\windows\system32\cryptsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\cryptsvc.dll

Nakažená kopie c:\windows\system32\ctfmon.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\ctfmon.exe

Nakažená kopie c:\windows\system32\drivers\acpiec.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\acpiec.sys

Nakažená kopie c:\windows\system32\drivers\aec.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\aec.sys

Nakažená kopie c:\windows\system32\drivers\agp440.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\agp440.sys

Nakažená kopie c:\windows\system32\drivers\asyncmac.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\asyncmac.sys

Nakažená kopie c:\windows\system32\drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\atapi.sys

Nakažená kopie c:\windows\system32\drivers\beep.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\beep.sys

Nakažená kopie c:\windows\system32\drivers\ip6fw.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ip6fw.sys

Nakažená kopie c:\windows\system32\drivers\kbdclass.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\kbdclass.sys

Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys

Nakažená kopie c:\windows\system32\drivers\null.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\null.sys

Nakažená kopie c:\windows\system32\drivers\tcpip.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

Nakažená kopie c:\windows\system32\es.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\es.dll

Nakažená kopie c:\windows\system32\imm32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\imm32.dll

Nakažená kopie c:\windows\system32\kernel32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\kernel32.dll

Nakažená kopie c:\windows\system32\linkinfo.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\linkinfo.dll

Nakažená kopie c:\windows\system32\lpk.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\lpk.dll

Nakažená kopie c:\windows\system32\lsass.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\lsass.exe

Nakažená kopie c:\windows\system32\mfc40u.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\mfc40u.dll

Nakažená kopie c:\windows\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\msgsvc.dll

Nakažená kopie c:\windows\system32\mshtml.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\mshtml.dll

Nakažená kopie c:\windows\system32\mspmsnsv.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll

Nakažená kopie c:\windows\system32\msvcrt.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\msvcrt.dll

Nakažená kopie c:\windows\system32\mswsock.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

Nakažená kopie c:\windows\system32\netlogon.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll

Nakažená kopie c:\windows\system32\netman.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\netman.dll

Nakažená kopie c:\windows\system32\ntkrnlpa.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\ntkrpamp.exe

Nakažená kopie c:\windows\system32\ntmssvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntmssvc.dll

Nakažená kopie c:\windows\system32\ntoskrnl.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\ntkrnlmp.exe

Nakažená kopie c:\windows\system32\powrprof.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\powrprof.dll

Nakažená kopie c:\windows\system32\qmgr.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\qmgr.dll

Nakažená kopie c:\windows\system32\regsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\regsvc.dll

Nakažená kopie c:\windows\system32\rpcss.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

Nakažená kopie c:\windows\system32\scecli.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\scecli.dll

Nakažená kopie c:\windows\system32\services.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe

Nakažená kopie c:\windows\system32\sfc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\sfc.dll

Nakažená kopie c:\windows\system32\shsvcs.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\shsvcs.dll

Nakažená kopie c:\windows\system32\schedsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\schedsvc.dll

Nakažená kopie c:\windows\system32\spoolsv.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\spoolsv.exe

Nakažená kopie c:\windows\system32\ssdpsrv.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ssdpsrv.dll

Nakažená kopie c:\windows\system32\svchost.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\svchost.exe

Nakažená kopie c:\windows\system32\tapisrv.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\tapisrv.dll

Nakažená kopie c:\windows\system32\termsrv.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\termsrv.dll

Nakažená kopie c:\windows\system32\upnphost.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\upnphost.dll

Nakažená kopie c:\windows\system32\user32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\user32.dll

Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\userinit.exe

Nakažená kopie c:\windows\system32\wininet.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\wininet.dll

Nakažená kopie c:\windows\system32\winlogon.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\winlogon.exe

Nakažená kopie c:\windows\system32\ws2_32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ws2_32.dll

Nakažená kopie c:\windows\system32\drivers\ndis.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\ndis.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-19 do 2010-02-19 )))))))))))))))))))))))))))))))
.

2010-02-18 21:19 . 2010-02-18 21:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-02-18 21:17 . 2008-04-14 07:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-18 21:12 . 2010-02-18 21:13 -------- d-----w- c:\program files\ICQ6.5
2010-02-18 20:58 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-18 20:31 . 2010-02-18 21:20 3863834 ----a-r- C:\ComboFix.exe
2010-02-18 14:09 . 2010-02-18 14:09 -------- d-----w- c:\program files\ESET
2010-02-18 13:04 . 2010-02-18 13:04 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-----r- c:\documents and settings\NetworkService\Oblíbené položky
2010-02-18 09:20 . 2010-02-18 09:22 -------- d-----w- c:\program files\WinClamAVShield
2010-02-18 09:19 . 2010-02-18 09:19 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-18 09:19 . 2010-02-19 17:22 -------- d-----w- c:\program files\Spyware Terminator
2010-02-18 09:17 . 2010-02-18 14:23 -------- d-----w- C:\!KillBox
2010-02-15 16:55 . 2010-02-15 16:55 737280 ----a-w- c:\windows\iun6002.exe
2010-02-15 16:55 . 2010-02-15 16:55 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-02-15 15:57 . 2010-02-15 15:57 -------- d-----w- C:\Ventrilo
2010-02-14 12:20 . 2010-02-14 12:20 -------- d-sh--w- c:\windows\ftpcache
2010-02-10 14:54 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
2010-02-10 14:54 . 2010-02-10 14:54 -------- d-----w- c:\program files\PremiumSoft
2010-02-08 14:15 . 2010-02-08 14:15 -------- d-----w- c:\program files\OO Software
2010-02-08 14:10 . 2010-02-08 14:10 -------- d-----w- c:\program files\Recuva
2010-02-07 16:34 . 2010-02-07 16:34 -------- d-----w- C:\Logs
2010-02-07 15:27 . 2010-02-15 15:40 -------- d-----w- c:\program files\World of Warcraft
2010-02-07 10:58 . 2010-02-07 16:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-02-06 14:47 . 2010-02-06 14:47 -------- d-----w- c:\windows\system32\URTTEMP
2010-02-05 18:09 . 2010-02-05 19:02 -------- d-----w- c:\program files\Pivot Stickfigure Animator
2010-02-04 02:03 . 2010-02-04 02:03 -------- d-----w- C:\totalcmd
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-02-03 13:46 . 2010-02-03 13:46 -------- d-----w- c:\program files\QIP
2010-02-03 03:21 . 2010-02-03 03:21 -------- d-----w- c:\program files\LS
2010-02-02 15:06 . 2010-02-02 15:06 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\windows\system32\AGEIA
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-02 15:06 . 2010-02-15 15:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-02 15:02 . 2010-02-02 15:02 -------- d-----w- c:\program files\Deep Silver
2010-02-01 17:20 . 2010-02-01 17:20 -------- d-----w- c:\program files\EA Sports
2010-01-26 23:15 . 2010-01-26 23:15 -------- d--h--w- c:\windows\PIF
2010-01-26 10:26 . 2010-01-26 10:27 -------- d-----w- c:\program files\Crawler
2010-01-24 19:35 . 2010-01-24 19:35 -------- d-----w- c:\program files\Bethesda Softworks
2010-01-24 12:12 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-01-23 20:45 . 2010-01-23 20:47 -------- d-----w- c:\program files\MagicISO

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 17:24 . 2006-03-02 12:00 83652 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 17:24 . 2006-03-02 12:00 440316 ----a-w- c:\windows\system32\perfh005.dat
2010-02-18 20:41 . 2010-01-16 16:33 -------- d-----w- c:\program files\Cheat Engine
2010-02-18 13:15 . 2010-01-13 14:16 -------- d-----w- c:\program files\The KMPlayer
2010-02-13 23:52 . 2010-01-10 15:32 -------- d-----w- c:\program files\SpeedFan
2010-02-02 15:02 . 2010-01-10 13:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 00:29 . 2010-01-20 14:38 -------- d-----w- c:\program files\ATI
2010-01-20 16:24 . 2010-01-20 16:12 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-01-20 16:00 . 2010-01-20 15:58 -------- d-----w- c:\program files\Rockstar Games
2010-01-20 14:51 . 2010-01-10 16:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 14:45 . 2010-01-10 13:17 -------- d-----w- c:\program files\ATI Technologies
2010-01-18 19:20 . 2010-01-18 19:20 -------- d-----w- c:\program files\GoldWave
2010-01-18 14:10 . 2010-01-18 14:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-18 14:10 . 2010-01-18 14:10 -------- d-----w- c:\program files\Java
2010-01-17 12:31 . 2010-01-17 12:20 -------- d-----w- c:\program files\Lightsmark 2008
2010-01-17 11:36 . 2010-01-17 11:22 -------- d-----w- c:\program files\CPU Speed Pro
2010-01-17 11:16 . 2010-01-10 15:03 -------- d-----w- c:\program files\ASUS
2010-01-16 21:32 . 2010-01-16 21:28 3 ----a-w- c:\windows\sbacknt.bin
2010-01-16 21:28 . 2010-01-16 21:28 152904 ----a-w- c:\windows\system32\vghd.scr
2010-01-15 22:07 . 2010-01-14 17:53 -------- d-----w- c:\program files\Microsoft Works
2010-01-15 18:57 . 2010-01-15 18:57 -------- d-----w- c:\program files\CooL Wallpaper Changer
2010-01-14 20:46 . 2010-01-14 19:19 -------- d-----w- c:\program files\Magic Video Converter
2010-01-14 18:33 . 2010-01-14 18:33 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 17:53 . 2010-01-10 16:42 -------- d-----w- c:\program files\MSBuild
2010-01-14 17:52 . 2010-01-14 17:52 -------- d-----w- c:\program files\Microsoft.NET
2010-01-14 17:51 . 2010-01-14 17:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-14 17:48 . 2010-01-14 17:48 -------- d-----w- c:\program files\Ashampoo
2010-01-14 17:39 . 2010-01-14 17:39 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-12 18:35 . 2010-01-12 18:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-12 18:33 . 2010-01-12 18:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-12 17:46 . 2010-01-10 13:01 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-12 17:46 . 2010-01-10 13:01 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-12 17:16 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp
2010-01-12 17:15 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp Detect
2010-01-10 16:42 . 2010-01-10 16:42 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 16:39 . 2010-01-10 16:39 -------- d-----w- c:\program files\MSXML 6.0
2010-01-10 15:35 . 2010-01-10 13:02 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 15:13 . 2010-01-10 15:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-10 15:00 . 2010-01-10 15:00 -------- d-----w- c:\program files\Realtek
2010-01-10 15:00 . 2010-01-10 15:00 315392 ----a-w- c:\windows\HideWin.exe
2010-01-10 14:54 . 2010-01-10 14:54 -------- d-----w- c:\program files\Intel
2010-01-10 13:57 . 2010-01-10 13:57 0 ----a-w- c:\windows\nsreg.dat
2010-01-10 13:22 . 2010-01-10 13:22 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-10 13:19 . 2010-01-10 13:19 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-10 13:17 . 2010-01-10 13:16 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-10 13:14 . 2010-01-10 13:14 -------- d-----w- c:\program files\T-Mobile
2010-01-10 13:02 . 2010-01-10 13:02 -------- d-----w- c:\program files\microsoft frontpage
2010-01-10 13:00 . 2010-01-10 13:00 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-10 12:59 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2006-03-02 12:00 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2006-03-02 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-27 17:14 . 2006-03-02 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2006-03-02 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-25 03:50 . 2008-08-06 07:20 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:27 . 2010-01-10 13:17 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26 . 2008-08-06 07:20 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2008-08-06 07:20 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2008-08-06 07:20 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2008-08-06 07:20 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2008-08-06 07:20 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2010-01-10 13:17 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59 . 2008-08-06 07:20 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2010-01-20 14:38 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2008-08-06 07:20 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42 . 2010-01-10 13:17 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2010-01-10 13:17 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-25 02:26 . 2010-01-20 14:38 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-25 02:26 . 2008-08-06 07:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2008-08-06 07:20 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:20 . 2010-01-20 14:38 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-25 02:20 . 2010-01-20 14:38 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-25 02:19 . 2008-08-06 07:20 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2008-08-06 07:20 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2010-01-20 14:38 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-25 02:18 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2008-08-06 07:20 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2008-08-06 07:20 638976 ----a-w- c:\windows\system32\ati2cqag.dll
.

------- Sigcheck -------

[7] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfcfiles.dll
[7] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[7] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\sfcfiles.dll
[7] 2006-03-02 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

c:\windows\System32\sfcfiles.dll ... chybí !!
.
((((((((((((((((((((((((((((( SnapShot_2010-02-18_21.27.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-19 17:35 . 2010-02-19 17:35 16384 c:\windows\temp\Perflib_Perfdata_6e8.dat
- 2006-03-02 12:00 . 2010-02-18 21:23 71846 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2010-02-19 17:24 71846 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2008-04-14 07:51 52224 c:\windows\system32\mspmsnsv.dll
+ 2006-03-02 12:00 . 2009-02-09 10:59 401408 c:\windows\system32\rpcss.dll
- 2006-03-02 12:00 . 2009-02-09 10:56 401408 c:\windows\system32\rpcss.dll
- 2006-03-02 12:00 . 2010-02-18 21:23 443588 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2010-02-19 17:24 443588 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2009-02-06 18:47 408064 c:\windows\system32\netlogon.dll
+ 2006-03-02 12:00 . 2009-03-21 14:21 984576 c:\windows\system32\kernel32.dll
- 2006-03-02 12:00 . 2008-07-07 20:29 253952 c:\windows\system32\es.dll
+ 2006-03-02 12:00 . 2008-07-07 20:32 253952 c:\windows\system32\es.dll
- 2006-03-02 12:00 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2006-03-02 12:00 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-18 3037696]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-18 2166784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2010 19:33 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [18.2.2010 10:19 142592]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [21.7.2009 16:48 66288]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
.
.
------- Doplňkový sken -------
.
uStart Page = res://c:\windows\system32\ieframe.dll/dnserror.htm#hxxp://seznam.cz
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Jespi\Data aplikací\Mozilla\Firefox\Profiles\gb9gcsvk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-19 18:37
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spsk.sys >>UNKNOWN [0x8B1B9938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba10cf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9e2fb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
NDIS: Atheros AR8121/AR8113 PCI-E Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9d4abb0
PacketIndicateHandler -> NDIS.sys @ 0xb9d57a21
SendHandler -> NDIS.sys @ 0xb9d3587b
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1960408961-261478967-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:5d,c6,fd,50,eb,45,87,11,25,92,40,01,21,a8,fc,a8,d8,b5,e3,9e,83,
b4,eb,c3,83,c3,23,76,61,cf,d9,07,0c,5d,6f,6d,e4,12,e8,fe,5f,30,9a,82,69,0c,\
"rkeysecu"=hex:c6,1d,d9,cf,19,a6,ee,bc,10,c9,b5,1c,13,97,06,36
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2500)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-02-19 18:39:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-19 17:39
ComboFix2.txt 2010-02-18 21:28

Před spuštěním: Volných bajtů: 48 809 676 800
Po spuštění: Volných bajtů: 48 782 475 264

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 2CCF8AF90E821A7903EDD74761743A53
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Kryptik/injector aspol :D

#7 Příspěvek od Unlimited_Killer »

Zkusíme pár dalších věcí... Teď je obzvlášť důležité dodržet pořadí!

1) Stažení několika souborů
  • Stáhněte si soubory explorer.exe a cngaudit.dll.
  • Oba je umístěte přesně na disk C: (důležité).
  • Využijeme je v následujícím skriptu.
2) Skript do ComboFix-u
  • Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
  • Do něj vkopírujte následující text:

    Kód: Vybrat vše

    KillAll::

FCopy::
c:\windows\ERDNT\cache\sfcfiles.dll | c:\windows\System32\sfcfiles.dll
c:\explorer.exe | c:\windows\explorer.exe
c:\cngaudit.dll | c:\windows\System32\cngaudit.dll

Extra::

DDS::
uStart Page = res://c:\windows\system32\ieframe.dll/dnserror.htm#hxxp://seznam.cz
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll

FireFox::
FF - ProfilePath - c:\documents and settings\Jespi\Data aplikací\Mozilla\Firefox\Profiles\gb9gcsvk.default\
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=

RegLock::
[HKEY_USERS\S-1-5-21-1960408961-261478967-725345543-1004\Software\SecuROM\License information*]

Reboot::
  • Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
  • Přetáhněte tento soubor nad ComboFix a pusťte ho.
  • I tento soubor, i ComboFix musí být na Ploše!
    Obrázek
  • ComboFix se spustí a vykoná příkazy ze skriptu.
  • Počítač bude pravděpodobně restartován.
  • Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
3) VirusTotal
  • Otestujte na VirusTotal soubory:

    Kód: Vybrat vše

    c:\windows\UC.PIF
c:\windows\RAR.PIF
c:\windows\PKZIP.PIF
c:\windows\PKUNZIP.PIF
c:\windows\NOCLOSE.PIF
c:\windows\LHA.PIF
c:\windows\ARJ.PIF
  • Jednoduše tam vkopírujete cesty, co jsem napsal do code.
  • Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
  • Poté jsem vložíte linky (odkazy) na jednotlivé testy.
4) Odinstalace virtuálních mechanik
  • Odinstalujte všechny virtuální mechaniky - například Alcohol, DeamonTools atd.
5) Odinstalace SPTD
  • Přejděte na tento odkaz.
  • Zde si stáhněte verzi SPTD dle Vašeho operačního systému (XP/Vista/W7 - 32/64bit).
  • Stažený soubor dvojklikem spusťte.
  • Klikněte na prostřední tlačítko 'Uninstall'.
  • Restartujte PC.
6) MBR.exe
  • Stáhněte MBR.exe na Plochu.
  • Proklikejte se na Start → Spustit [Win+R] a zadejte či vkopírujte následující text:

    Kód: Vybrat vše

    "%userprofile%\plocha\mbr" -t
  • Nyní stiskněte 'Enter'.
  • Na Ploše by se měl vytvořit soubor MBR.log, jehož obsah mi sem vkopírujete ve formě textu.
7) GMER
  • Stáhněte GMER, rozbalte ho na Plochu a dvojklikem ho spusťte.
  • Několik sekund bude skenovat.
  • Až sken dokončí, klikněte na 'Save' - to vygeneruje první log, který mi vložíte ve formě textu sem.
  • Poté vytvořte druhý log, přičemž se budete řídit tímto návodem - tento log mi sem taktéž vložíte.
8) Malwarebytes' Anti-Malware
  • Stáhněte MbAM a postupujte podle popisu.
  • Zatím nic nemažte, MbAM má občas falešné detekce.
  • Poté mi sem vložte log ve formě textu.
inactive
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#8 Příspěvek od Jespi »

zatim pridavam log z comba...na dalsich krocich pracuju...btw internet nachvili na poškozeném pc fungoval,po restartu opět nn
ale docela mam problem s tim krokem 3..nemuzu ty soubory otestovat,kdyz mi nefunguje internet...a nechce se mi možné infikované soubory přenášet na čistej pc
ComboFix 10-02-18.05 - Jespi 19.02.2010 20:32:06.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2852 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.
ADS - explorer.exe: deleted 26 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\explorer.exe
c:\progra~1\Crawler\Toolbar\ctbr.dll

.
--------------- FCopy ---------------

c:\windows\ERDNT\cache\sfcfiles.dll --> c:\windows\System32\sfcfiles.dll
c:\explorer.exe --> c:\windows\explorer.exe
c:\cngaudit.dll --> c:\windows\System32\cngaudit.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-19 do 2010-02-19 )))))))))))))))))))))))))))))))
.

2010-02-19 19:32 . 2010-02-19 19:23 14848 ----a-w- c:\windows\system32\cngaudit.dll
2010-02-19 19:32 . 2008-04-14 07:51 1571840 ----a-w- c:\windows\system32\sfcfiles.dll
2010-02-19 19:23 . 2010-02-19 19:23 14848 ------w- C:\cngaudit.dll
2010-02-18 21:19 . 2010-02-18 21:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-02-18 21:17 . 2008-04-14 07:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-18 21:12 . 2010-02-18 21:13 -------- d-----w- c:\program files\ICQ6.5
2010-02-18 20:58 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-18 20:31 . 2010-02-18 21:20 3863834 ----a-r- C:\ComboFix.exe
2010-02-18 14:09 . 2010-02-18 14:09 -------- d-----w- c:\program files\ESET
2010-02-18 13:04 . 2010-02-18 13:04 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-18 13:03 . 2010-02-18 13:03 -------- d-----r- c:\documents and settings\NetworkService\Oblíbené položky
2010-02-18 09:20 . 2010-02-18 09:22 -------- d-----w- c:\program files\WinClamAVShield
2010-02-18 09:19 . 2010-02-18 09:19 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-18 09:19 . 2010-02-19 18:35 -------- d-----w- c:\program files\Spyware Terminator
2010-02-18 09:17 . 2010-02-18 14:23 -------- d-----w- C:\!KillBox
2010-02-15 16:55 . 2010-02-15 16:55 737280 ----a-w- c:\windows\iun6002.exe
2010-02-15 16:55 . 2010-02-15 16:55 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-02-15 15:57 . 2010-02-15 15:57 -------- d-----w- C:\Ventrilo
2010-02-14 12:20 . 2010-02-14 12:20 -------- d-sh--w- c:\windows\ftpcache
2010-02-10 14:54 . 2009-07-10 11:33 1589248 ----a-w- c:\windows\system32\libmysql_d.dll
2010-02-10 14:54 . 2010-02-10 14:54 -------- d-----w- c:\program files\PremiumSoft
2010-02-08 14:15 . 2010-02-08 14:15 -------- d-----w- c:\program files\OO Software
2010-02-08 14:10 . 2010-02-08 14:10 -------- d-----w- c:\program files\Recuva
2010-02-07 16:34 . 2010-02-07 16:34 -------- d-----w- C:\Logs
2010-02-07 15:27 . 2010-02-15 15:40 -------- d-----w- c:\program files\World of Warcraft
2010-02-07 10:58 . 2010-02-07 16:44 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-02-06 14:47 . 2010-02-06 14:47 -------- d-----w- c:\windows\system32\URTTEMP
2010-02-05 18:09 . 2010-02-05 19:02 -------- d-----w- c:\program files\Pivot Stickfigure Animator
2010-02-04 02:03 . 2010-02-04 02:03 -------- d-----w- C:\totalcmd
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-02-04 02:03 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-02-03 13:46 . 2010-02-03 13:46 -------- d-----w- c:\program files\QIP
2010-02-03 03:21 . 2010-02-03 03:21 -------- d-----w- c:\program files\LS
2010-02-02 15:06 . 2010-02-02 15:06 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\windows\system32\AGEIA
2010-02-02 15:06 . 2010-02-02 15:06 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-02 15:06 . 2010-02-15 15:57 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-02 15:02 . 2010-02-02 15:02 -------- d-----w- c:\program files\Deep Silver
2010-02-01 17:20 . 2010-02-01 17:20 -------- d-----w- c:\program files\EA Sports
2010-01-26 23:15 . 2010-01-26 23:15 -------- d--h--w- c:\windows\PIF
2010-01-26 10:26 . 2010-01-26 10:27 -------- d-----w- c:\program files\Crawler
2010-01-24 19:35 . 2010-01-24 19:35 -------- d-----w- c:\program files\Bethesda Softworks
2010-01-24 12:12 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-01-23 20:45 . 2010-01-23 20:47 -------- d-----w- c:\program files\MagicISO

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 19:23 . 2006-03-02 12:00 1034240 ----a-w- c:\windows\explorer.exe
2010-02-19 19:19 . 2006-03-02 12:00 83652 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 19:19 . 2006-03-02 12:00 440316 ----a-w- c:\windows\system32\perfh005.dat
2010-02-18 20:41 . 2010-01-16 16:33 -------- d-----w- c:\program files\Cheat Engine
2010-02-18 13:15 . 2010-01-13 14:16 -------- d-----w- c:\program files\The KMPlayer
2010-02-13 23:52 . 2010-01-10 15:32 -------- d-----w- c:\program files\SpeedFan
2010-02-02 15:02 . 2010-01-10 13:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-01 00:29 . 2010-01-20 14:38 -------- d-----w- c:\program files\ATI
2010-01-20 16:24 . 2010-01-20 16:12 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-01-20 16:00 . 2010-01-20 15:58 -------- d-----w- c:\program files\Rockstar Games
2010-01-20 14:51 . 2010-01-10 16:47 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-20 14:45 . 2010-01-10 13:17 -------- d-----w- c:\program files\ATI Technologies
2010-01-18 19:20 . 2010-01-18 19:20 -------- d-----w- c:\program files\GoldWave
2010-01-18 14:10 . 2010-01-18 14:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-18 14:10 . 2010-01-18 14:10 -------- d-----w- c:\program files\Java
2010-01-17 12:31 . 2010-01-17 12:20 -------- d-----w- c:\program files\Lightsmark 2008
2010-01-17 11:36 . 2010-01-17 11:22 -------- d-----w- c:\program files\CPU Speed Pro
2010-01-17 11:16 . 2010-01-10 15:03 -------- d-----w- c:\program files\ASUS
2010-01-16 21:32 . 2010-01-16 21:28 3 ----a-w- c:\windows\sbacknt.bin
2010-01-16 21:28 . 2010-01-16 21:28 152904 ----a-w- c:\windows\system32\vghd.scr
2010-01-15 22:07 . 2010-01-14 17:53 -------- d-----w- c:\program files\Microsoft Works
2010-01-15 18:57 . 2010-01-15 18:57 -------- d-----w- c:\program files\CooL Wallpaper Changer
2010-01-14 20:46 . 2010-01-14 19:19 -------- d-----w- c:\program files\Magic Video Converter
2010-01-14 18:33 . 2010-01-14 18:33 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 17:53 . 2010-01-10 16:42 -------- d-----w- c:\program files\MSBuild
2010-01-14 17:52 . 2010-01-14 17:52 -------- d-----w- c:\program files\Microsoft.NET
2010-01-14 17:51 . 2010-01-14 17:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-01-14 17:48 . 2010-01-14 17:48 -------- d-----w- c:\program files\Ashampoo
2010-01-14 17:39 . 2010-01-14 17:39 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-12 18:35 . 2010-01-12 18:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-12 18:33 . 2010-01-12 18:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-12 17:46 . 2010-01-10 13:01 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-12 17:46 . 2010-01-10 13:01 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-12 17:16 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp
2010-01-12 17:15 . 2010-01-12 17:15 -------- d-----w- c:\program files\Winamp Detect
2010-01-10 16:42 . 2010-01-10 16:42 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 16:39 . 2010-01-10 16:39 -------- d-----w- c:\program files\MSXML 6.0
2010-01-10 15:35 . 2010-01-10 13:02 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 15:13 . 2010-01-10 15:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-01-10 15:00 . 2010-01-10 15:00 -------- d-----w- c:\program files\Realtek
2010-01-10 15:00 . 2010-01-10 15:00 315392 ----a-w- c:\windows\HideWin.exe
2010-01-10 14:54 . 2010-01-10 14:54 -------- d-----w- c:\program files\Intel
2010-01-10 13:57 . 2010-01-10 13:57 0 ----a-w- c:\windows\nsreg.dat
2010-01-10 13:22 . 2010-01-10 13:22 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-10 13:19 . 2010-01-10 13:19 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-10 13:17 . 2010-01-10 13:16 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-10 13:14 . 2010-01-10 13:14 -------- d-----w- c:\program files\T-Mobile
2010-01-10 13:02 . 2010-01-10 13:02 -------- d-----w- c:\program files\microsoft frontpage
2010-01-10 13:00 . 2010-01-10 13:00 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2006-03-02 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-10 12:59 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2006-03-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2006-03-02 12:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2006-03-02 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-27 17:14 . 2006-03-02 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2006-03-02 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2006-03-02 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-25 03:50 . 2008-08-06 07:20 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:27 . 2010-01-10 13:17 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26 . 2008-08-06 07:20 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2008-08-06 07:20 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2008-08-06 07:20 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2008-08-06 07:20 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2008-08-06 07:20 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2008-08-06 07:20 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2010-01-10 13:17 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59 . 2008-08-06 07:20 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2010-01-20 14:38 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2008-08-06 07:20 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42 . 2010-01-10 13:17 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2010-01-10 13:17 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-25 02:26 . 2010-01-20 14:38 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-25 02:26 . 2008-08-06 07:20 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2008-08-06 07:20 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:20 . 2010-01-20 14:38 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-25 02:20 . 2010-01-20 14:38 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-25 02:19 . 2008-08-06 07:20 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2008-08-06 07:20 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2010-01-20 14:38 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-25 02:18 . 2008-08-06 07:20 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2008-08-06 07:20 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2008-08-06 07:20 638976 ----a-w- c:\windows\system32\ati2cqag.dll
.

((((((((((((((((((((((((((((( SnapShot_2010-02-18_21.27.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-19 19:36 . 2010-02-19 19:36 16384 c:\windows\temp\Perflib_Perfdata_7a4.dat
- 2006-03-02 12:00 . 2010-02-18 21:23 71846 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2010-02-19 19:19 71846 c:\windows\system32\perfc009.dat
+ 2006-03-02 12:00 . 2008-04-14 07:51 52224 c:\windows\system32\mspmsnsv.dll
+ 2006-03-02 12:00 . 2009-02-09 10:59 401408 c:\windows\system32\rpcss.dll
- 2006-03-02 12:00 . 2009-02-09 10:56 401408 c:\windows\system32\rpcss.dll
- 2006-03-02 12:00 . 2010-02-18 21:23 443588 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2010-02-19 19:19 443588 c:\windows\system32\perfh009.dat
+ 2006-03-02 12:00 . 2009-02-06 18:47 408064 c:\windows\system32\netlogon.dll
+ 2006-03-02 12:00 . 2009-03-21 14:21 984576 c:\windows\system32\kernel32.dll
- 2006-03-02 12:00 . 2008-07-07 20:29 253952 c:\windows\system32\es.dll
+ 2006-03-02 12:00 . 2008-07-07 20:32 253952 c:\windows\system32\es.dll
- 2006-03-02 12:00 . 2008-06-20 11:51 361600 c:\windows\system32\drivers\tcpip.sys
+ 2006-03-02 12:00 . 2008-06-20 11:59 361600 c:\windows\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-18 3037696]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-18 2166784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [29.9.2009 13:02 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [29.9.2009 13:05 96408]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [18.2.2010 10:19 142592]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files\T-Mobile\Web'n'walk Manager\ameisvc.exe [21.7.2009 16:48 66288]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [29.9.2009 13:03 735960]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2010 19:33 691696]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Jespi\Data aplikací\Mozilla\Firefox\Profiles\gb9gcsvk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-19 20:37
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1960408961-261478967-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:5d,c6,fd,50,eb,45,87,11,25,92,40,01,21,a8,fc,a8,d8,b5,e3,9e,83,
b4,eb,c3,83,c3,23,76,61,cf,d9,07,0c,5d,6f,6d,e4,12,e8,fe,5f,30,9a,82,69,0c,\
"rkeysecu"=hex:c6,1d,d9,cf,19,a6,ee,bc,10,c9,b5,1c,13,97,06,36
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(748)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3292)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
.
**************************************************************************
.
Celkový čas: 2010-02-19 20:39:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-19 19:39
ComboFix2.txt 2010-02-19 19:09
ComboFix3.txt 2010-02-19 17:39
ComboFix4.txt 2010-02-18 21:28

Před spuštěním: Volných bajtů: 48 792 240 128
Po spuštění: Volných bajtů: 48 776 925 184

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 8005FC10D4881577AB6105FD9874B2EB
Naposledy upravil(a) Jespi dne 19 úno 2010 20:54, celkem upraveno 1 x.
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Kryptik/injector aspol :D

#9 Příspěvek od Unlimited_Killer »

0K.
inactive
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#10 Příspěvek od Jespi »

Takze 3. krok jsem vynechal u pátého kroku nebyla pole "Uninstal aktivní" takže jsem to nechal být připouju zatím MBR log,jdu na gmer a při instalaci
Malwarebytes' Anti-Malware mi zamrzla plocha+instalacka...kdyz to zrovna isntalovalo nějakou knihovnu .dll mozna to souvisí s tímhle errorem který mi pc při rozběhnutí vypisuje
Přílohy
errror.JPG
errror.JPG (5.15 KiB) Zobrazeno 1941 x
Nahoru
Jespi
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 18 úno 2010 21:28

Re: Kryptik/injector aspol :D

#11 Příspěvek od Jespi »

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: Kryptik/injector aspol :D

#12 Příspěvek od Unlimited_Killer »

Postupujte dál.
inactive
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“