Ještě poprosím o záložku files.
Mohl by jste ještě zkusit spustit Gmer v nouzovém režimu a pouze zaškrtnout
system, devices, modules, files, processes?
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé Pc mizení ikonek na liště a blokování aktualizací ati
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Ano udělám to tady je ten druhý log, ale po skončení scanu se objevila tabulka ... Error - on -disk corruption detected - run chkdsk !
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/05/21 14:35
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Hidden/Locked Files
-------------------
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016423.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016443.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016463.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016406.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016407.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016408.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016409.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016410.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016411.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016412.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016413.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016414.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016415.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016416.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016417.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016418.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016419.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016420.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016421.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016422.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016424.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016425.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016426.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016427.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016428.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016429.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016430.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016431.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016432.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016433.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016434.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016435.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016436.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016437.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016438.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016439.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016440.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016444.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016447.spt
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016448.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016449.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016450.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016451.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016452.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016453.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016454.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016455.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016456.old
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016457.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016458.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016459.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016460.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016461.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016462.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016463.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016464.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016465.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016466.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016467.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016468.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016469.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016470.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016471.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016472.spt
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log.1
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log.2
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\RestorePointSize
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\rp.log
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\snapshot
Status: Invisible to the Windows API!
ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/05/21 14:35
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Hidden/Locked Files
-------------------
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016423.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016443.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016463.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016406.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016407.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016408.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016409.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016410.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016411.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016412.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016413.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016414.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016415.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016416.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016417.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016418.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016419.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016420.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016421.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016422.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016424.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016425.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016426.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016427.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016428.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016429.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016430.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016431.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016432.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016433.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016434.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016435.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016436.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016437.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016438.dir
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016439.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016440.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016444.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016447.spt
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016448.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016449.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016450.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016451.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016452.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016453.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016454.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016455.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016456.old
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016457.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016458.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016459.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016460.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016461.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016462.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016463.LNK
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016464.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016465.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016466.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016467.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016468.ini
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016469.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016470.SPT
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016471.lnk
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\A0016472.spt
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log.1
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\change.log.2
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\RestorePointSize
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\rp.log
Status: Invisible to the Windows API!
Path: C:\WINDOWS\WinSxS\InstallTemp\snapshot
Status: Invisible to the Windows API!
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Udělejte kontrolu disku s opravou chyb
start-spustit - napište chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat
start-spustit - napište chkdsk /f/r -[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Disk neobsahuje žádné chyby.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Udělejte znovu ten gmer 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Nic pořád se to restartuje.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
I když by jste to dělal po jedné záložce?
Pokud to opravdu nejde, poprosím Vás, udělejte všechny záložky v rootrepealu, kromě drivers a files, ty už jste dělal.
Pokud to opravdu nejde, poprosím Vás, udělejte všechny záložky v rootrepealu, kromě drivers a files, ty už jste dělal.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Tak sem z toho gmeru vytáhl toto...víc nenašel.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:41:44
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E10212A0
Device \Driver\JRAID \Device\Scsi\JRAID1Port4Path0Target0Lun0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\JRAID \Device\Scsi\JRAID1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:49:01
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:41:03
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Kernel code sections - GMER 1.0.15 ----
.xreloc C:\WINDOWS\system32\drivers\sfsync04.sys unknown last section [0xF74F6000, 0xC0A, 0x40000040]
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:41:44
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Devices - GMER 1.0.15 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort2 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E10212A0
Device \Driver\JRAID \Device\Scsi\JRAID1Port4Path0Target0Lun0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\JRAID \Device\Scsi\JRAID1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:49:01
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x86 0x42 0xB5 0x13 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x3A 0xF4 0xBA 0x70 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x18 0x80 0x28 0xD7 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xB9 0x43 0x7C 0xAA ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x46 0x18 0x79 0x4E ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xFA 0x7F 0x49 0x9B ...
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-24 14:41:03
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Patas\LOCALS~1\Temp\pwtdapob.sys
---- Kernel code sections - GMER 1.0.15 ----
.xreloc C:\WINDOWS\system32\drivers\sfsync04.sys unknown last section [0xF74F6000, 0xC0A, 0x40000040]
---- EOF - GMER 1.0.15 ----
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
V lozích nic nevidím 
Opět aktualizujte combofix, přejmenujte ho na cokoliv com a spusťte.
Opět aktualizujte combofix, přejmenujte ho na cokoliv com a spusťte.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Omlouvám se, že mě to tak dlouho trvalo..mám hodně práce. Tady je ten loog combofix zase hlásil aktivitu rootkitu...
ComboFix 10-06-01.05 - Patas 02.06.2010 20:24:44.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1673 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patas\Plocha\Cokoliv.com
AV: eScan Anti-Virus (AV) Edition for Windows *On-access scanning enabled* (Updated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
FW: eScan Anti-Virus (AV) Edition for Windows *enabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-02 do 2010-06-02 )))))))))))))))))))))))))))))))
.
2010-05-26 17:13 . 2010-05-26 17:13 -------- d-----w- c:\documents and settings\Patas\.thumbnails
2010-05-12 15:18 . 2010-05-12 15:18 -------- d-----w- c:\program files\World of Warcraft.temp
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----r- c:\documents and settings\Administrator.PATRIK\Oblíbené položky
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Plocha
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Nabídka Start
2010-05-04 13:34 . 2010-05-04 13:36 -------- d-----w- c:\documents and settings\Administrator.PATRIK
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 16:03 . 2009-02-08 17:18 -------- d-----w- c:\program files\Spyware Terminator
2010-05-19 12:29 . 2007-12-09 15:26 -------- d-----w- c:\program files\Google
2010-05-16 13:11 . 2010-02-14 08:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-04 14:49 . 2009-06-07 07:29 -------- d-----w- c:\program files\DivX
2010-05-04 14:49 . 2008-01-25 17:11 -------- d-----w- c:\program files\Windows Media Connect 2
2010-05-04 13:26 . 2007-07-24 15:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-03 18:09 . 2010-05-03 17:30 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-05-03 17:45 . 2009-02-02 19:25 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-05-03 17:45 . 2009-02-02 19:25 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-05-03 17:45 . 2009-02-02 19:25 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-05-02 17:04 . 2008-01-11 17:29 -------- d-----w- c:\program files\Common Files\Java
2010-05-02 17:04 . 2008-01-11 17:31 -------- d-----w- c:\program files\Java
2010-04-29 18:52 . 2009-12-23 19:31 -------- d-----w- c:\program files\iTunes
2010-04-29 18:52 . 2010-04-29 18:52 -------- d-----w- c:\program files\iPod
2010-04-29 18:52 . 2009-12-23 19:26 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 18:48 . 2010-04-29 18:48 -------- d-----w- c:\program files\Bonjour
2010-04-27 19:09 . 2010-04-27 19:08 -------- d-----w- c:\program files\trend micro
2010-04-24 08:42 . 2010-04-24 08:42 -------- d-----w- c:\program files\CCleaner
ComboFix 10-06-01.05 - Patas 02.06.2010 20:24:44.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1673 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patas\Plocha\Cokoliv.com
AV: eScan Anti-Virus (AV) Edition for Windows *On-access scanning enabled* (Updated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
FW: eScan Anti-Virus (AV) Edition for Windows *enabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-02 do 2010-06-02 )))))))))))))))))))))))))))))))
.
2010-05-26 17:13 . 2010-05-26 17:13 -------- d-----w- c:\documents and settings\Patas\.thumbnails
2010-05-12 15:18 . 2010-05-12 15:18 -------- d-----w- c:\program files\World of Warcraft.temp
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----r- c:\documents and settings\Administrator.PATRIK\Oblíbené položky
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Plocha
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Nabídka Start
2010-05-04 13:34 . 2010-05-04 13:36 -------- d-----w- c:\documents and settings\Administrator.PATRIK
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 16:03 . 2009-02-08 17:18 -------- d-----w- c:\program files\Spyware Terminator
2010-05-19 12:29 . 2007-12-09 15:26 -------- d-----w- c:\program files\Google
2010-05-16 13:11 . 2010-02-14 08:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-04 14:49 . 2009-06-07 07:29 -------- d-----w- c:\program files\DivX
2010-05-04 14:49 . 2008-01-25 17:11 -------- d-----w- c:\program files\Windows Media Connect 2
2010-05-04 13:26 . 2007-07-24 15:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-03 18:09 . 2010-05-03 17:30 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-05-03 17:45 . 2009-02-02 19:25 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-05-03 17:45 . 2009-02-02 19:25 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-05-03 17:45 . 2009-02-02 19:25 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-05-02 17:04 . 2008-01-11 17:29 -------- d-----w- c:\program files\Common Files\Java
2010-05-02 17:04 . 2008-01-11 17:31 -------- d-----w- c:\program files\Java
2010-04-29 18:52 . 2009-12-23 19:31 -------- d-----w- c:\program files\iTunes
2010-04-29 18:52 . 2010-04-29 18:52 -------- d-----w- c:\program files\iPod
2010-04-29 18:52 . 2009-12-23 19:26 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 18:48 . 2010-04-29 18:48 -------- d-----w- c:\program files\Bonjour
2010-04-27 19:09 . 2010-04-27 19:08 -------- d-----w- c:\program files\trend micro
2010-04-24 08:42 . 2010-04-24 08:42 -------- d-----w- c:\program files\CCleaner
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Ten log není celý
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Aha toho sem si nevšiml omlouvám se tady je to celý ...
ComboFix 10-06-01.05 - Patas 02.06.2010 20:24:44.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1673 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patas\Plocha\Cokoliv.com
AV: eScan Anti-Virus (AV) Edition for Windows *On-access scanning enabled* (Updated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
FW: eScan Anti-Virus (AV) Edition for Windows *enabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-02 do 2010-06-02 )))))))))))))))))))))))))))))))
.
2010-05-26 17:13 . 2010-05-26 17:13 -------- d-----w- c:\documents and settings\Patas\.thumbnails
2010-05-12 15:18 . 2010-05-12 15:18 -------- d-----w- c:\program files\World of Warcraft.temp
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----r- c:\documents and settings\Administrator.PATRIK\Oblíbené položky
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Plocha
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Nabídka Start
2010-05-04 13:34 . 2010-05-04 13:36 -------- d-----w- c:\documents and settings\Administrator.PATRIK
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 16:03 . 2009-02-08 17:18 -------- d-----w- c:\program files\Spyware Terminator
2010-05-19 12:29 . 2007-12-09 15:26 -------- d-----w- c:\program files\Google
2010-05-16 13:11 . 2010-02-14 08:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-04 14:49 . 2009-06-07 07:29 -------- d-----w- c:\program files\DivX
2010-05-04 14:49 . 2008-01-25 17:11 -------- d-----w- c:\program files\Windows Media Connect 2
2010-05-04 13:26 . 2007-07-24 15:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-03 18:09 . 2010-05-03 17:30 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-05-03 17:45 . 2009-02-02 19:25 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-05-03 17:45 . 2009-02-02 19:25 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-05-03 17:45 . 2009-02-02 19:25 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-05-02 17:04 . 2008-01-11 17:29 -------- d-----w- c:\program files\Common Files\Java
2010-05-02 17:04 . 2008-01-11 17:31 -------- d-----w- c:\program files\Java
2010-04-29 18:52 . 2009-12-23 19:31 -------- d-----w- c:\program files\iTunes
2010-04-29 18:52 . 2010-04-29 18:52 -------- d-----w- c:\program files\iPod
2010-04-29 18:52 . 2009-12-23 19:26 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 18:48 . 2010-04-29 18:48 -------- d-----w- c:\program files\Bonjour
2010-04-27 19:09 . 2010-04-27 19:08 -------- d-----w- c:\program files\trend micro
2010-04-24 08:42 . 2010-04-24 08:42 -------- d-----w- c:\program files\CCleaner
2010-04-24 08:27 . 2009-11-02 16:55 -------- d-----w- c:\program files\UltiDev
2010-04-24 08:27 . 2008-12-14 13:16 -------- d-----w- c:\program files\ICQ6Toolbar
2010-04-24 08:27 . 2008-02-28 16:30 -------- d-----w- c:\program files\ICQToolbar
2010-04-24 08:27 . 2007-07-25 06:55 -------- d-----w- c:\program files\GameSpy Arcade
2010-04-24 08:27 . 2008-04-19 15:31 -------- d-----w- c:\program files\BaseInvaders
2010-04-24 08:27 . 2007-09-19 15:11 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-22 18:30 . 2010-04-22 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-17 19:25 . 2009-09-05 17:02 36048 ---ha-w- c:\windows\system32\mlfcache.dat
2010-04-17 19:06 . 2010-03-29 13:46 -------- d-----w- c:\program files\Common Files\BioWare
2010-04-12 15:29 . 2010-05-02 17:04 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-12 14:16 . 2010-04-12 14:14 53248 ----a-w- c:\windows\system32\apache.dll
2010-04-11 17:57 . 2007-12-18 14:24 -------- d-----w- c:\program files\Common Files\Skype
2010-04-10 13:19 . 2010-04-10 13:19 -------- d-----w- c:\program files\GSC World Publishing
2010-04-09 19:50 . 2010-04-09 19:50 -------- d-----w- c:\program files\QuickTime
2010-04-09 19:39 . 2009-09-05 17:02 -------- d-----w- c:\program files\Safari
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-03 19:26 . 2006-03-02 12:00 91826 ----a-w- c:\windows\system32\perfc005.dat
2010-04-03 19:26 . 2006-03-02 12:00 461180 ----a-w- c:\windows\system32\perfh005.dat
2010-03-29 22:46 . 2010-04-22 18:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2010-04-22 18:30 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-17 16:25 . 2009-10-23 15:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-13 14:38 . 2009-06-02 14:07 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-03-13 14:38 . 2009-06-02 14:07 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-03-07 14:03 . 2010-02-17 17:37 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-04-24_09.07.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
- 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
- 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
+ 2010-06-02 18:24 . 2010-06-02 18:24 16384 c:\windows\temp\Perflib_Perfdata_2ac.dat
+ 2010-04-29 18:49 . 2009-10-16 00:33 41472 c:\windows\system32\ReinstallBackups\0036\DriverFiles\usbaapl.sys
+ 2009-06-29 08:16 . 2010-05-09 17:04 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-06-29 08:16 . 2010-01-02 20:33 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2010-05-03 17:30 . 2009-07-22 20:39 13056 c:\windows\sporder.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ARPPRODUCTICON.exe
+ 2010-05-11 15:44 . 2010-05-11 15:44 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2010-05-03 17:31 . 2008-04-14 07:52 137216 c:\windows\system32\T.COM
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 153376 c:\windows\system32\javaws.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 145184 c:\windows\system32\javaw.exe
- 2010-04-13 14:37 . 2009-10-11 02:17 145184 c:\windows\system32\javaw.exe
- 2010-04-13 14:37 . 2009-10-11 02:17 145184 c:\windows\system32\java.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 145184 c:\windows\system32\java.exe
+ 2009-02-02 19:25 . 2009-07-30 23:01 182792 c:\windows\system32\BACKUP.16579142.mwnsp.dll
+ 2009-02-02 19:25 . 2009-07-30 22:52 543240 c:\windows\system32\BACKUP.15729528.mwtsp.dll
+ 2010-05-03 17:31 . 2008-04-14 07:52 147968 c:\windows\R.COM
+ 2009-02-02 19:25 . 2009-07-30 22:51 125448 c:\windows\killproc.exe
+ 2010-04-29 18:53 . 2010-04-29 18:53 372736 c:\windows\Installer\{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}\iTunesIco.exe
+ 2009-02-02 19:25 . 2009-07-30 22:52 237576 c:\windows\inst_tspx.exe
+ 2009-02-02 19:25 . 2009-07-30 22:52 178696 c:\windows\inst_tsp.exe
+ 2010-05-11 15:44 . 2010-05-11 15:44 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2010-04-29 18:49 . 2009-10-16 00:33 3003680 c:\windows\system32\ReinstallBackups\0036\DriverFiles\usbaaplrc.dll
+ 2009-02-02 19:25 . 2009-07-30 23:00 1124872 c:\windows\system32\BACKUP.99036044.contfilt.dll
+ 2010-04-29 18:53 . 2010-04-29 18:53 4795392 c:\windows\Installer\f2c80.msi
+ 2010-04-29 18:49 . 2010-04-29 18:49 3168768 c:\windows\Installer\f247b.msi
+ 2010-04-29 18:48 . 2010-04-29 18:48 1984000 c:\windows\Installer\f2449.msi
+ 2010-05-19 12:29 . 2010-05-19 12:29 1235968 c:\windows\Installer\a38d1.msi
- 2010-04-10 07:32 . 2010-04-10 07:32 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-23 68856]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-12-20 3037696]
"Steam"="d:\hry\call of duty modern warfare 2\steam.exe" [2010-05-09 1238352]
"Comrade.exe"="c:\program files\GameSpy\Comrade\Comrade.exe" [2009-12-11 1230752]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"GamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 380928]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 593920]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AirLive Turbo-G Wireless Utility.lnk - c:\program files\Ovislink\Common\TurboG-UI.exe [2008-7-23 626688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Mˇstnˇ vyhled v nˇ.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Hry\\Mirriror's Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\SBS.exe"=
"d:\\Hry\\Metin 2\\metin2.bin"=
"c:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Autodesk\\backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\backburner\\server.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Hry\\Metin 2\\metin2client.bin"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Patas\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"d:\\Hry\\Call of Duty WORLD AT WAR\\CoDWaWmp.exe"=
"d:\\Hry\\Call of Duty WORLD AT WAR\\CoDWaW.exe"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\r.u.s.e. beta\\Ruse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"d:\\Hry\\FlatOut Ultimate Carnage\\Fouc.exe"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8.2.2009 19:18 142592]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [14.12.2008 15:16 246520]
S2 gupdate1c9a8c4adb2496e;Služba Google Update (gupdate1c9a8c4adb2496e);c:\program files\Google\Update\GoogleUpdate.exe [19.3.2009 20:58 133104]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.10.2009 17:31 691696]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-06-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-10 12:43]
2010-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:58]
2010-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-02 20:29
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys >>UNKNOWN [0x8AA04E18]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bf28
\Driver\ACPI -> ACPI.sys @ 0xf75aecb8
\Driver\atapi -> prosync1.sys @ 0xf798f661
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1004336348-1637723038-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e1,3e,96,7c,07,ba,68,30,ef,7e,75,e5,ac,00,bd,9c,a9,c6,2c,ee,43,75,65,
18,12,2a,a9,83,4f,ea,c9,31,8e,59,5a,dc,11,5f,79,6d,a8,ac,eb,e7,ed,9b,1b,e9,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
[HKEY_USERS\S-1-5-21-1004336348-1637723038-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:a2,b9,2b,0a,b3,0b,c7,c7,28,39,e3,eb,d4,b4,4b,6f,f5,63,b2,3f,9d,
af,8a,5a,5b,c0,24,0b,07,bf,86,c9,88,67,28,38,28,e4,28,32,4a,bb,c0,a1,13,c9,\
"rkeysecu"=hex:42,9e,0f,1f,fa,b7,3f,5a,24,e3,fe,9b,2b,b3,24,a5
.
Celkový čas: 2010-06-02 20:30:23
ComboFix-quarantined-files.txt 2010-06-02 18:30
ComboFix2.txt 2010-04-24 09:08
Před spuštěním: Volných bajtů: 37 010 329 600
Po spuštění: Volných bajtů: 37 063 430 144
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 360A010300F1275939C69BF8B33CBC33
ComboFix 10-06-01.05 - Patas 02.06.2010 20:24:44.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1673 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patas\Plocha\Cokoliv.com
AV: eScan Anti-Virus (AV) Edition for Windows *On-access scanning enabled* (Updated) {E25EE26A-7512-411E-BAF6-D9AFA504A475}
FW: eScan Anti-Virus (AV) Edition for Windows *enabled* {E25EE26A-7512-411E-BAF6-D9AFA504A475}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
D:\install.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
-------\Legacy_NAECD
-------\Service_naecd
-------\Service_npggsvc
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-02 do 2010-06-02 )))))))))))))))))))))))))))))))
.
2010-05-26 17:13 . 2010-05-26 17:13 -------- d-----w- c:\documents and settings\Patas\.thumbnails
2010-05-12 15:18 . 2010-05-12 15:18 -------- d-----w- c:\program files\World of Warcraft.temp
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----r- c:\documents and settings\Administrator.PATRIK\Oblíbené položky
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Plocha
2010-05-04 13:35 . 2010-05-04 13:35 -------- d-----w- c:\documents and settings\Administrator.PATRIK\Nabídka Start
2010-05-04 13:34 . 2010-05-04 13:36 -------- d-----w- c:\documents and settings\Administrator.PATRIK
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-21 16:03 . 2009-02-08 17:18 -------- d-----w- c:\program files\Spyware Terminator
2010-05-19 12:29 . 2007-12-09 15:26 -------- d-----w- c:\program files\Google
2010-05-16 13:11 . 2010-02-14 08:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-04 14:49 . 2009-06-07 07:29 -------- d-----w- c:\program files\DivX
2010-05-04 14:49 . 2008-01-25 17:11 -------- d-----w- c:\program files\Windows Media Connect 2
2010-05-04 13:26 . 2007-07-24 15:45 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-03 18:09 . 2010-05-03 17:30 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-05-03 17:45 . 2009-02-02 19:25 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-05-03 17:45 . 2009-02-02 19:25 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-05-03 17:45 . 2009-02-02 19:25 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-05-02 17:04 . 2008-01-11 17:29 -------- d-----w- c:\program files\Common Files\Java
2010-05-02 17:04 . 2008-01-11 17:31 -------- d-----w- c:\program files\Java
2010-04-29 18:52 . 2009-12-23 19:31 -------- d-----w- c:\program files\iTunes
2010-04-29 18:52 . 2010-04-29 18:52 -------- d-----w- c:\program files\iPod
2010-04-29 18:52 . 2009-12-23 19:26 -------- d-----w- c:\program files\Common Files\Apple
2010-04-29 18:48 . 2010-04-29 18:48 -------- d-----w- c:\program files\Bonjour
2010-04-27 19:09 . 2010-04-27 19:08 -------- d-----w- c:\program files\trend micro
2010-04-24 08:42 . 2010-04-24 08:42 -------- d-----w- c:\program files\CCleaner
2010-04-24 08:27 . 2009-11-02 16:55 -------- d-----w- c:\program files\UltiDev
2010-04-24 08:27 . 2008-12-14 13:16 -------- d-----w- c:\program files\ICQ6Toolbar
2010-04-24 08:27 . 2008-02-28 16:30 -------- d-----w- c:\program files\ICQToolbar
2010-04-24 08:27 . 2007-07-25 06:55 -------- d-----w- c:\program files\GameSpy Arcade
2010-04-24 08:27 . 2008-04-19 15:31 -------- d-----w- c:\program files\BaseInvaders
2010-04-24 08:27 . 2007-09-19 15:11 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-22 18:30 . 2010-04-22 18:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-17 19:25 . 2009-09-05 17:02 36048 ---ha-w- c:\windows\system32\mlfcache.dat
2010-04-17 19:06 . 2010-03-29 13:46 -------- d-----w- c:\program files\Common Files\BioWare
2010-04-12 15:29 . 2010-05-02 17:04 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-12 14:16 . 2010-04-12 14:14 53248 ----a-w- c:\windows\system32\apache.dll
2010-04-11 17:57 . 2007-12-18 14:24 -------- d-----w- c:\program files\Common Files\Skype
2010-04-10 13:19 . 2010-04-10 13:19 -------- d-----w- c:\program files\GSC World Publishing
2010-04-09 19:50 . 2010-04-09 19:50 -------- d-----w- c:\program files\QuickTime
2010-04-09 19:39 . 2009-09-05 17:02 -------- d-----w- c:\program files\Safari
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-03 19:26 . 2006-03-02 12:00 91826 ----a-w- c:\windows\system32\perfc005.dat
2010-04-03 19:26 . 2006-03-02 12:00 461180 ----a-w- c:\windows\system32\perfh005.dat
2010-03-29 22:46 . 2010-04-22 18:30 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2010-04-22 18:30 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-17 16:25 . 2009-10-23 15:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-13 14:38 . 2009-06-02 14:07 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-03-13 14:38 . 2009-06-02 14:07 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-03-07 14:03 . 2010-02-17 17:37 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-04-24_09.07.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
- 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
- 2007-11-06 21:51 . 2007-11-06 21:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
+ 2010-06-02 18:24 . 2010-06-02 18:24 16384 c:\windows\temp\Perflib_Perfdata_2ac.dat
+ 2010-04-29 18:49 . 2009-10-16 00:33 41472 c:\windows\system32\ReinstallBackups\0036\DriverFiles\usbaapl.sys
+ 2009-06-29 08:16 . 2010-05-09 17:04 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
- 2009-06-29 08:16 . 2010-01-02 20:33 84507 c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2010-05-03 17:30 . 2009-07-22 20:39 13056 c:\windows\sporder.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2010-05-19 12:29 . 2010-05-19 12:29 25214 c:\windows\Installer\{F7B0939E-58DF-11DF-B3A6-005056806466}\ARPPRODUCTICON.exe
+ 2010-05-11 15:44 . 2010-05-11 15:44 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2010-05-03 17:31 . 2008-04-14 07:52 137216 c:\windows\system32\T.COM
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\system32\Macromed\Flash\FlashUtil10e.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 153376 c:\windows\system32\javaws.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 145184 c:\windows\system32\javaw.exe
- 2010-04-13 14:37 . 2009-10-11 02:17 145184 c:\windows\system32\javaw.exe
- 2010-04-13 14:37 . 2009-10-11 02:17 145184 c:\windows\system32\java.exe
+ 2010-05-02 17:04 . 2010-04-12 15:29 145184 c:\windows\system32\java.exe
+ 2009-02-02 19:25 . 2009-07-30 23:01 182792 c:\windows\system32\BACKUP.16579142.mwnsp.dll
+ 2009-02-02 19:25 . 2009-07-30 22:52 543240 c:\windows\system32\BACKUP.15729528.mwtsp.dll
+ 2010-05-03 17:31 . 2008-04-14 07:52 147968 c:\windows\R.COM
+ 2009-02-02 19:25 . 2009-07-30 22:51 125448 c:\windows\killproc.exe
+ 2010-04-29 18:53 . 2010-04-29 18:53 372736 c:\windows\Installer\{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}\iTunesIco.exe
+ 2009-02-02 19:25 . 2009-07-30 22:52 237576 c:\windows\inst_tspx.exe
+ 2009-02-02 19:25 . 2009-07-30 22:52 178696 c:\windows\inst_tsp.exe
+ 2010-05-11 15:44 . 2010-05-11 15:44 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
- 2007-11-07 00:19 . 2007-11-07 00:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2010-04-29 18:49 . 2009-10-16 00:33 3003680 c:\windows\system32\ReinstallBackups\0036\DriverFiles\usbaaplrc.dll
+ 2009-02-02 19:25 . 2009-07-30 23:00 1124872 c:\windows\system32\BACKUP.99036044.contfilt.dll
+ 2010-04-29 18:53 . 2010-04-29 18:53 4795392 c:\windows\Installer\f2c80.msi
+ 2010-04-29 18:49 . 2010-04-29 18:49 3168768 c:\windows\Installer\f247b.msi
+ 2010-04-29 18:48 . 2010-04-29 18:48 1984000 c:\windows\Installer\f2449.msi
+ 2010-05-19 12:29 . 2010-05-19 12:29 1235968 c:\windows\Installer\a38d1.msi
- 2010-04-10 07:32 . 2010-04-10 07:32 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-05-11 15:44 . 2010-05-11 15:44 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-04-10 07:32 . 2010-04-10 07:32 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-23 68856]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-12-20 3037696]
"Steam"="d:\hry\call of duty modern warfare 2\steam.exe" [2010-05-09 1238352]
"Comrade.exe"="c:\program files\GameSpy\Comrade\Comrade.exe" [2009-12-11 1230752]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"GamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-02-14 380928]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 593920]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"snpstd"="c:\windows\vsnpstd.exe" [2005-10-11 339968]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-08-12 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users.WINDOWS\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AirLive Turbo-G Wireless Utility.lnk - c:\program files\Ovislink\Common\TurboG-UI.exe [2008-7-23 626688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Mˇstnˇ vyhled v nˇ.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Hry\\Mirriror's Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\SBS.exe"=
"d:\\Hry\\Metin 2\\metin2.bin"=
"c:\\Program Files\\GameSpy\\Comrade\\Comrade.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Autodesk\\backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\backburner\\server.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Hry\\Metin 2\\metin2client.bin"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Patas\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"d:\\Hry\\Call of Duty WORLD AT WAR\\CoDWaWmp.exe"=
"d:\\Hry\\Call of Duty WORLD AT WAR\\CoDWaW.exe"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\r.u.s.e. beta\\Ruse.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"d:\\Hry\\FlatOut Ultimate Carnage\\Fouc.exe"=
"d:\\Hry\\Call of Duty MODERN WARFARE 2\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [8.2.2009 19:18 142592]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [14.12.2008 15:16 246520]
S2 gupdate1c9a8c4adb2496e;Služba Google Update (gupdate1c9a8c4adb2496e);c:\program files\Google\Update\GoogleUpdate.exe [19.3.2009 20:58 133104]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.10.2009 17:31 691696]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-06-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-10 12:43]
2010-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:58]
2010-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-02 20:29
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys >>UNKNOWN [0x8AA04E18]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bf28
\Driver\ACPI -> ACPI.sys @ 0xf75aecb8
\Driver\atapi -> prosync1.sys @ 0xf798f661
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e668e
ParseProcedure -> ntoskrnl.exe @ 0x8057b6b1
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1004336348-1637723038-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e1,3e,96,7c,07,ba,68,30,ef,7e,75,e5,ac,00,bd,9c,a9,c6,2c,ee,43,75,65,
18,12,2a,a9,83,4f,ea,c9,31,8e,59,5a,dc,11,5f,79,6d,a8,ac,eb,e7,ed,9b,1b,e9,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
[HKEY_USERS\S-1-5-21-1004336348-1637723038-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:a2,b9,2b,0a,b3,0b,c7,c7,28,39,e3,eb,d4,b4,4b,6f,f5,63,b2,3f,9d,
af,8a,5a,5b,c0,24,0b,07,bf,86,c9,88,67,28,38,28,e4,28,32,4a,bb,c0,a1,13,c9,\
"rkeysecu"=hex:42,9e,0f,1f,fa,b7,3f,5a,24,e3,fe,9b,2b,b3,24,a5
.
Celkový čas: 2010-06-02 20:30:23
ComboFix-quarantined-files.txt 2010-06-02 18:30
ComboFix2.txt 2010-04-24 09:08
Před spuštěním: Volných bajtů: 37 010 329 600
Po spuštění: Volných bajtů: 37 063 430 144
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 360A010300F1275939C69BF8B33CBC33
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Jak to ted vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Vše při starém až na to, že zprvu se mě zdám počítač rychlejší ale pak se rapidně zpomalil... to trvá až to teď.
Re: Pomalé Pc mizení ikonek na liště a blokování aktualizací
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?