========== Files Created - No Company Name ==========
[2010.12.27 23:42:37 | 000,000,483 | ---- | C] () -- C:\Documents and Settings\Peter\Dokumenty\Zástupce - ComboFix.exe.lnk
[2010.12.25 16:56:01 | 000,001,307 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\MyBookWorld (172.16.0.5).lnk
[2010.12.24 13:59:28 | 000,054,141 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Vianoce.jpg
[2010.12.24 13:46:35 | 000,043,048 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\20835.jpg
[2010.12.22 10:41:51 | 000,517,854 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\quadriga.pdf
[2010.12.21 20:08:08 | 009,897,736 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\f1e4a985aa36225d4f52e0010cde3013[1].mp4
[2010.12.16 10:06:48 | 002,432,680 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\TSSL.pdf
[2010.12.13 21:11:39 | 000,001,200 | ---- | C] () -- C:\WINDOWS\System32\rzeksfsp.dat
[2010.12.11 19:04:22 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Hard Disk Low Level Format Tool.lnk
[2010.12.02 13:02:02 | 000,008,827 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\SPAM_____ Re_ cauko.zip
[2010.11.29 22:11:53 | 001,633,167 | ---- | C] () -- C:\Documents and Settings\Peter\Dokumenty\sľuk.mp4
[2010.11.29 21:52:45 | 067,076,118 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\SLUK__Najkrajsie_slovenske_ludove_piesne.zip
[2010.11.27 10:35:42 | 000,947,755 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\OTP.pdf
[2010.11.26 10:25:19 | 002,495,105 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\LGACSELE.ppt
[2010.11.26 10:25:19 | 001,536,000 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\LG AC SELECTOR MULTI F DX.xls
[2010.11.24 22:23:49 | 000,001,082 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\b.bmp
[2010.11.22 21:15:49 | 001,354,457 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\dm2.pdf
[2010.11.22 21:14:04 | 000,694,407 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\dm1.pdf
[2010.11.18 23:56:21 | 001,447,924 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\majka1.pdf
[2010.11.18 23:56:21 | 001,390,236 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\majka0.pdf
[2010.11.18 23:56:21 | 001,194,049 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\majka3.pdf
[2010.11.18 23:56:21 | 001,101,952 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\majka2.pdf
[2010.11.13 02:41:27 | 015,167,442 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\mecar.exe
[2010.11.08 14:27:02 | 000,709,277 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\21102010374.jpg
[2010.11.03 01:13:47 | 011,593,131 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\4779-705013.pdf
[2010.11.03 00:47:07 | 000,000,650 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\RegCleaner.lnk
[2010.11.02 22:05:28 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.11.02 22:05:28 | 000,005,672 | ---- | C] () -- C:\WINDOWS\System32\quartz.vxd
[2010.11.02 22:04:44 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_setup.ini
[2010.11.02 21:15:40 | 000,237,568 | R--- | C] () -- C:\WINDOWS\System32\qtmlClient.dll
[2010.11.02 21:15:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BFXSrcFilter.ax
[2010.11.02 21:15:40 | 000,002,145 | ---- | C] () -- C:\WINDOWS\Graffiti5.2Pin.ini
[2010.11.02 21:10:46 | 000,000,902 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Pinnacle Studio 12.lnk
[2010.11.02 21:04:53 | 000,000,349 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2010.10.26 00:26:16 | 000,000,685 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\NSS.lnk
[2010.10.26 00:14:44 | 000,001,768 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nokia PC Suite.lnk
[2010.10.25 23:47:43 | 000,001,860 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Nokia Software Updater.lnk
[2010.10.25 23:46:06 | 036,732,728 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\NokiaSoftwareUpdaterSetup_SK.exe
[2010.10.24 00:54:13 | 000,000,039 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Default.PLS
[2010.10.19 12:46:14 | 000,861,966 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Neurlg.pdf
[2010.10.19 12:44:04 | 000,716,844 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\CT.pdf
[2010.10.10 15:46:34 | 000,593,894 | ---- | C] () -- C:\Documents and Settings\Peter\Dokumenty\VZT_PRIZEMIE_020910-Model.pdf
[2010.10.05 21:42:33 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Sygic Assistant.lnk
[2010.10.04 18:21:37 | 008,808,947 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\VZT_PRIZEMIE_020910-Model1.psd
[2010.10.01 09:27:25 | 001,448,347 | ---- | C] () -- C:\Documents and Settings\Peter\Dokumenty\Tatramat290910.pdf
[2010.09.27 12:07:53 | 000,001,920 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Earth.lnk
[2010.09.24 19:48:58 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\DVD Shrink 3.2.lnk
[2010.09.18 18:22:44 | 000,000,443 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\MyBookWorld (172.16.0.8).lnk
[2010.09.17 18:06:03 | 000,000,846 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\WD Discovery.lnk
[2010.09.06 22:16:11 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.09.06 22:16:06 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_09_00.Wdf
[2010.07.29 22:51:57 | 013,150,378 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\IMG_6717.tif
[2010.07.28 00:01:13 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.07.27 23:19:32 | 003,998,686 | R--- | C] () -- C:\ComboFix.exe
[2010.07.25 15:32:13 | 001,869,090 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\interaudit_TO.pdf
[2010.07.23 12:51:31 | 000,053,760 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\ZoDLogis.doc
[2010.07.15 10:34:41 | 000,094,797 | ---- | C] () -- C:\Documents and Settings\Peter\Dokumenty\Logis15071.pdf
[2010.07.04 19:50:15 | 004,403,479 | ---- | C] () -- C:\Documents and Settings\Peter\Plocha\Rapget.RS_Public_v1.0.9.0_cz.exe
[2009.12.27 19:41:08 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.03.14 17:23:04 | 000,004,533 | ---- | C] () -- C:\WINDOWS\comsoft3.ini
[2009.01.10 23:54:19 | 000,000,137 | ---- | C] () -- C:\WINDOWS\canopus.ini
[2009.01.10 23:32:21 | 000,001,536 | ---- | C] () -- C:\WINDOWS\System32\pavedius.dll
[2009.01.10 23:32:21 | 000,001,024 | ---- | C] () -- C:\WINDOWS\System32\pavplal.dll
[2008.11.23 15:47:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2008.11.08 21:32:27 | 000,003,399 | ---- | C] () -- C:\WINDOWS\SETUPACT.INI
[2008.11.03 20:21:04 | 000,000,108 | ---- | C] () -- C:\WINDOWS\WFT-E2Utility.INI
[2008.09.27 21:34:58 | 000,000,598 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.08.05 19:13:34 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2008.05.03 19:14:05 | 000,000,235 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2008.04.06 17:56:01 | 000,000,737 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2008.04.06 17:53:53 | 000,000,855 | ---- | C] () -- C:\WINDOWS\WINCMD.INI
[2008.03.25 21:45:17 | 000,003,732 | ---- | C] () -- C:\WINDOWS\wtran32.INI
[2008.03.21 22:02:26 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008.03.21 22:02:26 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008.03.21 22:02:26 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008.03.21 22:02:26 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008.03.21 22:02:26 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008.03.21 21:38:13 | 000,000,541 | ---- | C] () -- C:\WINDOWS\webtran4.INI
[2008.03.21 21:24:20 | 000,000,088 | ---- | C] () -- C:\WINDOWS\STXKBD32.INI
[2008.03.15 21:04:46 | 000,038,442 | ---- | C] () -- C:\Documents and Settings\Peter\Data aplikací\Microsoft Access.ADR
[2008.03.15 21:02:48 | 000,038,460 | ---- | C] () -- C:\Documents and Settings\Peter\Data aplikací\Hodnoty oddělené tabulátorem (Windows).ADR
[2008.03.10 00:48:40 | 000,000,015 | ---- | C] () -- C:\WINDOWS\jafcd.ini
[2008.02.08 18:13:44 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\LS3Renderer.dll
[2008.01.27 17:36:42 | 000,000,186 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2008.01.27 17:36:05 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007.12.15 19:50:00 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007.12.02 14:23:20 | 000,000,101 | ---- | C] () -- C:\WINDOWS\PSXLPR.INI
[2007.12.02 14:23:19 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\Bot.dll
[2007.11.13 22:48:57 | 000,004,733 | ---- | C] () -- C:\WINDOWS\wdict32.INI
[2007.09.21 15:23:58 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\RTClientSDK71.dll
[2007.09.21 15:23:58 | 000,001,147 | ---- | C] () -- C:\WINDOWS\System32\IPCamera.ini
[2007.08.22 23:27:29 | 000,000,277 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2007.07.24 20:59:14 | 000,000,229 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.06.29 15:07:35 | 000,000,799 | ---- | C] () -- C:\WINDOWS\electrolux.ini
[2007.06.03 19:32:13 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Peter\Data aplikací\$_hpcst$.hpc
[2007.06.03 17:26:36 | 000,000,376 | ---- | C] () -- C:\WINDOWS\settings.ini
[2007.06.03 16:49:21 | 000,000,744 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.05.19 21:41:49 | 000,231,936 | ---- | C] () -- C:\Documents and Settings\Peter\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.05.18 16:43:58 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007.05.18 16:43:58 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007.04.29 09:36:34 | 000,000,139 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2007.04.28 15:55:58 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.04.28 14:28:40 | 000,003,485 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007.04.28 14:28:37 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007.04.28 14:25:29 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\memtest.dll
[2007.04.28 14:25:28 | 000,037,880 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2007.04.28 14:25:28 | 000,037,880 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2007.04.28 14:25:14 | 000,004,385 | ---- | C] () -- C:\WINDOWS\System32\drivers\Stdsys.SYS
[2007.01.26 03:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll
[2007.01.26 03:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll
[2006.10.22 12:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.10.22 12:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.10.22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.10.22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.10.22 12:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.10.22 12:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.10.22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.04.22 15:17:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\AVSClientSDK45.dll
[2003.09.30 11:47:38 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2003.09.30 11:47:38 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2003.09.30 11:47:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2003.09.30 11:47:38 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.16 14:00:00 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010.02.17 23:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avigilon
[2009.05.13 18:47:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2009.05.13 19:59:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2007.11.27 18:29:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2010.01.02 15:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\espionServerData
[2008.01.10 16:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Grisoft
[2010.10.26 00:12:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2007.10.03 18:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\muvee Technologies
[2010.10.25 23:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.10.25 21:46:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2007.11.27 18:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.11.02 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.11.02 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.11.02 21:12:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.02.01 19:13:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.11.02 21:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 12
[2008.01.06 23:26:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.02.21 17:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2008.02.05 19:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\PC Suite
[2008.02.05 19:18:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Složka odesílání Share-to-Web
[2010.02.17 23:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Avigilon
[2008.11.08 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Babylon
[2008.10.08 22:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Canon
[2009.01.10 23:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Canopus
[2009.10.27 00:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\GARMIN
[2009.07.18 17:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Graphisoft
[2007.04.29 10:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\InterTrust
[2009.11.24 23:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\MRP
[2007.10.04 01:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\muvee Technologies
[2010.10.26 00:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Nokia
[2008.09.15 19:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Opera
[2010.12.27 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\PC Suite
[2010.11.02 21:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\proDAD
[2010.02.01 19:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Publish Providers
[2009.03.18 09:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\select
[2007.06.24 11:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Složka odesílání Share-to-Web
[2007.11.05 12:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Software602
[2010.02.01 19:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Sony
[2008.11.28 22:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Thinstall
[2009.01.02 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Ulead Systems
[2010.09.24 20:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\WD
[2009.03.29 18:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\peter1\Data aplikací\PC Suite
[2010.12.27 23:44:56 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{CCA8FD82-364E-43D1-9724-9942B392C758}.job
========== Purity Check ==========
========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"H/PC Connection Agent" = "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" -- [2006.11.13 16:50:20 | 001,289,000 | ---- | M] (Microsoft Corporation)
"Creative Live! Cam Manager" = C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe -- [2007.05.02 10:30:20 | 000,151,552 | ---- | M] (Creative Technology Ltd.)
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2010.05.14 10:32:30 | 001,479,680 | ---- | M] (Nokia)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =
< c:\windows\*.* /U >
[10 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2010.12.27 23:35:10 | 003,998,686 | R--- | M] () -- C:\ComboFix.exe
[2007.11.20 23:34:08 | 005,168,831 | ---- | M] () -- C:\smac20_setup.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.11.16 19:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Adobe
[2007.09.16 17:33:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Ahead
[2008.06.16 22:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Apple Computer
[2010.11.03 00:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\ArcSoft
[2010.02.17 23:39:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Avigilon
[2008.11.08 22:09:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Babylon
[2008.10.08 22:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Canon
[2009.01.10 23:47:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Canopus
[2008.10.14 22:42:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Creative
[2010.04.07 22:40:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Download Manager
[2009.10.01 20:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\FastStone
[2009.10.27 00:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\GARMIN
[2007.07.08 23:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Google
[2009.07.18 17:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Graphisoft
[2007.05.22 09:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Help
[2007.04.28 14:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Identities
[2008.03.23 14:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\InstallShield
[2010.02.26 19:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Intelli-studio
[2007.04.29 10:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\InterTrust
[2008.02.14 00:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Lavasoft
[2007.04.29 09:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Macromedia
[2010.07.28 00:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Malwarebytes
[2009.10.20 22:47:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Peter\Data aplikací\Microsoft
[2009.03.04 21:01:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Mozilla
[2009.11.24 23:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\MRP
[2007.10.04 01:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\muvee Technologies
[2009.04.22 20:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Nero
[2010.09.18 17:50:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\NeroDigital(TM)
[2010.10.26 00:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Nokia
[2008.09.15 19:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Opera
[2010.12.27 18:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\PC Suite
[2010.11.02 21:16:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\proDAD
[2010.02.01 19:13:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Publish Providers
[2009.03.18 09:39:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\select
[2007.06.24 11:27:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Složka odesílání Share-to-Web
[2007.11.05 12:44:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Software602
[2010.02.01 19:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Sony
[2009.06.18 13:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Sun
[2008.02.12 23:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Symantec
[2008.11.28 22:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Thinstall
[2009.01.02 00:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\Ulead Systems
[2010.09.24 20:37:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\WD
[2009.09.05 14:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\WinRAR
[2008.10.09 16:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Peter\Data aplikací\ZoomBrowser EX
< %APPDATA%\*.exe /s >
[2008.11.23 17:05:04 | 017,732,895 | ---- | M] (Arcsoft ) -- C:\Documents and Settings\Peter\Data aplikací\ArcSoft\Video Impression\2. 0\VI2_Update_2.0.0.22_2.0.0.78_E.exe
[2008.03.28 00:14:16 | 000,003,638 | R--- | M] () -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{33359986-DD66-44E1-A709-D1FA943B014F}\_0A3C0C09C850366E910CA7.exe
[2008.03.28 00:14:16 | 000,003,638 | R--- | M] () -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{33359986-DD66-44E1-A709-D1FA943B014F}\_4337C2151BC3851DD530CB.exe
[2008.03.28 00:14:16 | 000,003,638 | R--- | M] () -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{33359986-DD66-44E1-A709-D1FA943B014F}\_6FEFF9B68218417F98F549.exe
[2010.11.02 21:12:45 | 000,029,926 | R--- | M] () -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{5EB90C06-964F-4195-B83E-BD7E55C88415}\ARPPRODUCTICON.exe
[2010.11.02 21:10:54 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_AMCap.exe
[2010.11.02 21:10:54 | 000,049,152 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Check3D.exe
[2010.11.02 21:10:55 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ContentTransfer.exe
[2010.11.02 21:10:55 | 000,434,176 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_GuidedTour.exe
[2010.11.02 21:10:55 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Help_HH.exe
[2010.11.02 21:10:55 | 000,065,536 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ReadMe.exe
[2010.11.02 21:10:54 | 000,069,632 | R--- | M] (Macrovision Corporation) -- C:\Documents and Settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe
< MD5 for: AGP440.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\ReinstallBackups\0034\DriverFiles\i386\AGP440.SYS
[2003.04.16 14:00:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:atapi.sys
[2003.04.16 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0026\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0031\DriverFiles\i386\atapi.sys
[1996.09.17 01:00:00 | 000,014,208 | ---- | M] (Microsoft Corporation) MD5=A5C43F72AA6FCC9080504FCD39465DA4 -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Atapi.sys
< MD5 for: CDROM.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2003.04.16 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2003.04.16 14:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[1996.09.17 01:00:00 | 000,045,776 | ---- | M] (Microsoft Corporation) MD5=DA8297BCC3E0D8F7A42DAA2240AA14DB -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Eventlog.dll
[2003.04.16 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2003.04.16 14:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
< MD5 for: HAL.DLL >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:hal.dll
[1996.09.17 01:00:00 | 000,049,296 | ---- | M] (Microsoft Corporation) MD5=0C67548274C591CDF7313340CD6ECF9F -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Hal.dll
[2003.04.16 14:00:00 | 000,129,920 | ---- | M] (Microsoft Corporation) MD5=308709E92843DFF3A5CDCA069F6F5C61 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\hal.dll
< MD5 for: CHANGER.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\changer.sys
< MD5 for: IASTOR.SYS >
[2007.03.21 21:58:56 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Install\Počítače\DUSAN_PC\7.5.0.1017\32bit\iastor.sys
[2007.03.21 21:59:30 | 000,381,720 | ---- | M] (Intel Corporation) MD5=9D7ED4275702E2FC409F2CC563245740 -- C:\Install\Počítače\DUSAN_PC\7.5.0.1017\64bit\IaStor.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.07.29 00:33:23 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sp3.cab:isapnp.sys
[2003.04.16 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0025\DriverFiles\i386\isapnp.sys
< MD5 for: LSASS.EXE >
[1996.09.17 01:00:00 | 000,006,960 | ---- | M] (Microsoft Corporation) MD5=0A2A65B3165965BB1B7AAA360B03A10A -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Lsass.exe
[2003.04.16 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2003.04.16 14:00:00 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[1996.09.17 01:00:00 | 000,089,616 | ---- | M] (Microsoft Corporation) MD5=3EE20762D9FE31A0BD219991B61969CA -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Ndis.sys
< MD5 for: NETLOGON.DLL >
[1996.09.17 01:00:00 | 000,150,064 | ---- | M] (Microsoft Corporation) MD5=A9EE1BBA71C41613F5833F7375D38232 -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[2003.04.16 14:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2003.04.16 14:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2003.04.16 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[1996.09.17 01:00:00 | 000,037,328 | ---- | M] (Microsoft Corporation) MD5=B473F5311FC0056FDBAE613E2226B42F -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Smss.exe
< MD5 for: SVCHOST.EXE >
[2003.04.16 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2003.04.16 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[1996.09.17 01:00:00 | 000,123,264 | ---- | M] (Microsoft Corporation) MD5=B0925178A046228F1356D7151F9DA2BC -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[1996.09.17 01:00:00 | 000,015,984 | ---- | M] (Microsoft Corporation) MD5=39E9464F9D0536FB01C1CFFE43CD5EEA -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2003.04.16 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VAXSCSI.SYS >
[2009.02.21 17:21:26 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys
< MD5 for: VIAMRAID.SYS >
[2007.03.19 16:18:12 | 000,104,064 | ---- | M] (VIA Technologies inc,.ltd) MD5=85E9421C8A99D1291B43B9B59A669AC3 -- C:\WINDOWS\system32\drivers\viamraid.sys
< MD5 for: WINLOGON.EXE >
[1996.09.17 01:00:00 | 000,169,504 | ---- | M] (Microsoft Corporation) MD5=6AE8F0E6FB65E51DFACA46F9E90879D5 -- C:\Install\ACAD1\MECHSOFT PROFI 6.14\SP5NT351\Winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2003.04.16 14:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
< MD5 for: WS2_32.DLL >
[2003.04.16 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.09.14 22:08:47 | 000,524,288 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008.09.14 19:57:31 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2008.09.14 22:08:47 | 031,195,136 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008.09.14 22:08:47 | 008,912,896 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2008.04.14 08:51:50 | 001,384,479 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< %systemroot%\system32\drivers\*.sys /3 >
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010.11.02 17:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2010.08.26 15:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys
< %systemroot%\system32\*.* /3 >
[2010.11.06 02:25:02 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advpack.dll
[2010.11.02 22:05:35 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2010.10.28 15:09:00 | 000,290,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\atmfd.dll
[2010.08.23 18:12:35 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
[2010.11.06 02:25:02 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\corpol.dll
[2010.11.06 02:25:02 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtmsft.dll
[2010.11.06 02:25:02 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtrans.dll
[2010.11.06 02:25:03 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\extmgr.dll
[2010.12.17 04:22:32 | 002,399,048 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2010.11.03 14:25:53 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\html.iec
[2010.11.06 02:25:03 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icardie.dll
[2010.11.03 14:24:55 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ie4uinit.exe
[2010.11.06 02:25:03 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieakeng.dll
[2010.11.06 02:25:03 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieaksie.dll
[2010.10.18 13:06:11 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieakui.dll
[2010.11.06 02:25:03 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieapfltr.dll
[2010.11.06 02:25:03 | 000,384,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iedkcs32.dll
[2010.11.06 02:25:03 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieencode.dll
[2010.11.06 02:25:03 | 006,075,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
[2010.11.06 02:25:03 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iepeers.dll
[2010.11.06 02:25:03 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iernonce.dll
[2010.11.06 02:25:03 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
[2010.11.03 14:24:56 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieudinit.exe
[2010.11.06 02:25:03 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetcpl.cpl
[2010.11.18 20:15:47 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\isign32.dll
[2010.11.06 02:25:03 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
[2010.09.18 08:53:37 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc40.dll
[2010.09.18 08:53:37 | 000,953,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc40u.dll
[2010.09.18 08:53:37 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
[2010.09.18 12:23:38 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
[2010.12.17 04:01:26 | 037,366,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2010.11.06 02:25:03 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeeds.dll
[2010.11.06 02:25:03 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedsbs.dll
[2010.11.06 02:25:04 | 003,604,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtml.dll
[2010.11.06 02:25:04 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtmled.dll
[2010.11.06 02:25:04 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msrating.dll
[2010.11.06 02:25:04 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstime.dll
[2010.11.02 22:05:35 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2010.11.06 02:25:04 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\occache.dll
[2010.12.11 15:34:11 | 000,104,306 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2010.12.11 15:34:11 | 000,093,370 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2010.12.11 15:34:11 | 000,498,154 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2010.12.11 15:34:11 | 000,501,488 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2010.12.11 15:34:11 | 001,213,216 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2010.11.06 02:25:04 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pngfilt.dll
[2010.07.27 23:30:36 | 000,000,202 | ---- | M] () -- C:\WINDOWS\system32\PSLOG
[2010.08.16 10:45:05 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
[2010.12.15 18:28:20 | 000,001,200 | ---- | M] () -- C:\WINDOWS\system32\rzeksfsp.dat
[2010.07.27 08:30:31 | 008,466,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
[2010.08.27 07:54:10 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
[2010.08.27 10:03:42 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\t2embed.dll
[2010.11.03 15:12:40 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tzchange.exe
[2010.12.17 04:05:25 | 000,842,762 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2010.11.06 02:25:04 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\url.dll
[2010.11.06 02:25:04 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
[2010.11.02 22:05:26 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w95inf16.dll
[2010.11.02 22:05:26 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w95inf32.dll
[2010.11.06 02:25:04 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
[2010.10.26 15:58:35 | 001,853,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2010.11.06 02:25:04 | 000,832,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
[2010.08.25 23:36:02 | 010,841,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmp.dll
[2010.07.27 23:30:56 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2010.08.27 03:43:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp4res.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< >
< >
========== Files - Unicode (All) ==========
[2010.10.25 21:55:14 | 000,000,000 | ---D | M](C:\Documents and Settings\Peter\Data aplikac?) -- C:\Documents and Settings\Peter\Data aplikac�
[2010.10.25 21:55:14 | 000,000,000 | ---D | C](C:\Documents and Settings\Peter\Data aplikac?) -- C:\Documents and Settings\Peter\Data aplikac�
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
< End of report >
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
dotaz
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: dotaz
Tento soubor znáte?
C:\Documents and Settings\Peter\Plocha\mecar.exe
V lozích nic nevidím, co ted počítač?
C:\Documents and Settings\Peter\Plocha\mecar.exe
V lozích nic nevidím, co ted počítač?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dotaz
Automatická kontrola: dokončeno před 45 min. (události: 4, objekty: 873003, čas: 04:51:50)
28.7.2010 16:24:57 Úloha byla spuštěna
28.7.2010 20:29:47 Zjištěno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe
28.7.2010 20:29:47 Neošetřeno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe Zápis není podporován
28.7.2010 21:16:48 Úloha byla dokončena
28.7.2010 16:24:57 Úloha byla spuštěna
28.7.2010 20:29:47 Zjištěno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe
28.7.2010 20:29:47 Neošetřeno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe Zápis není podporován
28.7.2010 21:16:48 Úloha byla dokončena
Re: dotaz
Počkejte, ted nechápu. Z a chvilku ještě něco domažeme, ted odbíhám od pc.
Ano, restartujte počítač a vyzkoušejte ho.
Ano, restartujte počítač a vyzkoušejte ho.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dotaz
já bych tu měla tak do 11 večer být 
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dotaz
ak ste este tam tak.. vyrazne sa to polepsilo uz vidim aj prave ikony aj ked ten start je ozaj pomaly niekedy to vyzera ako keby to cele zamrzlo ziadne presipacky no je to pomale ale zas na druhej strane musim povedat ze som nerobil ziadnu udrzbu za poslednu dobu a mam tu nahratych vela aplikacii ktore uz ani nepotrebujem.s tym si poradim .len nechapem ten prudky vypadok vsetkeho .este som nic podobne nezazil.nemozem si dovolit preinstalovat vsetko na novo vzdy ked je to neunosne kupim novy (a doterz vecsi disk )na ktory nahrám novy system a postupne si vsetko prenesiem casom ale teraz som uz myslel ze mi zostanu len tie zálohy.
este som videl cez chkdsk nejake chyby to spravim zajtra a dam vediet.inak dakujem za rady . ja som skôr HW ako SW obrazne zapajkujem nozicku na procesore ale SW uz nie je pre mna.ak vas napada este coho by som sa mal zbavit budem rad.P
este som videl cez chkdsk nejake chyby to spravim zajtra a dam vediet.inak dakujem za rady . ja som skôr HW ako SW obrazne zapajkujem nozicku na procesore ale SW uz nie je pre mna.ak vas napada este coho by som sa mal zbavit budem rad.P
Re: dotaz
Mrkneme i na disk Proč nemáte disk rozdělený na data a systém? Pak by pro Vás byl reinstal jednou za čas snažší
Spustte OTL
-do bílého okna dole skopírujte tento skript:
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Udělejte kontrolu disku.
http://www.slunecnice.cz/sw/crystaldiskinfo/
- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Proč nemáte disk rozdělený na data a systém? Pak by pro Vás byl reinstal jednou za čas snažší Spustte OTL-do bílého okna dole skopírujte tento skript:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
O3 - HKU\S-1-5-21-746137067-299502267-682003330-1003\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\WINDOWS\system32\rzeksfsp.dat
C:\WINDOWS\jafcd.ini
commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]-Následně se pc restartuje.
- Log vložte zde
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Udělejte kontrolu disku. http://www.slunecnice.cz/sw/crystaldiskinfo/- spusťte ho a v nabídce zvolte Kopírovat.
-Data ze schránky sem pak vložte pomocí Ctrl+V
-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dotaz
dobry vecer. dostal som sa sem ako tak cez stary notebok .pisal som ze mi to chodi ako tak ale potom mi avp hlasil sustavne problemi tak som vytiahol disk a dal do druheho pc a presiel ho avp aj avast ponachadzali malwere ktore aj pomazali ked som to cele vratil naspat do povodneho pc tak sa dostanem kusok na logo microsoftu a potom to cele spadne .do safe to ide.medzi tym mi na den a pol padol net od providera teraz cez to skusam novu instalaciu xp ale asi to nepojde lebo nemoze citat urcite kniznice zrejme je ten vir uz trosku dalej.viem si predstavit toho cloveka co pise taketo programi ako ho hryziem do krku.ak tu zajtra budete a budete mat na mna este chut tak snat volaco stym vykoname .ja musim este pohladat do tohoto kramu slovencinu alebo cestinu lebo co je oficialne od microsoftu to mi nepodporuje prave tuto verziu
Re: dotaz
Opravu z inst. cd Vám to nebere?
POkud Vám to nejde zformátovat tím inst. cd, co máte, zkuste sehnat jiné.
Nepamatujete si, co za vir Vám Avast a Avira hlásili?
Já jsme v lozích totiž nic nenašla
POkud Vám to nejde zformátovat tím inst. cd, co máte, zkuste sehnat jiné.
Nepamatujete si, co za vir Vám Avast a Avira hlásili?
Já jsme v lozích totiž nic nenašla
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: dotaz
Posielam vam logy z avp ,avastu a cf
31.12.2010 18:29
Testují se všechny lokální disky
Soubor D:\Install\jukebox\mmsetup_9000156_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\jukebox\mmsetup_9000159b_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\Lavasoft\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\Install\MRP\MRP2008\distr.exe\SETUP.EXE\Wise0019.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.r00\DKeeper\DKeeper.cab\DataKeeper.hlp Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.r04\Setup\Tutorial.cab\PM8Flash.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.rar\BTMagic\Setup\BMagic.cab\BMCFG.EXE Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\SiSoft\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor D:\Install\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor D:\Install\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\unformat\pista\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022237.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022238.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Documents and Settings\Peter\Plocha\mbam-setup-1.50.0.0.exe\{embedded}\setup.exe Chyba 42051 {Neznámá verze packeru.}
Soubor E:\E_mechanika\Pôvodné_D\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor E:\Install\jukebox\mmsetup_9000156_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\jukebox\mmsetup_9000159b_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\Lavasoft\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Install\MRP\MRP2008\distr.exe\SETUP.EXE\Wise0019.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\Navigacie\instal sygic\prt.zip\prt\prt.pak Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Navigacie\instal sygic\swe.rar\swe\swe\swe.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\KROKO\Italy.part1.rar\italy_ta_north.mca Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\Sygic\ita.part1.rar\ita\ita.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\Sygic\prt.zip\prt\prt.pak Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Navigacie\Sygic\swe.rar\swe\swe\swe.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\SiSoft\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor E:\Install\unformat\pista\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Program Files\Strong\Incomplete\OziExplorer CR+SR.zip.HGTJZ3FF3ZLSWXOQM3SBMXFSNEZDK6HUUILHGPY.dctmp\PC\oziexp_setup_3.95.2.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022239.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022240.exe je infikován virem Win32:Malware-gen, Smazán
Počet prohledaných složek: 24879
Počet testovaných souborů: 1535594
Počet infikovaných souborů: 8
utomatická kontrola: dokončeno před 45 min. (události: 4, objekty: 873003, čas: 04:51:50)
28.7.2010 16:24:57 Úloha byla spuštěna
28.7.2010 20:29:47 Zjištěno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe
28.7.2010 20:29:47 Neošetřeno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe Zápis není podporován
28.7.2010 21:16:48 Úloha byla dokončena
ComboFix 10-12-26.01 - Peter 29.12.2010 18:42:32.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.455 [GMT 1:00]
Spuštěný z: c:\documents and settings\Peter\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101228-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Peter\Local Settings\Temporary Internet Files\TRNCOM.INI
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-29 )))))))))))))))))))))))))))))))
.
2010-12-16 07:44 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 07:43 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-13 19:11 . 2010-12-15 16:28 1200 ----a-w- c:\windows\system32\rzeksfsp.dat
2010-12-13 19:11 . 2010-12-13 19:11 -------- d-----w- c:\program files\SFaxTools
2010-12-11 17:04 . 2010-12-11 17:04 -------- d-----w- c:\program files\HDDGURU LLF Tool
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 21:35 . 2010-07-27 21:19 3998686 ----a-r- C:\ComboFix.exe
2010-11-29 15:42 . 2010-07-27 22:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 15:42 . 2010-07-27 22:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:15 . 2007-04-28 12:06 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:25 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:25 . 2007-04-29 09:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:25 . 2003-04-16 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:25 . 2003-04-16 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2007-04-29 09:02 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 20:05 . 2010-11-02 20:05 4608 ----a-w- c:\windows\system32\w95inf32.dll
2010-11-02 20:05 . 2010-11-02 20:05 2272 ----a-w- c:\windows\system32\w95inf16.dll
2010-11-02 19:10 . 2010-11-02 19:10 69632 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ContentTransfer.exe
2010-11-02 19:10 . 2010-11-02 19:10 65536 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ReadMe.exe
2010-11-02 19:10 . 2010-11-02 19:10 45056 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Help_HH.exe
2010-11-02 19:10 . 2010-11-02 19:10 434176 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_GuidedTour.exe
2010-11-02 19:10 . 2010-11-02 19:10 69632 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe
2010-11-02 19:10 . 2010-11-02 19:10 49152 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Check3D.exe
2010-11-02 19:10 . 2010-11-02 19:10 40960 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_AMCap.exe
2010-11-02 15:17 . 2003-04-16 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-16 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2003-04-16 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-12-01_00.09.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-29 16:47 . 2010-12-29 16:47 16384 c:\windows\temp\Perflib_Perfdata_674.dat
+ 2010-12-29 16:50 . 2010-12-29 16:50 16384 c:\windows\temp\Perflib_Perfdata_184.dat
- 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2003-04-16 12:00 . 2010-11-06 00:25 44544 c:\windows\system32\pngfilt.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 44544 c:\windows\system32\pngfilt.dll
+ 2003-04-16 12:00 . 2010-12-11 13:34 93370 c:\windows\system32\perfc009.dat
+ 2006-11-07 19:03 . 2010-11-06 00:25 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 52224 c:\windows\system32\msfeedsbs.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 27648 c:\windows\system32\jsproxy.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 27648 c:\windows\system32\jsproxy.dll
- 2006-11-07 01:26 . 2010-09-08 15:57 13824 c:\windows\system32\ieudinit.exe
+ 2006-11-07 01:26 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
+ 2003-04-16 12:00 . 2010-11-06 00:25 44544 c:\windows\system32\iernonce.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 44544 c:\windows\system32\iernonce.dll
+ 2003-04-16 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
- 2003-04-16 12:00 . 2010-09-08 15:57 70656 c:\windows\system32\ie4uinit.exe
- 2006-10-17 09:58 . 2010-09-09 13:34 63488 c:\windows\system32\icardie.dll
+ 2006-10-17 09:58 . 2010-11-06 00:25 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 16:36 . 2010-11-06 00:25 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-08-13 16:36 . 2010-09-09 13:34 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-11-18 18:15 . 2010-11-18 18:15 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-01-01 23:06 . 2010-11-03 12:24 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-01-01 23:06 . 2010-09-08 15:57 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-08-13 16:39 . 2010-11-06 00:25 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 16:45 . 2010-09-09 13:34 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:45 . 2010-11-06 00:25 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:39 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 16:39 . 2010-09-08 15:57 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-01-01 23:06 . 2010-09-09 13:34 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-08-13 16:42 . 2010-11-06 00:25 17408 c:\windows\system32\dllcache\corpol.dll
- 2007-08-13 16:42 . 2010-09-09 13:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 44544 c:\windows\ie7updates\KB2416400-IE7\pngfilt.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 52224 c:\windows\ie7updates\KB2416400-IE7\msfeedsbs.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 27648 c:\windows\ie7updates\KB2416400-IE7\jsproxy.dll
+ 2010-12-17 02:04 . 2010-09-08 15:57 13824 c:\windows\ie7updates\KB2416400-IE7\ieudinit.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 44544 c:\windows\ie7updates\KB2416400-IE7\iernonce.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 78336 c:\windows\ie7updates\KB2416400-IE7\ieencode.dll
+ 2010-12-17 02:04 . 2010-09-08 15:57 70656 c:\windows\ie7updates\KB2416400-IE7\ie4uinit.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 63488 c:\windows\ie7updates\KB2416400-IE7\icardie.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 17408 c:\windows\ie7updates\KB2416400-IE7\corpol.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 233472 c:\windows\system32\webcheck.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 233472 c:\windows\system32\webcheck.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 105984 c:\windows\system32\url.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 105984 c:\windows\system32\url.dll
+ 2003-04-16 12:00 . 2010-12-11 13:34 501488 c:\windows\system32\perfh009.dat
+ 2003-04-16 12:00 . 2010-12-11 13:34 498154 c:\windows\system32\perfh005.dat
+ 2003-04-16 12:00 . 2010-12-11 13:34 104306 c:\windows\system32\perfc005.dat
- 2003-04-16 12:00 . 2010-09-09 13:34 102912 c:\windows\system32\occache.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 102912 c:\windows\system32\occache.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 671232 c:\windows\system32\mstime.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 671232 c:\windows\system32\mstime.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 193024 c:\windows\system32\msrating.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 193024 c:\windows\system32\msrating.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 478208 c:\windows\system32\mshtmled.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 478208 c:\windows\system32\mshtmled.dll
+ 2006-11-07 19:03 . 2010-11-06 00:25 468480 c:\windows\system32\msfeeds.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 468480 c:\windows\system32\msfeeds.dll
+ 2006-10-17 09:57 . 2010-11-06 00:25 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 09:57 . 2010-09-09 13:34 268288 c:\windows\system32\iertutil.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 192512 c:\windows\system32\iepeers.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 192512 c:\windows\system32\iepeers.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 384512 c:\windows\system32\iedkcs32.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 384512 c:\windows\system32\iedkcs32.dll
+ 2006-10-17 09:27 . 2010-11-06 00:25 380928 c:\windows\system32\ieapfltr.dll
- 2006-10-17 09:27 . 2010-09-09 13:34 380928 c:\windows\system32\ieapfltr.dll
+ 2003-04-16 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
- 2003-04-16 12:00 . 2010-08-25 11:29 161792 c:\windows\system32\ieakui.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 230400 c:\windows\system32\ieaksie.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 230400 c:\windows\system32\ieaksie.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 153088 c:\windows\system32\ieakeng.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 153088 c:\windows\system32\ieakeng.dll
+ 2007-04-29 09:02 . 2010-11-06 00:25 133120 c:\windows\system32\extmgr.dll
- 2007-04-29 09:02 . 2010-09-09 13:34 133120 c:\windows\system32\extmgr.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 214528 c:\windows\system32\dxtrans.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 214528 c:\windows\system32\dxtrans.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 347136 c:\windows\system32\dxtmsft.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 347136 c:\windows\system32\dxtmsft.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 671232 c:\windows\system32\dllcache\mstime.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 193024 c:\windows\system32\dllcache\msrating.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 478208 c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 478208 c:\windows\system32\dllcache\mshtmled.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-08-13 16:43 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-08-13 16:43 . 2010-08-25 11:30 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2009-01-01 23:06 . 2010-11-06 00:25 268288 c:\windows\system32\dllcache\iertutil.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 192512 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2003-04-16 12:00 . 2010-08-25 11:29 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2003-04-16 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 16:35 . 2010-11-06 00:25 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 16:35 . 2010-09-09 13:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2007-08-13 16:35 . 2010-11-06 00:25 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2007-08-13 16:35 . 2010-09-09 13:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-04-20 05:32 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 124928 c:\windows\system32\dllcache\advpack.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 124928 c:\windows\system32\advpack.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 124928 c:\windows\system32\advpack.dll
+ 2010-12-29 16:41 . 2010-12-23 10:33 234496 c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat
+ 2010-12-17 02:04 . 2010-09-09 13:34 832512 c:\windows\ie7updates\KB2416400-IE7\wininet.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 233472 c:\windows\ie7updates\KB2416400-IE7\webcheck.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 105984 c:\windows\ie7updates\KB2416400-IE7\url.dll
+ 2010-12-17 02:04 . 2010-02-22 14:21 391032 c:\windows\ie7updates\KB2416400-IE7\spuninst\updspapi.dll
+ 2010-12-17 02:04 . 2010-02-22 14:20 233848 c:\windows\ie7updates\KB2416400-IE7\spuninst\spuninst.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 102912 c:\windows\ie7updates\KB2416400-IE7\occache.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 671232 c:\windows\ie7updates\KB2416400-IE7\mstime.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 193024 c:\windows\ie7updates\KB2416400-IE7\msrating.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 478208 c:\windows\ie7updates\KB2416400-IE7\mshtmled.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 468480 c:\windows\ie7updates\KB2416400-IE7\msfeeds.dll
+ 2010-12-17 02:04 . 2010-08-25 11:30 634648 c:\windows\ie7updates\KB2416400-IE7\iexplore.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 268288 c:\windows\ie7updates\KB2416400-IE7\iertutil.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 192512 c:\windows\ie7updates\KB2416400-IE7\iepeers.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 384512 c:\windows\ie7updates\KB2416400-IE7\iedkcs32.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 380928 c:\windows\ie7updates\KB2416400-IE7\ieapfltr.dll
+ 2010-12-17 02:04 . 2010-08-25 11:29 161792 c:\windows\ie7updates\KB2416400-IE7\ieakui.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 230400 c:\windows\ie7updates\KB2416400-IE7\ieaksie.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 153088 c:\windows\ie7updates\KB2416400-IE7\ieakeng.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 133120 c:\windows\ie7updates\KB2416400-IE7\extmgr.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 214528 c:\windows\ie7updates\KB2416400-IE7\dxtrans.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 347136 c:\windows\ie7updates\KB2416400-IE7\dxtmsft.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 124928 c:\windows\ie7updates\KB2416400-IE7\advpack.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 1168384 c:\windows\system32\urlmon.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 1168384 c:\windows\system32\urlmon.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 3604480 c:\windows\system32\mshtml.dll
+ 2006-11-07 19:03 . 2010-11-06 00:25 6075904 c:\windows\system32\ieframe.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 6075904 c:\windows\system32\ieframe.dll
+ 2007-04-28 13:54 . 2010-12-17 02:22 2399048 c:\windows\system32\FNTCACHE.DAT
+ 2009-01-01 22:58 . 2010-10-26 13:58 1853312 c:\windows\system32\dllcache\win32k.sys
- 2007-08-13 16:54 . 2010-09-09 13:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 3604480 c:\windows\system32\dllcache\mshtml.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 1168384 c:\windows\ie7updates\KB2416400-IE7\urlmon.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 3601920 c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 6075904 c:\windows\ie7updates\KB2416400-IE7\ieframe.dll
+ 2007-04-29 10:20 . 2010-12-17 02:01 37366216 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{40DC3121-3B86-4BBF-99BE-67AB90E35DC3}"= "c:\program files\BRapid\RS Tool\RSToolbar.dll" [2008-09-30 710144]
[HKEY_CLASSES_ROOT\clsid\{40dc3121-3b86-4bbf-99be-67ab90e35dc3}]
[HKEY_CLASSES_ROOT\KBBar.KBBarBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{5437E643-E709-4A8C-9BF6-E441F090E050}]
[HKEY_CLASSES_ROOT\KBBar.KBBarBand]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-05-02 151552]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-22 7700480]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-21 149280]
"ISUSPM Startup"="c:\progra~1\common~1\instal~1\update~1\isuspm.exe" [2004-06-16 221184]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-03 32768]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-1-27 113664]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Peter^Nabídka Start^Programy^Po spuštění^AntiVirus Systems.lnk]
backup=c:\windows\pss\AntiVirus Systems.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"ServiceLayer"=3 (0x3)
"MDM"=2 (0x2)
"ose"=3 (0x3)
"aspnet_state"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"WinDefend"=2 (0x2)
"TapiSrv"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\Program Files\\Strong\\StrongDC.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Strong\\sdc221\\StrongDC.exe"=
"c:\\Program Files\\AVerMedia\\Digital Video Surveillance System\\DVR.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\English\\setup.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Western Digital\\WD Discovery Software\\WD Discovery.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"13364:UDP"= 13364:UDP:Print Server Utility
"13107:UDP"= 13107:UDP:Print Server Utility
"69:UDP"= 69:UDP:Print Server Utility
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5.4.2008 22:18 114768]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [10.1.2009 22:34 10368]
R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [10.1.2009 22:34 4608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.4.2008 22:18 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [24.11.2009 15:05 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [24.11.2009 15:05 2723840]
S2 ArgusA;ArgusA;c:\windows\system32\drivers\Di878A.sys [22.1.2008 22:51 38400]
S2 ArgusV;ArgusV;c:\windows\system32\drivers\Di878V.sys [22.1.2008 22:51 67072]
S2 C182XBar;AVerMedia, MPEG Crossbar (88x), Service;c:\windows\system32\drivers\C182XBar.sys [28.4.2007 13:38 6784]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2010 17:50 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.9.2010 21:10 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.9.2010 21:10 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [25.10.2010 23:01 32377]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21.2.2009 16:21 223128]
S3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [30.8.2009 22:03 146720]
S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [14.9.2008 19:18 176256]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [10.7.2008 16:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 1:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.5.2007 15:31 611064]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [10.7.2008 16:28 369688]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 16:50]
2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 16:50]
2010-12-29 c:\windows\Tasks\User_Feed_Synchronization-{CCA8FD82-364E-43D1-9724-9942B392C758}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 16:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.servis.pvt.sk/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~1\PCTRAN~1\webie.dll
DPF: {98425C13-952B-4459-A742-B1B85BDFF330} - hxxp://live.dss.com.tw/WebCamX.cab
DPF: {C357FE0A-0556-4970-8990-64DF0B8E8C6B}
DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} - hxxp://data.myflatcast.com/data/objects/NpFv41629.dll
FF - ProfilePath - c:\documents and settings\Peter\Data aplikací\Mozilla\Firefox\Profiles\w0ur79jz.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-29 19:02
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-12-29 19:12:17
ComboFix-quarantined-files.txt 2010-12-29 18:12
ComboFix2.txt 2010-12-01 00:12
ComboFix3.txt 2010-11-04 16:17
ComboFix4.txt 2010-11-02 08:03
ComboFix5.txt 2010-12-29 17:38
Před spuštěním: Volných bajtů: 70 199 988 224
Po spuštění: Volných bajtů: 71 128 477 696
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 91487FACBF313DC153E6D27F8E1B4E61
31.12.2010 18:29
Testují se všechny lokální disky
Soubor D:\Install\jukebox\mmsetup_9000156_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\jukebox\mmsetup_9000159b_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\Lavasoft\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\Install\MRP\MRP2008\distr.exe\SETUP.EXE\Wise0019.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.r00\DKeeper\DKeeper.cab\DataKeeper.hlp Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.r04\Setup\Tutorial.cab\PM8Flash.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\partition Magic\PartitionMagic v8.01.rar\ror.rar\BTMagic\Setup\BMagic.cab\BMCFG.EXE Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\SiSoft\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor D:\Install\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor D:\Install\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor D:\Install\unformat\pista\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022237.exe je infikován virem Win32:Malware-gen, Smazán
Soubor D:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022238.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Documents and Settings\Peter\Plocha\mbam-setup-1.50.0.0.exe\{embedded}\setup.exe Chyba 42051 {Neznámá verze packeru.}
Soubor E:\E_mechanika\Pôvodné_D\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor E:\Install\jukebox\mmsetup_9000156_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\jukebox\mmsetup_9000159b_ENU.exe\TDM\TDMInstall.exe\Wise0011.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\Lavasoft\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Install\MRP\MRP2008\distr.exe\SETUP.EXE\Wise0019.bin Chyba 42146 {Archiv instalátoru je poškozen.}
Soubor E:\Install\Navigacie\instal sygic\prt.zip\prt\prt.pak Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Navigacie\instal sygic\swe.rar\swe\swe\swe.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\KROKO\Italy.part1.rar\italy_ta_north.mca Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\Sygic\ita.part1.rar\ita\ita.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\Navigacie\Sygic\prt.zip\prt\prt.pak Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Navigacie\Sygic\swe.rar\swe\swe\swe.pak Chyba 42126 {Archiv RAR je poškozen.}
Soubor E:\Install\SiSoft\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\SiSoftware.Sandra.Professional.MAX3.v2003.7.9.73\fo-ssm3a.zip\fo-ssm3.exe\fo-ssm3.zip\fo-ssm3.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\Install\Strong\Incomplete\3gp-video-converter.exe.QPLD7HDB32XBNSEDPG3UQPDTMCQILRHSO7R267A.dctmp\3gp-video-converter-217132.exe Chyba 42127 {Archiv CAB je poškozen.}
Soubor E:\Install\unformat\pista\Ad-Aware Suite All In One 2005 (cze) [WinALL]\Ad-Aware Suite All In One 2005 (cze)\appz\Plugins\When U Remover 2005\whenuremover.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\Program Files\Strong\Incomplete\OziExplorer CR+SR.zip.HGTJZ3FF3ZLSWXOQM3SBMXFSNEZDK6HUUILHGPY.dctmp\PC\oziexp_setup_3.95.2.exe Chyba 42125 {Archiv ZIP je poškozen.}
Soubor E:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022239.exe je infikován virem Win32:Malware-gen, Smazán
Soubor E:\System Volume Information\_restore{6B3663D4-3AF0-468F-B6DC-E9A2665328FE}\RP55\A0022240.exe je infikován virem Win32:Malware-gen, Smazán
Počet prohledaných složek: 24879
Počet testovaných souborů: 1535594
Počet infikovaných souborů: 8
utomatická kontrola: dokončeno před 45 min. (události: 4, objekty: 873003, čas: 04:51:50)
28.7.2010 16:24:57 Úloha byla spuštěna
28.7.2010 20:29:47 Zjištěno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe
28.7.2010 20:29:47 Neošetřeno: Trojan.Win32.DelFiles.or C:\Program Files\Strong\Downloads\Sam Broadcaster 4 3 6 + SERIAL.rar/Setup.exe Zápis není podporován
28.7.2010 21:16:48 Úloha byla dokončena
ComboFix 10-12-26.01 - Peter 29.12.2010 18:42:32.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.455 [GMT 1:00]
Spuštěný z: c:\documents and settings\Peter\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101228-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Peter\Local Settings\Temporary Internet Files\TRNCOM.INI
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-28 do 2010-12-29 )))))))))))))))))))))))))))))))
.
2010-12-16 07:44 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-16 07:43 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-13 19:11 . 2010-12-15 16:28 1200 ----a-w- c:\windows\system32\rzeksfsp.dat
2010-12-13 19:11 . 2010-12-13 19:11 -------- d-----w- c:\program files\SFaxTools
2010-12-11 17:04 . 2010-12-11 17:04 -------- d-----w- c:\program files\HDDGURU LLF Tool
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-27 21:35 . 2010-07-27 21:19 3998686 ----a-r- C:\ComboFix.exe
2010-11-29 15:42 . 2010-07-27 22:01 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 15:42 . 2010-07-27 22:01 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-18 18:15 . 2007-04-28 12:06 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:25 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:25 . 2007-04-29 09:02 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:25 . 2003-04-16 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:25 . 2003-04-16 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2007-04-29 09:02 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 20:05 . 2010-11-02 20:05 4608 ----a-w- c:\windows\system32\w95inf32.dll
2010-11-02 20:05 . 2010-11-02 20:05 2272 ----a-w- c:\windows\system32\w95inf16.dll
2010-11-02 19:10 . 2010-11-02 19:10 69632 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ContentTransfer.exe
2010-11-02 19:10 . 2010-11-02 19:10 65536 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_ReadMe.exe
2010-11-02 19:10 . 2010-11-02 19:10 45056 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Help_HH.exe
2010-11-02 19:10 . 2010-11-02 19:10 434176 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_GuidedTour.exe
2010-11-02 19:10 . 2010-11-02 19:10 69632 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe
2010-11-02 19:10 . 2010-11-02 19:10 49152 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_Check3D.exe
2010-11-02 19:10 . 2010-11-02 19:10 40960 ----a-r- c:\documents and settings\Peter\Data aplikací\Microsoft\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\SC_AMCap.exe
2010-11-02 15:17 . 2003-04-16 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-16 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2003-04-16 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((( SnapShot_2010-12-01_00.09.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-29 16:47 . 2010-12-29 16:47 16384 c:\windows\temp\Perflib_Perfdata_674.dat
+ 2010-12-29 16:50 . 2010-12-29 16:50 16384 c:\windows\temp\Perflib_Perfdata_184.dat
- 2007-01-29 08:58 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2007-01-29 08:58 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2003-04-16 12:00 . 2010-11-06 00:25 44544 c:\windows\system32\pngfilt.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 44544 c:\windows\system32\pngfilt.dll
+ 2003-04-16 12:00 . 2010-12-11 13:34 93370 c:\windows\system32\perfc009.dat
+ 2006-11-07 19:03 . 2010-11-06 00:25 52224 c:\windows\system32\msfeedsbs.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 52224 c:\windows\system32\msfeedsbs.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 27648 c:\windows\system32\jsproxy.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 27648 c:\windows\system32\jsproxy.dll
- 2006-11-07 01:26 . 2010-09-08 15:57 13824 c:\windows\system32\ieudinit.exe
+ 2006-11-07 01:26 . 2010-11-03 12:24 13824 c:\windows\system32\ieudinit.exe
+ 2003-04-16 12:00 . 2010-11-06 00:25 44544 c:\windows\system32\iernonce.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 44544 c:\windows\system32\iernonce.dll
+ 2003-04-16 12:00 . 2010-11-03 12:24 70656 c:\windows\system32\ie4uinit.exe
- 2003-04-16 12:00 . 2010-09-08 15:57 70656 c:\windows\system32\ie4uinit.exe
- 2006-10-17 09:58 . 2010-09-09 13:34 63488 c:\windows\system32\icardie.dll
+ 2006-10-17 09:58 . 2010-11-06 00:25 63488 c:\windows\system32\icardie.dll
+ 2007-08-13 16:36 . 2010-11-06 00:25 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2007-08-13 16:36 . 2010-09-09 13:34 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 52224 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-11-18 18:15 . 2010-11-18 18:15 81920 c:\windows\system32\dllcache\isign32.dll
+ 2009-01-01 23:06 . 2010-11-03 12:24 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2009-01-01 23:06 . 2010-09-08 15:57 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2007-08-13 16:39 . 2010-11-06 00:25 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 44544 c:\windows\system32\dllcache\iernonce.dll
- 2007-08-13 16:45 . 2010-09-09 13:34 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:45 . 2010-11-06 00:25 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:39 . 2010-11-03 12:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2007-08-13 16:39 . 2010-09-08 15:57 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-01-01 23:06 . 2010-09-09 13:34 63488 c:\windows\system32\dllcache\icardie.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 63488 c:\windows\system32\dllcache\icardie.dll
+ 2007-08-13 16:42 . 2010-11-06 00:25 17408 c:\windows\system32\dllcache\corpol.dll
- 2007-08-13 16:42 . 2010-09-09 13:34 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 44544 c:\windows\ie7updates\KB2416400-IE7\pngfilt.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 52224 c:\windows\ie7updates\KB2416400-IE7\msfeedsbs.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 27648 c:\windows\ie7updates\KB2416400-IE7\jsproxy.dll
+ 2010-12-17 02:04 . 2010-09-08 15:57 13824 c:\windows\ie7updates\KB2416400-IE7\ieudinit.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 44544 c:\windows\ie7updates\KB2416400-IE7\iernonce.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 78336 c:\windows\ie7updates\KB2416400-IE7\ieencode.dll
+ 2010-12-17 02:04 . 2010-09-08 15:57 70656 c:\windows\ie7updates\KB2416400-IE7\ie4uinit.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 63488 c:\windows\ie7updates\KB2416400-IE7\icardie.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 17408 c:\windows\ie7updates\KB2416400-IE7\corpol.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 233472 c:\windows\system32\webcheck.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 233472 c:\windows\system32\webcheck.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 105984 c:\windows\system32\url.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 105984 c:\windows\system32\url.dll
+ 2003-04-16 12:00 . 2010-12-11 13:34 501488 c:\windows\system32\perfh009.dat
+ 2003-04-16 12:00 . 2010-12-11 13:34 498154 c:\windows\system32\perfh005.dat
+ 2003-04-16 12:00 . 2010-12-11 13:34 104306 c:\windows\system32\perfc005.dat
- 2003-04-16 12:00 . 2010-09-09 13:34 102912 c:\windows\system32\occache.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 102912 c:\windows\system32\occache.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 671232 c:\windows\system32\mstime.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 671232 c:\windows\system32\mstime.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 193024 c:\windows\system32\msrating.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 193024 c:\windows\system32\msrating.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 478208 c:\windows\system32\mshtmled.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 478208 c:\windows\system32\mshtmled.dll
+ 2006-11-07 19:03 . 2010-11-06 00:25 468480 c:\windows\system32\msfeeds.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 468480 c:\windows\system32\msfeeds.dll
+ 2006-10-17 09:57 . 2010-11-06 00:25 268288 c:\windows\system32\iertutil.dll
- 2006-10-17 09:57 . 2010-09-09 13:34 268288 c:\windows\system32\iertutil.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 192512 c:\windows\system32\iepeers.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 192512 c:\windows\system32\iepeers.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 384512 c:\windows\system32\iedkcs32.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 384512 c:\windows\system32\iedkcs32.dll
+ 2006-10-17 09:27 . 2010-11-06 00:25 380928 c:\windows\system32\ieapfltr.dll
- 2006-10-17 09:27 . 2010-09-09 13:34 380928 c:\windows\system32\ieapfltr.dll
+ 2003-04-16 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\ieakui.dll
- 2003-04-16 12:00 . 2010-08-25 11:29 161792 c:\windows\system32\ieakui.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 230400 c:\windows\system32\ieaksie.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 230400 c:\windows\system32\ieaksie.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 153088 c:\windows\system32\ieakeng.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 153088 c:\windows\system32\ieakeng.dll
+ 2007-04-29 09:02 . 2010-11-06 00:25 133120 c:\windows\system32\extmgr.dll
- 2007-04-29 09:02 . 2010-09-09 13:34 133120 c:\windows\system32\extmgr.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 214528 c:\windows\system32\dxtrans.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 214528 c:\windows\system32\dxtrans.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 347136 c:\windows\system32\dxtmsft.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 347136 c:\windows\system32\dxtmsft.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 832512 c:\windows\system32\dllcache\wininet.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 233472 c:\windows\system32\dllcache\webcheck.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 105984 c:\windows\system32\dllcache\url.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 671232 c:\windows\system32\dllcache\mstime.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 16:44 . 2010-11-06 00:25 193024 c:\windows\system32\dllcache\msrating.dll
- 2007-08-13 16:44 . 2010-09-09 13:34 193024 c:\windows\system32\dllcache\msrating.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 478208 c:\windows\system32\dllcache\mshtmled.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 478208 c:\windows\system32\dllcache\mshtmled.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-08-13 16:43 . 2010-10-18 11:07 634648 c:\windows\system32\dllcache\iexplore.exe
- 2007-08-13 16:43 . 2010-08-25 11:30 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2009-01-01 23:06 . 2010-11-06 00:25 268288 c:\windows\system32\dllcache\iertutil.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 268288 c:\windows\system32\dllcache\iertutil.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 192512 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 384512 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2003-04-16 12:00 . 2010-08-25 11:29 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2003-04-16 12:00 . 2010-10-18 11:06 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2007-08-13 16:54 . 2010-09-09 13:34 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 16:35 . 2010-11-06 00:25 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2007-08-13 16:35 . 2010-09-09 13:34 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2007-08-13 16:35 . 2010-11-06 00:25 347136 c:\windows\system32\dllcache\dxtmsft.dll
- 2007-08-13 16:35 . 2010-09-09 13:34 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2010-04-20 05:32 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2007-08-13 16:39 . 2010-11-06 00:25 124928 c:\windows\system32\dllcache\advpack.dll
- 2007-08-13 16:39 . 2010-09-09 13:34 124928 c:\windows\system32\dllcache\advpack.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 124928 c:\windows\system32\advpack.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 124928 c:\windows\system32\advpack.dll
+ 2010-12-29 16:41 . 2010-12-23 10:33 234496 c:\windows\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat
+ 2010-12-17 02:04 . 2010-09-09 13:34 832512 c:\windows\ie7updates\KB2416400-IE7\wininet.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 233472 c:\windows\ie7updates\KB2416400-IE7\webcheck.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 105984 c:\windows\ie7updates\KB2416400-IE7\url.dll
+ 2010-12-17 02:04 . 2010-02-22 14:21 391032 c:\windows\ie7updates\KB2416400-IE7\spuninst\updspapi.dll
+ 2010-12-17 02:04 . 2010-02-22 14:20 233848 c:\windows\ie7updates\KB2416400-IE7\spuninst\spuninst.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 102912 c:\windows\ie7updates\KB2416400-IE7\occache.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 671232 c:\windows\ie7updates\KB2416400-IE7\mstime.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 193024 c:\windows\ie7updates\KB2416400-IE7\msrating.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 478208 c:\windows\ie7updates\KB2416400-IE7\mshtmled.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 468480 c:\windows\ie7updates\KB2416400-IE7\msfeeds.dll
+ 2010-12-17 02:04 . 2010-08-25 11:30 634648 c:\windows\ie7updates\KB2416400-IE7\iexplore.exe
+ 2010-12-17 02:04 . 2010-09-09 13:34 268288 c:\windows\ie7updates\KB2416400-IE7\iertutil.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 192512 c:\windows\ie7updates\KB2416400-IE7\iepeers.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 384512 c:\windows\ie7updates\KB2416400-IE7\iedkcs32.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 380928 c:\windows\ie7updates\KB2416400-IE7\ieapfltr.dll
+ 2010-12-17 02:04 . 2010-08-25 11:29 161792 c:\windows\ie7updates\KB2416400-IE7\ieakui.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 230400 c:\windows\ie7updates\KB2416400-IE7\ieaksie.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 153088 c:\windows\ie7updates\KB2416400-IE7\ieakeng.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 133120 c:\windows\ie7updates\KB2416400-IE7\extmgr.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 214528 c:\windows\ie7updates\KB2416400-IE7\dxtrans.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 347136 c:\windows\ie7updates\KB2416400-IE7\dxtmsft.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 124928 c:\windows\ie7updates\KB2416400-IE7\advpack.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 1168384 c:\windows\system32\urlmon.dll
- 2003-04-16 12:00 . 2010-09-09 13:34 1168384 c:\windows\system32\urlmon.dll
+ 2003-04-16 12:00 . 2010-11-06 00:25 3604480 c:\windows\system32\mshtml.dll
+ 2006-11-07 19:03 . 2010-11-06 00:25 6075904 c:\windows\system32\ieframe.dll
- 2006-11-07 19:03 . 2010-09-09 13:34 6075904 c:\windows\system32\ieframe.dll
+ 2007-04-28 13:54 . 2010-12-17 02:22 2399048 c:\windows\system32\FNTCACHE.DAT
+ 2009-01-01 22:58 . 2010-10-26 13:58 1853312 c:\windows\system32\dllcache\win32k.sys
- 2007-08-13 16:54 . 2010-09-09 13:34 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-13 16:54 . 2010-11-06 00:25 3604480 c:\windows\system32\dllcache\mshtml.dll
- 2009-01-01 23:06 . 2010-09-09 13:34 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2009-01-01 23:06 . 2010-11-06 00:25 6075904 c:\windows\system32\dllcache\ieframe.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 1168384 c:\windows\ie7updates\KB2416400-IE7\urlmon.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 3601920 c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
+ 2010-12-17 02:04 . 2010-09-09 13:34 6075904 c:\windows\ie7updates\KB2416400-IE7\ieframe.dll
+ 2007-04-29 10:20 . 2010-12-17 02:01 37366216 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{40DC3121-3B86-4BBF-99BE-67AB90E35DC3}"= "c:\program files\BRapid\RS Tool\RSToolbar.dll" [2008-09-30 710144]
[HKEY_CLASSES_ROOT\clsid\{40dc3121-3b86-4bbf-99be-67ab90e35dc3}]
[HKEY_CLASSES_ROOT\KBBar.KBBarBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{5437E643-E709-4A8C-9BF6-E441F090E050}]
[HKEY_CLASSES_ROOT\KBBar.KBBarBand]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-05-02 151552]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-10-22 7700480]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-21 149280]
"ISUSPM Startup"="c:\progra~1\common~1\instal~1\update~1\isuspm.exe" [2004-06-16 221184]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-03 32768]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-1-27 113664]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Peter^Nabídka Start^Programy^Po spuštění^AntiVirus Systems.lnk]
backup=c:\windows\pss\AntiVirus Systems.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-06-16 04:03 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"ServiceLayer"=3 (0x3)
"MDM"=2 (0x2)
"ose"=3 (0x3)
"aspnet_state"=3 (0x3)
"WMPNetworkSvc"=3 (0x3)
"WinDefend"=2 (0x2)
"TapiSrv"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\Program Files\\Strong\\StrongDC.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Strong\\sdc221\\StrongDC.exe"=
"c:\\Program Files\\AVerMedia\\Digital Video Surveillance System\\DVR.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\English\\setup.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Western Digital\\WD Discovery Software\\WD Discovery.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"13364:UDP"= 13364:UDP:Print Server Utility
"13107:UDP"= 13107:UDP:Print Server Utility
"69:UDP"= 69:UDP:Print Server Utility
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [5.4.2008 22:18 114768]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [10.1.2009 22:34 10368]
R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [10.1.2009 22:34 4608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.4.2008 22:18 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [24.11.2009 15:05 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [24.11.2009 15:05 2723840]
S2 ArgusA;ArgusA;c:\windows\system32\drivers\Di878A.sys [22.1.2008 22:51 38400]
S2 ArgusV;ArgusV;c:\windows\system32\drivers\Di878V.sys [22.1.2008 22:51 67072]
S2 C182XBar;AVerMedia, MPEG Crossbar (88x), Service;c:\windows\system32\drivers\C182XBar.sys [28.4.2007 13:38 6784]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.3.2010 17:50 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.9.2010 21:10 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.9.2010 21:10 8320]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [25.10.2010 23:01 32377]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [21.2.2009 16:21 223128]
S3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [30.8.2009 22:03 146720]
S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [14.9.2008 19:18 176256]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [10.7.2008 16:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 1:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.5.2007 15:31 611064]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [10.7.2008 16:28 369688]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 16:50]
2010-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-06 16:50]
2010-12-29 c:\windows\Tasks\User_Feed_Synchronization-{CCA8FD82-364E-43D1-9724-9942B392C758}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 16:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.servis.pvt.sk/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~1\PCTRAN~1\webie.dll
DPF: {98425C13-952B-4459-A742-B1B85BDFF330} - hxxp://live.dss.com.tw/WebCamX.cab
DPF: {C357FE0A-0556-4970-8990-64DF0B8E8C6B}
DPF: {E55FD215-A32E-43FE-A777-A7E8F165F554} - hxxp://data.myflatcast.com/data/objects/NpFv41629.dll
FF - ProfilePath - c:\documents and settings\Peter\Data aplikací\Mozilla\Firefox\Profiles\w0ur79jz.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: PC Sync 2 Synchronisation Extension: bkmrksync@nokia.com - c:\program files\Nokia\Nokia PC Suite 7\bkmrksync
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-29 19:02
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-12-29 19:12:17
ComboFix-quarantined-files.txt 2010-12-29 18:12
ComboFix2.txt 2010-12-01 00:12
ComboFix3.txt 2010-11-04 16:17
ComboFix4.txt 2010-11-02 08:03
ComboFix5.txt 2010-12-29 17:38
Před spuštěním: Volných bajtů: 70 199 988 224
Po spuštění: Volných bajtů: 71 128 477 696
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 91487FACBF313DC153E6D27F8E1B4E61
Re: dotaz
Jak se ted počítač chová?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?