Restartovani Pc

[Y0G1]

At si založí nový topic, napíše že je pro mě a počká až přijdu. Ale bud mějte připojené pc Vy nebo on, oba ne.

okej

[JaRon]

aby to bolo pestrejsie pouzi este Stinger http://www.softpedia.com/progDownload/M ... -7356.html

[Y0G1]

jasny sem tu dlouiho nebyl kamos se jeste na to forko neregistroval ach ...

[motji]

A už jste udělal ten náš postup?
Mě je to jedno, ale ten rootkit Vám může krást data z pc.

[Y0G1]

no udelal sem vse az na tenhle posledni bot kterej sem si precetl az dneska

[motji]

A log z combofixu mám kde?

[Y0G1]

stinger ..comboi fix asi nebude treba kdyz uvidite tohle ach jaj


McAfee(r) Labs Stinger(tm) Version 10.2.0.112 built on Jun 14 2011
Copyright (c) 2011 McAfee, Inc. All Rights Reserved.
Virus data file v1000.0000 created on Jun 14 2011.
Ready to scan for 2481 viruses, trojans and variants.

Scan initiated on Wed Jun 15 10:37:30 2011
C:\WINDOWS\System32\svchost.exe
Found the W32/Conficker!mem trojan !!!
C:\WINDOWS\System32\svchost.exe is infected with the W32/Conficker!mem virus !!!
C:\WINDOWS\System32\svchost.exe could not be repaired.
C:\WINDOWS\System32\svchost.exe
Found the W32/Conficker!mem trojan !!!
C:\WINDOWS\System32\svchost.exe is infected with the W32/Conficker!mem virus !!!
C:\WINDOWS\System32\svchost.exe could not be repaired.
C:\Program Files\Movie Maker\oqhre.dll
Found the W32/Conficker.worm.gen.a virus !!!
C:\Program Files\Movie Maker\oqhre.dll is infected with the W32/Conficker.worm.gen.a virus !!!
C:\Program Files\Movie Maker\oqhre.dll has been deleted.
C:\Qoobox\Quarantine\C\WINDOWS\system32\_oqhre_.dll.zip\oqhre.dll
Found the W32/Conficker.worm.gen.a virus !!!
C:\Qoobox\Quarantine\C\WINDOWS\system32\_oqhre_.dll.zip\oqhre.dll is infected with the W32/Conficker.worm.gen.a virus !!!
C:\Qoobox\Quarantine\C\WINDOWS\system32\_oqhre_.dll.zip\oqhre.dll has been deleted.
C:\System Volume Information\_restore{E20035F1-EFF7-4E50-98E7-5B90B39209FA}\RP11\A0010221.dll
Found the W32/Conficker.worm.gen.a virus !!!
C:\System Volume Information\_restore{E20035F1-EFF7-4E50-98E7-5B90B39209FA}\RP11\A0010221.dll is infected with the W32/Conficker.worm.gen.a virus !!!
C:\System Volume Information\_restore{E20035F1-EFF7-4E50-98E7-5B90B39209FA}\RP11\A0010221.dll has been deleted.
C:\UsbFix_Upload_Me_HELL-T2X5CI1VMH.zip\Autorun.inf.vir\Autorun.inf.vir
Found the W32/Conficker.worm!inf virus !!!
C:\UsbFix_Upload_Me_HELL-T2X5CI1VMH.zip\Autorun.inf.vir\Autorun.inf.vir is infected with the W32/Conficker.worm!inf virus !!!
C:\UsbFix_Upload_Me_HELL-T2X5CI1VMH.zip\Autorun.inf.vir\Autorun.inf.vir has been deleted.
C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
Found the FakeAlert!fakealert-REP trojan !!!
C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe is infected with the FakeAlert!fakealert-REP virus !!!
C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe has been deleted.
C:\WINDOWS\iun6002.exe
Found the FakeAlert!fakealert-REP trojan !!!
C:\WINDOWS\iun6002.exe is infected with the FakeAlert!fakealert-REP virus !!!
C:\WINDOWS\iun6002.exe has been deleted.
C:\WINDOWS\system32\x
Found the W32/Conficker.worm.gen.a virus !!!
C:\WINDOWS\system32\x is infected with the W32/Conficker.worm.gen.a virus !!!
C:\WINDOWS\system32\x has been deleted.
Number of clean files: 102914
Number of infected files: 9
Number of files cleaned: 7

[Y0G1]

jeste jako bonus




Avira AntiVir Personal
Report file date: 15. júna 2011 19:24

Scanning for 2774345 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Martin
Computer name : HELL-T2X5CI1VMH

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 1.4.2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 1.4.2011 15:07:43
AVSCAN.DLL : 10.0.3.0 46440 Bytes 1.4.2011 15:07:57
LUKE.DLL : 10.0.3.2 104296 Bytes 1.4.2011 15:07:53
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.2.2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6.11.2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 14:15:47
VBASE002.VDF : 7.11.3.0 1950720 Bytes 9.2.2011 14:15:47
VBASE003.VDF : 7.11.5.225 1980416 Bytes 7.4.2011 17:22:36
VBASE004.VDF : 7.11.8.178 2354176 Bytes 31.5.2011 17:22:39
VBASE005.VDF : 7.11.8.179 2048 Bytes 31.5.2011 17:22:39
VBASE006.VDF : 7.11.8.180 2048 Bytes 31.5.2011 17:22:39
VBASE007.VDF : 7.11.8.181 2048 Bytes 31.5.2011 17:22:39
VBASE008.VDF : 7.11.8.182 2048 Bytes 31.5.2011 17:22:39
VBASE009.VDF : 7.11.8.183 2048 Bytes 31.5.2011 17:22:39
VBASE010.VDF : 7.11.8.184 2048 Bytes 31.5.2011 17:22:39
VBASE011.VDF : 7.11.8.185 2048 Bytes 31.5.2011 17:22:39
VBASE012.VDF : 7.11.8.186 2048 Bytes 31.5.2011 17:22:39
VBASE013.VDF : 7.11.8.222 121856 Bytes 2.6.2011 17:22:39
VBASE014.VDF : 7.11.9.7 134656 Bytes 4.6.2011 17:22:40
VBASE015.VDF : 7.11.9.42 136192 Bytes 6.6.2011 17:22:40
VBASE016.VDF : 7.11.9.72 117248 Bytes 7.6.2011 17:22:40
VBASE017.VDF : 7.11.9.107 130560 Bytes 9.6.2011 17:22:40
VBASE018.VDF : 7.11.9.143 132096 Bytes 10.6.2011 17:22:41
VBASE019.VDF : 7.11.9.172 141824 Bytes 14.6.2011 17:22:41
VBASE020.VDF : 7.11.9.214 144896 Bytes 15.6.2011 17:22:42
VBASE021.VDF : 7.11.9.215 2048 Bytes 15.6.2011 17:22:42
VBASE022.VDF : 7.11.9.216 2048 Bytes 15.6.2011 17:22:42
VBASE023.VDF : 7.11.9.217 2048 Bytes 15.6.2011 17:22:42
VBASE024.VDF : 7.11.9.218 2048 Bytes 15.6.2011 17:22:42
VBASE025.VDF : 7.11.9.219 2048 Bytes 15.6.2011 17:22:42
VBASE026.VDF : 7.11.9.220 2048 Bytes 15.6.2011 17:22:42
VBASE027.VDF : 7.11.9.221 2048 Bytes 15.6.2011 17:22:42
VBASE028.VDF : 7.11.9.222 2048 Bytes 15.6.2011 17:22:43
VBASE029.VDF : 7.11.9.223 2048 Bytes 15.6.2011 17:22:43
VBASE030.VDF : 7.11.9.224 2048 Bytes 15.6.2011 17:22:43
VBASE031.VDF : 7.11.9.226 28160 Bytes 15.6.2011 17:22:43
Engineversion : 8.2.5.14
AEVDF.DLL : 8.1.2.1 106868 Bytes 28.3.2011 14:15:27
AESCRIPT.DLL : 8.1.3.65 1606010 Bytes 15.6.2011 17:22:48
AESCN.DLL : 8.1.7.2 127349 Bytes 28.3.2011 14:15:27
AESBX.DLL : 8.2.1.34 323957 Bytes 15.6.2011 17:22:48
AERDL.DLL : 8.1.9.9 639347 Bytes 25.3.2011 10:21:38
AEPACK.DLL : 8.2.6.8 557430 Bytes 15.6.2011 17:22:47
AEOFFICE.DLL : 8.1.1.25 205178 Bytes 15.6.2011 17:22:46
AEHEUR.DLL : 8.1.2.125 3543415 Bytes 15.6.2011 17:22:46
AEHELP.DLL : 8.1.17.2 246135 Bytes 15.6.2011 17:22:44
AEGEN.DLL : 8.1.5.6 401780 Bytes 15.6.2011 17:22:44
AEEMU.DLL : 8.1.3.0 393589 Bytes 28.3.2011 14:15:19
AECORE.DLL : 8.1.21.1 196983 Bytes 15.6.2011 17:22:44
AEBB.DLL : 8.1.1.0 53618 Bytes 28.3.2011 14:15:19
AVWINLL.DLL : 10.0.0.0 19304 Bytes 28.3.2011 14:15:31
AVPREF.DLL : 10.0.0.0 44904 Bytes 1.4.2011 15:07:42
AVREP.DLL : 10.0.0.10 174120 Bytes 15.6.2011 17:22:48
AVREG.DLL : 10.0.3.2 53096 Bytes 1.4.2011 15:07:42
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 1.4.2011 15:07:43
AVARKT.DLL : 10.0.22.6 231784 Bytes 1.4.2011 15:07:38
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1.4.2011 15:07:41
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.6.2010 13:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 28.3.2011 14:15:30
NETNT.DLL : 10.0.0.0 11624 Bytes 28.3.2011 14:15:39
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1.4.2011 15:07:58
RCTEXT.DLL : 10.0.58.0 97128 Bytes 28.3.2011 14:15:52

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,

Start of the scan: 15. júna 2011 19:24

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'CCleaner.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'qip.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '337' files ).



End of the scan: 15. júna 2011 19:25
Used time: 01:04 Minute(s)

The scan has been done completely.

0 Scanned directories
930 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
930 Files not concerned
6 Archives were scanned
0 Warnings
0 Notes

[Y0G1]

inak dnes som spravil aviru konecne s zone alarmom takze davam sken aviry a a zone alarm tam nwm ci sa nieco nastavuje alebo nie

[motji]

Prosím o nový combofix, stahněte aktuální, ale u Vás je to boj s větrnými mlýny . Pořád se to vrací. Dokud neprověříme, zda to nemá na svědomí druhý pc, tak asi nemá cenu s tím něco dělat. Kdyby jste to zformátoval a druhý pc byl taky napadený, máte to hned zpět.

[Y0G1]

jasny no co sem pochopil tak je ten conficker v gen..z cehoz usudzuji ze je v generatic host coz je asi sit nebo nwm a napr switch kde som zapojeny se neda nejak vycistit?

mne to hodne zlobi taky 50 stranek na foru o podstate nicom nejsu to nejak schopnej odstranit a rad bych to uz udelal jinak ty dalsi vyry nebo mam jenom ciste toho confika? videl sem tam nekde i trojana

[cernohous13]

už jsi tu dostal mnohokrát radu, že nesmí být při čištění připojeny oba PC
pokud se nedohodneš s druhým uživatelem připojeným na společný switch, je naše práce zbytečná.

1.nechat zapojené jen jedno PC
2.vyčistit
3.odpojit od switche
4.připojit 2.PC
5.vyčistit

je to snad nejasné?

[Y0G1]

ComboFix 11-06-15.02 - Martin 15.06.2011 21:44:53.19.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.1023.692 [GMT 2:00]
Running from: c:\documents and settings\Martin\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Martin\Application Data\EurekaLog
c:\documents and settings\Martin\Application Data\EurekaLog\EurekaLog.ini
C:\Install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-05-15 to 2011-06-15 )))))))))))))))))))))))))))))))
.
.
2011-06-15 17:28 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-06-15 17:28 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-06-15 17:28 . 2011-06-15 17:28 -------- d-----w- c:\windows\system32\ZoneLabs
2011-06-15 17:28 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-06-15 17:27 . 2011-06-15 17:28 -------- d-----w- c:\program files\Zone Labs
2011-06-15 17:27 . 2011-06-15 19:42 -------- d-----w- c:\windows\Internet Logs
2011-06-15 17:27 . 2011-06-15 18:06 -------- d-----w- c:\windows\system32\NtmsData
2011-06-15 17:26 . 2011-06-15 17:26 -------- d-----w- c:\documents and settings\Martin\Application Data\Avira
2011-06-15 17:21 . 2011-04-01 15:07 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-15 17:21 . 2011-04-01 15:07 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-15 17:21 . 2010-06-17 13:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2011-06-15 17:21 . 2010-06-17 13:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2011-06-15 17:21 . 2011-06-15 17:21 -------- d-----w- c:\program files\Avira
2011-06-15 17:21 . 2011-06-15 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2011-06-15 08:14 . 2011-06-15 08:14 -------- d-----w- c:\program files\Common Files\Java
2011-06-15 08:14 . 2011-06-15 08:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-15 08:14 . 2011-06-15 08:13 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-15 08:13 . 2011-06-15 08:13 -------- d-----w- c:\program files\Java
2011-06-14 16:29 . 2011-06-15 07:26 -------- d-----w- c:\documents and settings\Martin\Application Data\Darer
2011-06-05 06:20 . 2011-06-05 06:20 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2011-06-05 06:20 . 2011-06-05 08:25 -------- d-----w- c:\program files\Google
2011-06-05 06:20 . 2011-06-05 08:10 -------- d-----w- c:\documents and settings\Martin\Local Settings\Application Data\Google
2011-06-04 06:45 . 2011-06-04 06:45 -------- d-----w- c:\windows\system32\oqhre.dll
2011-06-04 06:28 . 2011-06-04 06:29 -------- d-----w- c:\documents and settings\Martin\Application Data\GetRightToGo
2011-06-03 15:07 . 2011-06-03 15:07 -------- d-----w- c:\documents and settings\Martin\.system32
2011-05-29 12:34 . 2011-06-05 06:25 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-05-29 12:28 . 2011-05-29 12:29 -------- d-----w- C:\UsbFix
2011-05-27 12:59 . 2011-05-27 20:23 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-05-27 12:59 . 2011-05-27 12:59 -------- d-----w- c:\program files\Hitman Pro 3.5
2011-05-27 12:58 . 2011-05-27 12:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2011-05-25 14:22 . 2011-06-15 18:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-23 12:50 . 2004-05-17 06:00 33280 ----a-r- c:\windows\system32\drivers\NVENETFD.sys
2011-05-23 12:50 . 2004-05-17 05:49 198656 ----a-r- c:\windows\system32\fdco1.dll
2011-05-23 12:50 . 2004-05-10 00:53 32256 ----a-r- c:\windows\system32\nvconrm.dll
2011-05-23 12:50 . 2004-05-10 00:52 172032 ----a-w- c:\windows\system32\nvunrm.exe
2011-05-23 12:50 . 2004-05-17 06:00 12928 ----a-r- c:\windows\system32\drivers\nvnetbus.sys
2011-05-23 12:50 . 2004-05-17 06:00 56960 ----a-r- c:\windows\system32\drivers\nvnrm.sys
2011-05-23 12:50 . 2004-05-17 06:00 191232 ----a-r- c:\windows\system32\drivers\nvsnpu.sys
2011-05-23 12:50 . 2004-05-17 05:48 8192 ----a-r- c:\windows\system32\bdco1.dll
2011-05-23 12:18 . 2011-05-23 12:18 -------- d-----w- c:\program files\AMD
2011-05-23 12:18 . 2005-03-09 12:53 36352 ----a-w- c:\windows\system32\drivers\AmdK8.sys
2011-05-23 12:08 . 2011-05-23 12:08 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-18 09:05 . 2011-05-04 11:54 302080 ----a-w- C:\gmer.exe
2011-05-18 07:58 . 2011-05-18 07:58 -------- d-----w- C:\_OTM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-15 08:52 . 2011-05-29 12:29 1800 ----a-w- C:\UsbFix_Upload_Me_HELL-T2X5CI1VMH.zip
2011-05-28 14:04 . 2010-11-16 14:55 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-04-26 16:49 . 2011-04-08 19:46 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-04-26 16:49 . 2011-04-08 19:51 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-04-26 16:49 . 2011-04-08 19:45 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-04-26 15:55 . 2011-04-08 19:45 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-04-21 18:59 . 2011-04-08 19:46 22328 ----a-w- c:\documents and settings\Martin\Application Data\PnkBstrK.sys
2011-04-18 12:42 . 2011-04-18 12:39 2829 ----a-w- c:\windows\War3Unin.pif
2011-04-18 12:42 . 2011-04-18 12:39 139264 ----a-w- c:\windows\War3Unin.exe
2011-04-08 05:14 . 2011-05-14 06:48 944232 ----a-w- c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14 . 2011-05-14 06:48 855656 ----a-w- c:\windows\system32\nvgenco322060.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-17_16.33.31 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 47104 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41984 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 41472 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60416 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 59392 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 60928 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
+ 2007-11-06 20:51 . 2007-11-06 20:51 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
+ 2011-06-15 19:41 . 2011-06-15 19:41 16384 c:\windows\temp\Perflib_Perfdata_4fc.dat
+ 2011-06-15 17:28 . 2011-03-17 23:24 99328 c:\windows\system32\ZoneLabs\zlquarantine.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 70656 c:\windows\system32\ZoneLabs\zatray.exe
+ 2011-06-15 17:28 . 2011-03-17 23:25 21504 c:\windows\system32\ZoneLabs\lib\zsys.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 14336 c:\windows\system32\ZoneLabs\lib\zmenu.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 48640 c:\windows\system32\ZoneLabs\lib\zfde.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 85504 c:\windows\system32\ZoneLabs\lib\ZAlert.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 37376 c:\windows\system32\ZoneLabs\lib\UpdateUI.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 12800 c:\windows\system32\ZoneLabs\lib\oem_1488.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 12800 c:\windows\system32\ZoneLabs\lib\oem_1487.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 12800 c:\windows\system32\ZoneLabs\lib\oem_1486.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 20992 c:\windows\system32\ZoneLabs\lib\oem_1466.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 12800 c:\windows\system32\ZoneLabs\lib\oem_1460.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 10240 c:\windows\system32\ZoneLabs\lib\oem_1454.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 11264 c:\windows\system32\ZoneLabs\lib\oem_1445.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 14336 c:\windows\system32\ZoneLabs\lib\oem_1440.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 12288 c:\windows\system32\ZoneLabs\lib\oem_1413.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 11264 c:\windows\system32\ZoneLabs\lib\oem_1010.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 29184 c:\windows\system32\ZoneLabs\lib\NavBar.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 13312 c:\windows\system32\ZoneLabs\lib\MainLoop.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 35840 c:\windows\system32\ZoneLabs\lib\Alert.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 38912 c:\windows\system32\ZoneLabs\featuremap.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 75776 c:\windows\system32\ZoneLabs\camupd.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 43008 c:\windows\system32\vswmi.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 58368 c:\windows\system32\vsregexp.dll
+ 2011-06-15 17:21 . 2010-06-17 13:27 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2011-06-15 17:28 . 2011-06-15 17:28 4212 c:\windows\system32\zllictbl.dat
- 2011-04-28 18:38 . 2011-04-28 18:38 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
+ 2011-06-09 16:05 . 2011-06-09 16:05 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 141824 c:\windows\system32\ZoneLabs\zlupdate.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 173056 c:\windows\system32\ZoneLabs\vsvault.dll
+ 2011-06-15 17:27 . 2011-03-17 23:24 211456 c:\windows\system32\ZoneLabs\vsdb.dll
+ 2011-06-15 17:28 . 2007-10-11 14:51 832984 c:\windows\system32\ZoneLabs\updating.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 434688 c:\windows\system32\ZoneLabs\ssleay32.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 135680 c:\windows\system32\ZoneLabs\scheduler.dll
+ 2011-06-15 17:28 . 2009-07-13 21:58 722392 c:\windows\system32\ZoneLabs\qrbase.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 126976 c:\windows\system32\ZoneLabs\lib\zui.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 280064 c:\windows\system32\ZoneLabs\lib\TrayTest.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:25 225792 c:\windows\system32\ZoneLabs\lib\Overview.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 368640 c:\windows\system32\ZoneLabs\lib\LicenseUI.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 184832 c:\windows\system32\ZoneLabs\lib\DashBoard.zip.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 375296 c:\windows\system32\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2011-06-15 17:27 . 2010-02-08 06:41 595432 c:\windows\system32\ZoneLabs\icslta.dll
+ 2011-06-15 17:28 . 2010-11-08 16:58 284136 c:\windows\system32\ZoneLabs\ffapi.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 169984 c:\windows\system32\ZoneLabs\fbl.dll
+ 2011-06-15 17:28 . 2008-03-17 14:52 813568 c:\windows\system32\ZoneLabs\dbghelp.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 110080 c:\windows\system32\vsxml.dll
+ 2011-06-15 17:27 . 2011-03-17 23:24 715264 c:\windows\system32\vsutil.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 302592 c:\windows\system32\vspubapi.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 108032 c:\windows\system32\vsmonapi.dll
+ 2011-06-15 17:27 . 2011-03-17 23:24 228864 c:\windows\system32\vsinit.dll
+ 2011-06-15 17:28 . 2010-05-13 08:02 532224 c:\windows\system32\vsdatant.sys
+ 2011-06-15 17:27 . 2011-03-17 23:24 112128 c:\windows\system32\vsdata.dll
+ 2011-06-15 14:07 . 2011-06-15 14:07 240288 c:\windows\system32\Macromed\Flash\FlashUtil10t_Plugin.exe
+ 2011-06-15 18:27 . 2011-06-15 18:27 240288 c:\windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe
+ 2011-06-15 18:27 . 2011-06-15 18:27 321184 c:\windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.dll
+ 2011-06-15 08:14 . 2011-06-15 08:13 157472 c:\windows\system32\javaws.exe
+ 2011-06-15 08:14 . 2011-06-15 08:13 145184 c:\windows\system32\javaw.exe
+ 2011-06-15 08:14 . 2011-06-15 08:13 145184 c:\windows\system32\java.exe
+ 2011-06-14 16:29 . 2011-06-14 16:29 228352 c:\windows\Installer\b5ca5.msi
+ 2011-06-15 08:14 . 2011-06-15 08:14 203776 c:\windows\Installer\3f7025.msi
+ 2011-06-15 08:13 . 2011-06-15 08:13 675840 c:\windows\Installer\3f7020.msi
+ 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
- 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1162744 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
+ 2007-11-06 23:19 . 2007-11-06 23:19 1156600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
+ 2011-06-15 17:28 . 2011-03-17 23:24 1790464 c:\windows\system32\ZoneLabs\vsruledb.dll
+ 2011-06-15 17:28 . 2011-03-17 23:26 2435592 c:\windows\system32\ZoneLabs\vsmon.exe
+ 2011-06-15 17:28 . 2011-03-17 23:25 1536512 c:\windows\system32\ZoneLabs\lib\zpy.zip.dll
+ 2011-03-03 14:50 . 2011-05-23 12:08 1234520 c:\windows\system32\Restore\rstrlog.dat
+ 2010-11-15 17:39 . 2011-06-15 14:07 6271136 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-06-11 00:48 . 2011-06-11 00:48 3120288 c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-28 281768]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\programy\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:42 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2011-01-07 17:56 13880424 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-01-07 17:56 111208 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-11-04 06:51 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2005-05-17 10:48 77824 ----a-r- c:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programy\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Programy\\DotAlicious Gaming Client\\client.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"6756:TCP"= 6756:TCP:rvgbebls
.
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [15.6.2011 19:21 136360]
S3 cpuz134;cpuz134;\??\c:\docume~1\Martin\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Martin\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\programy\Garena\safedrv.sys --> c:\programy\Garena\safedrv.sys [?]
S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
fudxls
.
.
------- Supplementary Scan -------
.
uSearchAssistant =
TCP: DhcpNameServer = 195.12.128.1 195.72.0.3
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Martin\Application Data\Mozilla\Firefox\Profiles\ghya889f.default\
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-15 21:49
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-06-15 21:51:47
ComboFix-quarantined-files.txt 2011-06-15 19:51
ComboFix2.txt 2011-06-04 22:54
ComboFix3.txt 2011-06-04 06:41
ComboFix4.txt 2011-06-02 18:01
ComboFix5.txt 2011-06-15 19:43
.
Pre-Run: 69 303 160 832 bytes free
Post-Run: 12 adresárov, 69 353 402 368 voľných bajtov
.
- - End Of File - - 651350662D025CC9B87C8AE6C7680C1D

[Y0G1]

už jsi tu dostal mnohokrát radu, že nesmí být při čištění připojeny oba PC
pokud se nedohodneš s druhým uživatelem připojeným na společný switch, je naše práce zbytečná.

1.nechat zapojené jen jedno PC
2.vyčistit
3.odpojit od switche
4.připojit 2.PC
5.vyčistit

je to snad nejasné?

neni to nejasne ale on se sem za 1 jeste neregistroval a za druhe nwm proc mu to tak trva horsi bude kdyz on to mit nebude

[cernohous13]

proč horší, snad jen dobře, když nebude nakažený i jeho PC
ten tvůj se vyčisti dá, ale je tu podezření, že si to navzájem přes switch posíláte
proto trváme na rozpojení (u koho je ten switch?)