Ahoj pánvé, prosm kouknte mi na log. Poítač je njspíš zavirovaný. KNapřkad když spustím internetový prohlížeč, napíše mi, že se v pc vyskytl spam a nepustí mě nikam. Nebo internet nefunguje vůbec..
díy moc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ladislav at 2010-11-29 18:38:56
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (46%) free of 153 GB
Total RAM: 639 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:39:15, on 29.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\VMSnap5.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ladislav\Plocha\RSIT.exe
C:\Program Files\trend micro\Ladislav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://googleure.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VMSnap5] C:\WINDOWS\VMSnap5.EXE
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [Badoo Desktop] "C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
--
End of file - 8557 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"UpdatePDRShortCut"=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"VMSnap5"=C:\WINDOWS\VMSnap5.EXE [2006-06-28 49152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-09-28 2407632]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864]
"Badoo Desktop"=C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe [2010-10-29 983552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe [2003-12-04 406016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Rockstar Games\counter-strike 1.6\hl.exe"="C:\Program Files\Rockstar Games\counter-strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\ToCA Race Driver\RaceDriver.exe"="C:\Program Files\ToCA Race Driver\RaceDriver.exe:*:Enabled:RaceDriver"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Ladislav\Dokumenty\Downloads\P17535732.JPG-www.facebook.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\DOCUME~1\Ladislav\LOCALS~1\Temp\1630.exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\formule\f1_2000.exe"="C:\Program Files\formule\f1_2000.exe:*:Disabled:F1_2000"
"C:\Program Files\Ford Racing 3\fr3.exe"="C:\Program Files\Ford Racing 3\fr3.exe:*:Enabled:fr3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-11-29 18:38:57 ----DC---- C:\Program Files\trend micro
2010-11-29 18:38:56 ----DC---- C:\rsit
2010-11-28 08:05:49 ----AC---- C:\WINDOWS\system32\drivers\imsrdzgx.sys
2010-11-27 21:12:13 ----AC---- C:\WINDOWS\system32\drivers\btumjuor.sys
2010-11-27 20:04:00 ----AC---- C:\WINDOWS\system32\drivers\hprtwpsc.sys
2010-11-26 19:55:53 ----AC---- C:\WINDOWS\system32\drivers\kljccnyz.sys
2010-11-26 17:55:49 ----AC---- C:\WINDOWS\system32\drivers\mdkncdvm.sys
2010-11-26 15:55:47 ----AC---- C:\WINDOWS\system32\drivers\vwqorrif.sys
2010-11-26 08:58:58 ----DC---- C:\73ffa2532a0a3ac4efa77de0
2010-11-26 08:35:18 ----DC---- C:\c6de10370373a8a1f3eeff683d7a7d
2010-11-26 08:33:17 ----AC---- C:\WINDOWS\system32\drivers\vctxaium.sys
2010-11-26 08:26:46 ----HDC---- C:\WINDOWS\ie7
2010-11-26 08:26:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-11-26 08:25:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-11-26 07:30:21 ----AC---- C:\WINDOWS\system32\drivers\fvvifnyc.sys
2010-11-25 22:10:06 ----AC---- C:\WINDOWS\vidcap32.Exe
2010-11-25 22:10:05 ----AC---- C:\WINDOWS\Sti305.exe
2010-11-25 22:10:04 ----DC---- C:\WINDOWS\EffectResources
2010-11-25 22:10:04 ----DC---- C:\WINDOWS\CatRoot
2010-11-25 22:10:03 ----DC---- C:\Program Files\Vimicro
2010-11-25 22:02:00 ----AC---- C:\WINDOWS\VM305Cap.exe
2010-11-25 22:01:59 ----AC---- C:\WINDOWS\VMSnap5.exe
2010-11-25 22:01:59 ----AC---- C:\WINDOWS\system32\VM305Sti.dll
2010-11-25 22:01:58 ----AC---- C:\WINDOWS\system32\drivers\usbVM305.sys
2010-11-22 19:49:21 ----DC---- C:\Program Files\Montezumova pomsta
2010-11-22 16:14:36 ----DC---- C:\Program Files\Ford Racing 3
2010-11-22 15:46:10 ----DC---- C:\Program Files\formule
2010-11-20 18:29:16 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Badoo
2010-11-14 14:58:19 ----DC---- C:\WINDOWS\Performance
2010-11-14 14:57:39 ----DC---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2010-11-14 09:34:38 ----DC---- C:\Program Files\Wise Disk Cleaner
2010-11-13 17:23:21 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-11-13 16:56:25 ----DC---- C:\Documents and Settings\Ladislav\Data aplikací\Opera
2010-11-13 16:55:54 ----DC---- C:\Program Files\Opera
2010-11-12 22:42:02 ----AC---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-12 22:42:02 ----AC---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-12 22:42:01 ----AC---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-12 22:42:00 ----AC---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-12 22:41:59 ----AC---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-12 22:41:59 ----AC---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-12 22:41:59 ----AC---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-12 22:41:42 ----AC---- C:\WINDOWS\system32\aswBoot.exe
2010-11-12 20:18:13 ----DC---- C:\Documents and Settings\All Users\Data aplikací\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-11-12 20:17:09 ----DC---- C:\Program Files\Lavasoft
2010-11-12 20:17:09 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-11-12 18:33:42 ----AC---- C:\min32.exe
2010-11-11 19:58:48 ----AC---- C:\winscxs.exe
2010-11-11 19:43:38 ----AC---- C:\6164.exe
2010-11-11 16:02:39 ----AC---- C:\21.exe
2010-11-10 12:22:06 ----AC---- C:\jshd.exe
2010-11-09 17:13:51 ----AC---- C:\2xhs.exe
2010-11-02 10:55:28 ----AC---- C:\WINDOWS\system32\javaws.exe
2010-11-02 10:55:28 ----AC---- C:\WINDOWS\system32\javaw.exe
2010-11-02 10:55:28 ----AC---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-11-29 18:39:05 ----DC---- C:\WINDOWS\Prefetch
2010-11-29 18:38:57 ----RDC---- C:\Program Files
2010-11-29 18:31:31 ----DC---- C:\Program Files\Mozilla Firefox
2010-11-29 17:25:58 ----DC---- C:\WINDOWS
2010-11-29 15:48:34 ----ADC---- C:\WINDOWS\Temp
2010-11-29 15:32:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-29 15:26:04 ----DC---- C:\WINDOWS\system32
2010-11-29 15:21:30 ----DC---- C:\WINDOWS\pss
2010-11-28 23:50:59 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-11-28 19:01:15 ----DC---- C:\WINDOWS\system32\drivers\etc
2010-11-28 19:00:33 ----DC---- C:\WINDOWS\Debug
2010-11-28 11:52:43 ----DC---- C:\Program Files\Emilka Holubová - Montezumův poklad
2010-11-28 08:05:49 ----DC---- C:\WINDOWS\system32\drivers
2010-11-27 22:14:52 ----SHDC---- C:\WINDOWS\Installer
2010-11-27 22:10:32 ----HDC---- C:\WINDOWS\inf
2010-11-27 21:56:53 ----HDC---- C:\Program Files\InstallShield Installation Information
2010-11-26 09:10:30 ----SDC---- C:\WINDOWS\Tasks
2010-11-26 08:58:22 ----DC---- C:\WINDOWS\system32\CatRoot
2010-11-26 08:31:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-26 08:31:34 ----DC---- C:\WINDOWS\Media
2010-11-26 08:31:34 ----DC---- C:\WINDOWS\Help
2010-11-26 08:27:51 ----DC---- C:\Program Files\Internet Explorer
2010-11-26 08:26:34 ----AC---- C:\WINDOWS\imsins.BAK
2010-11-26 08:09:32 ----DC---- C:\Program Files\Google
2010-11-26 07:59:15 ----DC---- C:\WINDOWS\twain_32
2010-11-26 07:58:37 ----DC---- C:\Program Files\Common Files
2010-11-26 07:44:44 ----DC---- C:\Program Files\Photo Pos Pro
2010-11-26 07:35:49 ----AC---- C:\WINDOWS\win.ini
2010-11-25 22:22:34 ----DC---- C:\WINDOWS\system32\DirectX
2010-11-25 22:10:03 ----SDC---- C:\WINDOWS\Downloaded Program Files
2010-11-25 22:10:02 ----DC---- C:\Program Files\Common Files\InstallShield
2010-11-25 22:03:20 ----SDC---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-25 21:30:30 ----DC---- C:\Documents and Settings\Ladislav\Data aplikací\ICQ
2010-11-25 15:15:16 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-11-22 23:59:53 ----DC---- C:\Documents and Settings\Ladislav\Data aplikací\Skype
2010-11-20 18:24:30 ----DC---- C:\Program Files\PhotoposComTbr
2010-11-16 12:44:15 ----DC---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-11-16 12:44:14 ----DC---- C:\Program Files\DivX
2010-11-14 09:59:45 ----DC---- C:\Program Files\WinRAR
2010-11-12 22:41:52 ----DC---- C:\WINDOWS\WinSxS
2010-11-12 22:41:32 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-11-12 22:28:44 ----DC---- C:\Documents and Settings\Ladislav\Data aplikací\IObit
2010-11-05 18:52:13 ----DC---- C:\Documents and Settings\Ladislav\Data aplikací\skypePM
2010-11-02 16:11:27 ----DC---- C:\Program Files\ICQ7.0
2010-11-02 10:55:23 ----DC---- C:\Program Files\Java
2010-11-02 10:47:35 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-31 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-17 715248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 rifzerrn;rifzerrn; C:\WINDOWS\system32\drivers\rifzerrn.sys []
S2 vctxaium;vctxaium; C:\WINDOWS\system32\drivers\vctxaium.sys [2010-11-26 216]
S3 AF9035HB;AF9035 Hybrid Device; C:\WINDOWS\System32\Drivers\AF9035HB.sys [2010-09-23 863616]
S3 BLKWGU(Belkin);Belkin Wireless G USB Network Adapter(Belkin); C:\WINDOWS\system32\DRIVERS\BLKWGU.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Ladislav\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 mpfbzcvp;mpfbzcvp; \??\C:\WINDOWS\System32\Drivers\mpfbzcvp.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-04-27 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S3 xjonzzfj;xjonzzfj; \??\C:\WINDOWS\System32\Drivers\xjonzzfj.sys []
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []
S3 ZSMC0305;Vimicro USB PC Camera (VC0305); C:\WINDOWS\System32\Drivers\usbVM305.sys [2006-08-10 391737]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-12-31 247152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, mám nejspíš zavirovaný PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
Zdravim, pekny vecer preji a vitam Vas u nas na foru 
No havet tam mate a ne jednu 
Odinstalujte Advanced SystemCare 3 a nasledne i vse od IObit - jsou to cinske smejdy, na renomovanych serverech oznacovane jako spyware - navic na trhu jsou i free reseni a daleko lepsi
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
No havet tam mate a ne jednu Odinstalujte Advanced SystemCare 3 a nasledne i vse od IObit - jsou to cinske smejdy, na renomovanych serverech oznacovane jako spyware - navic na trhu jsou i free reseni a daleko lepsi Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- V zadnem pripade ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
ComboFix 10-11-29.01 - Ladislav 29.11.2010 19:12:12.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.639.279 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Ladislav\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\21.exe
C:\6164.exe
C:\Autorun.inf
C:\data
C:\data\WINDOWSDEFENDER.EXE
C:\Documents and Settings\Ladislav\secupdat.dat
C:\min32.exe
C:\WINDOWS\daemon.dll
C:\WINDOWS\system32\msconfig.exe
C:\WINDOWS\system32\secupdat.dat
C:\WINDOWS\VM305Cap.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-29 )))))))))))))))))))))))))))))))
.
2010-11-29 17:38:57 . 2010-11-29 17:39:15 -------- dc----w- C:\Program Files\trend micro
2010-11-29 17:38:56 . 2010-11-29 17:39:20 -------- dc----w- C:\rsit
2010-11-29 10:59:17 . 2006-12-13 03:12:38 407016 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe
2010-11-29 10:59:17 . 2006-12-13 03:12:37 14432 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
2010-11-29 10:59:17 . 2006-12-13 03:12:36 156520 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\fullsoft.dll
2010-11-29 10:59:17 . 2006-12-13 03:12:35 99816 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\BrandRes.dll
2010-11-28 07:05:49 . 2010-11-28 07:05:49 0 -c--a-w- C:\WINDOWS\system32\drivers\imsrdzgx.sys
2010-11-27 20:12:13 . 2010-11-27 20:12:13 0 -c--a-w- C:\WINDOWS\system32\drivers\btumjuor.sys
2010-11-27 19:04:00 . 2010-11-27 19:04:00 0 -c--a-w- C:\WINDOWS\system32\drivers\hprtwpsc.sys
2010-11-26 18:55:53 . 2010-11-26 18:55:53 0 -c--a-w- C:\WINDOWS\system32\drivers\kljccnyz.sys
2010-11-26 16:55:49 . 2010-11-26 16:55:49 0 -c--a-w- C:\WINDOWS\system32\drivers\mdkncdvm.sys
2010-11-26 14:55:47 . 2010-11-26 14:55:47 0 -c--a-w- C:\WINDOWS\system32\drivers\vwqorrif.sys
2010-11-26 07:58:58 . 2010-11-26 07:58:59 -------- dc----w- C:\73ffa2532a0a3ac4efa77de0
2010-11-26 07:35:18 . 2010-11-26 07:37:10 -------- dc----w- C:\c6de10370373a8a1f3eeff683d7a7d
2010-11-26 07:33:17 . 2010-11-26 07:33:30 216 -c--a-w- C:\WINDOWS\system32\drivers\vctxaium.sys
2010-11-26 06:30:21 . 2010-11-26 06:30:21 0 -c--a-w- C:\WINDOWS\system32\drivers\fvvifnyc.sys
2010-11-25 21:10:06 . 2000-10-31 11:00:00 307200 -c--a-w- C:\WINDOWS\vidcap32.Exe
2010-11-25 21:10:05 . 2006-10-11 17:40:12 57344 -c--a-w- C:\WINDOWS\Sti305.exe
2010-11-25 21:10:04 . 2010-11-26 06:59:15 -------- dc----w- C:\WINDOWS\CatRoot
2010-11-25 21:10:04 . 2010-11-26 06:59:14 -------- dc----w- C:\WINDOWS\EffectResources
2010-11-25 21:10:03 . 2010-11-26 06:59:14 -------- dc----w- C:\Program Files\Vimicro
2010-11-25 21:10:02 . 2002-07-25 16:06:52 282624 -c--a-w- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
2010-11-25 21:01:59 . 2006-06-28 16:39:38 49152 -c--a-w- C:\WINDOWS\VMSnap5.exe
2010-11-25 21:01:59 . 2005-08-05 17:36:24 81920 -c--a-w- C:\WINDOWS\system32\VM305Sti.dll
2010-11-25 21:01:58 . 2006-08-10 11:32:30 391737 -c--a-w- C:\WINDOWS\system32\drivers\usbVM305.sys
2010-11-25 21:01:58 . 2006-07-14 17:23:12 209041 -c--a-w- C:\WINDOWS\system32\VM305Prp.Ax
2010-11-22 18:49:21 . 2010-11-22 18:49:44 -------- dc----w- C:\Program Files\Montezumova pomsta
2010-11-22 15:14:36 . 2010-11-29 16:25:42 -------- dc----w- C:\Program Files\Ford Racing 3
2010-11-22 14:46:10 . 2010-11-24 18:50:06 -------- dc----w- C:\Program Files\formule
2010-11-20 17:29:16 . 2010-11-20 17:29:16 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\Badoo
2010-11-20 17:25:33 . 2010-11-20 17:25:33 -------- dc-h--w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\AlterGeo
2010-11-14 13:58:19 . 2010-11-14 13:58:19 -------- dc----w- C:\WINDOWS\Performance
2010-11-14 13:58:10 . 2010-11-14 13:58:10 -------- dc----w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\Microsoft Corporation
2010-11-14 13:57:39 . 2010-11-14 13:57:41 -------- dc----w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2010-11-13 16:00:48 . 2010-11-13 16:00:48 -------- dc----w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\Opera
2010-11-13 15:55:54 . 2010-11-26 07:10:12 -------- dc----w- C:\Program Files\Opera
2010-11-12 21:42:02 . 2010-09-07 15:52:03 165584 -c--a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-12 21:42:02 . 2010-09-07 15:47:07 17744 -c--a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-12 21:42:01 . 2010-09-07 15:47:46 23376 -c--a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-12 21:42:00 . 2010-09-07 15:52:25 46672 -c--a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-12 21:41:59 . 2010-09-07 15:47:19 100176 -c--a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-12 21:41:59 . 2010-09-07 15:47:16 94544 -c--a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-12 21:41:59 . 2010-09-07 15:46:51 28880 -c--a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-12 21:41:42 . 2010-09-07 16:12:17 38848 -c--a-w- C:\WINDOWS\avastSS.scr
2010-11-12 21:41:42 . 2010-09-07 16:11:54 167592 -c--a-w- C:\WINDOWS\system32\aswBoot.exe
2010-11-12 19:18:13 . 2010-11-12 19:18:16 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-11-12 19:17:09 . 2010-11-12 19:17:09 -------- dc----w- C:\Program Files\Lavasoft
2010-11-12 19:17:09 . 2010-11-12 19:17:09 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-11-11 18:58:48 . 2010-11-11 19:10:07 0 -c--a-w- C:\winscxs.exe
2010-11-10 11:22:06 . 2010-11-10 14:02:15 257 -c--a-w- C:\jshd.exe
2010-11-09 16:13:51 . 2010-11-09 16:13:51 256 -c--a-w- C:\2xhs.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51:33 . 2010-01-17 16:30:26 222080 -c----w- C:\WINDOWS\system32\MpSigStub.exe
2010-10-07 23:21:31 . 2010-10-25 15:57:05 6146896 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E1D9874-74A9-441F-846C-6123F9599297}\mpengine.dll
2010-10-07 23:21:31 . 2010-09-28 09:19:39 6146896 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-09-23 07:39:28 . 2010-09-23 07:39:52 863616 -c--a-w- C:\WINDOWS\system32\drivers\AF9035HB.sys
2010-09-18 10:23:38 . 2007-04-03 08:44:48 974848 -c--a-w- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 06:53:37 . 2008-04-14 08:51:46 974848 -c--a-w- C:\WINDOWS\system32\mfc42.dll
2010-09-18 06:53:37 . 2008-04-14 08:51:46 953856 -c--a-w- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 06:53:37 . 2001-10-25 16:00:00 954368 -c--a-w- C:\WINDOWS\system32\mfc40.dll
2010-09-15 03:50:37 . 2010-05-31 18:24:36 472808 -c--a-w- C:\WINDOWS\system32\deployJava1.dll
2010-09-15 01:29:49 . 2010-05-31 18:24:36 73728 -c--a-w- C:\WINDOWS\system32\javacpl.cpl
2010-09-09 22:52:57 . 2010-09-25 12:32:29 6084944 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{7BD00391-DAF0-463C-B763-CD4C11A2413E}\mpengine.dll
2010-09-09 22:52:57 . 2010-01-17 16:30:31 6084944 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-09-01 11:52:28 . 2008-04-14 08:37:56 285824 -c--a-w- C:\WINDOWS\system32\atmfd.dll
2010-09-01 07:57:41 . 2008-04-14 07:45:36 1852800 -c--a-w- C:\WINDOWS\system32\win32k.sys
2006-12-13 03:12:30 . 2010-11-26 07:12:27 66648 -c--a-w- C:\Program Files\mozilla firefox\components\jar50.dll
2006-12-13 03:12:31 . 2010-11-26 07:12:27 54352 -c--a-w- C:\Program Files\mozilla firefox\components\jsd3250.dll
2006-12-13 03:12:32 . 2010-11-26 07:12:27 34928 -c--a-w- C:\Program Files\mozilla firefox\components\myspell.dll
2006-12-13 03:12:33 . 2010-11-26 07:12:27 46696 -c--a-w- C:\Program Files\mozilla firefox\components\spellchk.dll
2006-12-13 03:12:34 . 2010-11-26 07:12:27 172120 -c--a-w- C:\Program Files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 00:10:32 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\atapi.sys
[-] 2008-04-14 00:10:32 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\atapi.sys
[-] 2008-04-14 00:27:28 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\asyncmac.sys
[-] 2008-04-14 00:27:28 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\asyncmac.sys
[-] 2001-10-25 16:00:00 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\dllcache\beep.sys
[-] 2001-10-25 16:00:00 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\beep.sys
[-] 2008-04-14 07:59:08 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\kbdclass.sys
[-] 2008-04-14 04:59:08 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\kbdclass.sys
[-] 2008-04-14 00:50:38 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ndis.sys
[-] 2008-04-14 00:50:38 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ndis.sys
[-] 2008-04-14 00:45:54 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\ntfs.sys
[-] 2008-04-14 00:45:54 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\drivers\ntfs.sys
[-] 2001-10-25 16:00:00 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\dllcache\null.sys
[-] 2001-10-25 16:00:00 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\null.sys
[-] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\tcpip.sys
[-] 2008-04-14 08:51:38 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\browser.dll
[-] 2008-04-14 08:51:38 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\browser.dll
[-] 2008-04-14 08:52:30 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\lsass.exe
[-] 2008-04-14 08:52:30 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\lsass.exe
[-] 2008-04-14 08:51:52 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\netman.dll
[-] 2008-04-14 08:51:52 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\netman.dll
[-] 2008-04-14 08:51:56 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\qmgr.dll
[-] 2008-04-14 08:51:56 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\qmgr.dll
[-] 2009-02-09 10:59:26 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 10:56:06 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\rpcss.dll
[-] 2009-02-09 10:56:06 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\rpcss.dll
[-] 2009-02-09 11:25:57 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\services.exe
[-] 2009-02-09 11:25:57 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\services.exe
[-] 2009-02-09 11:18:56 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 08:52:54 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe
[-] 2008-04-14 08:52:54 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\winlogon.exe
[-] 2008-04-14 08:51:40 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\cryptsvc.dll
[-] 2008-04-14 08:51:40 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:29:06 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\es.dll
[-] 2008-07-07 20:29:06 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\dllcache\es.dll
[-] 2008-07-07 20:25:38 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 08:51:44 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\imm32.dll
[-] 2008-04-14 08:51:44 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\imm32.dll
[-] 2009-03-21 14:09:02 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] . . C:\WINDOWS\system32\kernel32.dll
[-] 2009-03-21 14:09:02 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] . . C:\WINDOWS\system32\dllcache\kernel32.dll
[-] 2009-03-21 14:03:50 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)] . . C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 08:51:46 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\linkinfo.dll
[-] 2008-04-14 08:51:46 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\linkinfo.dll
[-] 2008-04-14 08:51:46 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\lpk.dll
[-] 2008-04-14 08:51:46 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\lpk.dll
[-] 2008-04-14 08:51:50 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\msvcrt.dll
[-] 2008-04-14 08:51:50 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\msvcrt.dll
[-] 2008-04-14 08:37:10 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2001-10-25 16:00:00 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-06-20 17:49:25 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\mswsock.dll
[-] 2008-06-20 17:49:25 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\mswsock.dll
[-] 2008-06-20 17:44:39 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 08:51:52 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\netlogon.dll
[-] 2008-04-14 08:51:52 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\netlogon.dll
[-] 2008-04-14 08:51:54 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\powrprof.dll
[-] 2008-04-14 08:51:54 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\powrprof.dll
[-] 2008-04-14 08:51:56 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\scecli.dll
[-] 2008-04-14 08:51:56 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\scecli.dll
[-] 2008-04-14 08:51:56 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfc.dll
[-] 2008-04-14 08:51:56 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\sfc.dll
[-] 2008-04-14 08:52:50 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\svchost.exe
[-] 2008-04-14 08:52:50 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\svchost.exe
[-] 2008-04-14 08:52:04 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\tapisrv.dll
[-] 2008-04-14 08:52:04 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\tapisrv.dll
[-] 2008-04-14 08:52:06 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll
[-] 2008-04-14 08:52:06 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\user32.dll
[-] 2008-04-14 08:52:52 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\userinit.exe
[-] 2008-04-14 08:52:52 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\userinit.exe
[-] 2008-04-14 08:52:08 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2_32.dll
[-] 2008-04-14 08:52:08 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ws2_32.dll
[-] 2008-04-14 08:52:08 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2help.dll
[-] 2008-04-14 08:52:08 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ws2help.dll
[-] 2008-04-14 08:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[-] 2008-04-14 08:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\explorer.exe
[-] 2008-04-14 08:52:04 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\srsvc.dll
[-] 2008-04-14 08:52:04 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\srsvc.dll
[-] 2008-04-14 08:52:56 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\wscntfy.exe
[-] 2008-04-14 08:52:56 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\wscntfy.exe
[-] 2008-04-14 08:52:10 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\xmlprov.dll
[-] 2008-04-14 08:52:10 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\xmlprov.dll
[-] 2008-04-14 08:51:42 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\eventlog.dll
[-] 2008-04-14 08:51:42 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\eventlog.dll
[-] 2008-04-27 10:22:40 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll
[-] 2008-04-14 08:52:18 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe
[-] 2008-04-14 08:52:18 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\ctfmon.exe
[-] 2008-04-14 08:51:56 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\shsvcs.dll
[-] 2008-04-14 08:51:56 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\shsvcs.dll
[-] 2008-04-14 08:51:56 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\regsvc.dll
[-] 2008-04-14 08:51:56 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\regsvc.dll
[-] 2008-04-14 08:51:56 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\schedsvc.dll
[-] 2008-04-14 08:51:56 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\schedsvc.dll
[-] 2008-04-14 08:52:04 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ssdpsrv.dll
[-] 2008-04-14 08:52:04 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ssdpsrv.dll
[-] 2008-04-14 08:52:04 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\termsrv.dll
[-] 2008-04-14 08:52:04 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\termsrv.dll
[-] 2008-04-14 08:51:38 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\appmgmts.dll
[-] 2008-04-14 08:51:38 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\appmgmts.dll
[-] 2001-10-25 16:00:00 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\system32\dllcache\acpiec.sys
[-] 2001-10-25 16:00:00 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\system32\drivers\acpiec.sys
[-] 2008-04-13 19:09:24 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\system32\dllcache\aec.sys
[-] 2008-04-13 19:09:24 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\system32\drivers\aec.sys
[-] 2008-04-14 00:23:36 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ip6fw.sys
[-] 2008-04-14 00:23:36 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ip6fw.sys
[-] 2008-04-14 08:51:50 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\msgsvc.dll
[-] 2008-04-14 08:51:50 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\msgsvc.dll
[-] 2008-04-27 11:19:33 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll
[-] 2008-04-27 11:19:33 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\dllcache\mspmsnsv.dll
[-] 2008-04-14 08:51:52 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . C:\WINDOWS\system32\ntmssvc.dll
[-] 2008-04-14 08:51:52 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . C:\WINDOWS\system32\dllcache\ntmssvc.dll
[-] 2008-04-14 08:52:06 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\upnphost.dll
[-] 2008-04-14 08:52:06 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\upnphost.dll
[-] 2008-04-14 08:51:42 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dsound.dll
[-] 2008-04-14 08:51:42 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\dsound.dll
[7] 2004-07-09 03:27:28 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
[-] 2008-04-14 08:51:40 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\d3d9.dll
[-] 2008-04-14 08:51:40 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\d3d9.dll
[-] 2008-04-14 08:51:40 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\ddraw.dll
[-] 2008-04-14 08:51:40 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\ddraw.dll
[7] 2004-07-09 03:27:28 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
[-] 2008-04-14 08:51:54 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\system32\olepro32.dll
[-] 2008-04-14 08:51:54 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\system32\dllcache\olepro32.dll
[-] 2008-04-14 08:51:54 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\perfctrs.dll
[-] 2008-04-14 08:51:54 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\perfctrs.dll
[-] 2008-04-14 08:52:06 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\version.dll
[-] 2008-04-14 08:52:06 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\version.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27:16 153136]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"Badoo Desktop"="C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe" [2010-10-29 12:55:50 983552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-03-17 19:53:36 421888]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 15:05:02 81920]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 09:44:46 248552]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 06:39:18 1164584]
"UpdatePDRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 20:16:16 222504]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 14:41:22 45056]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 02:47:04 35760]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 21:07:44 932288]
"avast5"="C:\Program Files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 16:12:02 2838912]
"VMSnap5"="C:\WINDOWS\VMSnap5.EXE" [2006-06-28 16:39:38 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 08:52:18 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07:44 932288 -c--a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47:04 35760 -c--a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39:18 1164584 -c--a-w- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52:38 1695232 -c----w- C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57:24 153136 -c--a-w- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08:54 2512392 -c--a-w- C:\WINDOWS\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-12-04 10:34:44 406016 -c--a-w- C:\WINDOWS\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 14:28:22 577536 -c--a-w- C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 18:20:12 866584 -c--a-w- C:\Program Files\Windows Defender\MSASCui.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\ICQ7.0\\ICQ.exe"=
"C:\\Program Files\\ICQ7.0\\aolload.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Rockstar Games\\counter-strike 1.6\\hl.exe"=
"C:\\Program Files\\ToCA Race Driver\\RaceDriver.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\formule\\f1_2000.exe"=
"C:\\Program Files\\Ford Racing 3\\fr3.exe"=
R0 d347bus;d347bus;C:\WINDOWS\system32\drivers\d347bus.sys [29.7.2010 12:41:36 155136]
R0 d347prt;d347prt;C:\WINDOWS\system32\drivers\d347prt.sys [29.7.2010 12:41:36 5248]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [17.1.2010 16:17:16 715248]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [12.11.2010 22:42:02 165584]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [12.11.2010 22:42:02 17744]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [18.1.2010 17:02:52 246520]
S2 rifzerrn;rifzerrn; [x]
S2 vctxaium;vctxaium;C:\WINDOWS\system32\drivers\vctxaium.sys [26.11.2010 8:33:17 216]
S2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [3.11.2006 19:19:58 13592]
S3 AF9035HB;AF9035 Hybrid Device;C:\WINDOWS\system32\drivers\AF9035HB.sys [23.9.2010 8:39:52 863616]
S3 mpfbzcvp;mpfbzcvp;\??\C:\WINDOWS\System32\Drivers\mpfbzcvp.sys --> C:\WINDOWS\System32\Drivers\mpfbzcvp.sys [?]
S3 xjonzzfj;xjonzzfj;\??\C:\WINDOWS\System32\Drivers\xjonzzfj.sys --> C:\WINDOWS\System32\Drivers\xjonzzfj.sys [?]
S3 ZSMC0305;Vimicro USB PC Camera (VC0305);C:\WINDOWS\system32\drivers\usbVM305.sys [25.11.2010 22:01:58 391737]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-22 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34:12 . 2008-07-30 10:34:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://googleure.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - C:\Documents and Settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: C:\Documents and Settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\components\dtTransparency.dll
FF - component: C:\Program Files\Mozilla Firefox\components\xpinstal.dll
FF - plugin: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-SmartRAM - C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
MSConfigStartUp-Corel File Shell Monitor - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSConfigStartUp-Corel Photo Downloader - C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe
hotovo
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.639.279 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Ladislav\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\21.exe
C:\6164.exe
C:\Autorun.inf
C:\data
C:\data\WINDOWSDEFENDER.EXE
C:\Documents and Settings\Ladislav\secupdat.dat
C:\min32.exe
C:\WINDOWS\daemon.dll
C:\WINDOWS\system32\msconfig.exe
C:\WINDOWS\system32\secupdat.dat
C:\WINDOWS\VM305Cap.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-29 )))))))))))))))))))))))))))))))
.
2010-11-29 17:38:57 . 2010-11-29 17:39:15 -------- dc----w- C:\Program Files\trend micro
2010-11-29 17:38:56 . 2010-11-29 17:39:20 -------- dc----w- C:\rsit
2010-11-29 10:59:17 . 2006-12-13 03:12:38 407016 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe
2010-11-29 10:59:17 . 2006-12-13 03:12:37 14432 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
2010-11-29 10:59:17 . 2006-12-13 03:12:36 156520 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\fullsoft.dll
2010-11-29 10:59:17 . 2006-12-13 03:12:35 99816 -c--a-w- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org\components\BrandRes.dll
2010-11-28 07:05:49 . 2010-11-28 07:05:49 0 -c--a-w- C:\WINDOWS\system32\drivers\imsrdzgx.sys
2010-11-27 20:12:13 . 2010-11-27 20:12:13 0 -c--a-w- C:\WINDOWS\system32\drivers\btumjuor.sys
2010-11-27 19:04:00 . 2010-11-27 19:04:00 0 -c--a-w- C:\WINDOWS\system32\drivers\hprtwpsc.sys
2010-11-26 18:55:53 . 2010-11-26 18:55:53 0 -c--a-w- C:\WINDOWS\system32\drivers\kljccnyz.sys
2010-11-26 16:55:49 . 2010-11-26 16:55:49 0 -c--a-w- C:\WINDOWS\system32\drivers\mdkncdvm.sys
2010-11-26 14:55:47 . 2010-11-26 14:55:47 0 -c--a-w- C:\WINDOWS\system32\drivers\vwqorrif.sys
2010-11-26 07:58:58 . 2010-11-26 07:58:59 -------- dc----w- C:\73ffa2532a0a3ac4efa77de0
2010-11-26 07:35:18 . 2010-11-26 07:37:10 -------- dc----w- C:\c6de10370373a8a1f3eeff683d7a7d
2010-11-26 07:33:17 . 2010-11-26 07:33:30 216 -c--a-w- C:\WINDOWS\system32\drivers\vctxaium.sys
2010-11-26 06:30:21 . 2010-11-26 06:30:21 0 -c--a-w- C:\WINDOWS\system32\drivers\fvvifnyc.sys
2010-11-25 21:10:06 . 2000-10-31 11:00:00 307200 -c--a-w- C:\WINDOWS\vidcap32.Exe
2010-11-25 21:10:05 . 2006-10-11 17:40:12 57344 -c--a-w- C:\WINDOWS\Sti305.exe
2010-11-25 21:10:04 . 2010-11-26 06:59:15 -------- dc----w- C:\WINDOWS\CatRoot
2010-11-25 21:10:04 . 2010-11-26 06:59:14 -------- dc----w- C:\WINDOWS\EffectResources
2010-11-25 21:10:03 . 2010-11-26 06:59:14 -------- dc----w- C:\Program Files\Vimicro
2010-11-25 21:10:02 . 2002-07-25 16:06:52 282624 -c--a-w- C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
2010-11-25 21:01:59 . 2006-06-28 16:39:38 49152 -c--a-w- C:\WINDOWS\VMSnap5.exe
2010-11-25 21:01:59 . 2005-08-05 17:36:24 81920 -c--a-w- C:\WINDOWS\system32\VM305Sti.dll
2010-11-25 21:01:58 . 2006-08-10 11:32:30 391737 -c--a-w- C:\WINDOWS\system32\drivers\usbVM305.sys
2010-11-25 21:01:58 . 2006-07-14 17:23:12 209041 -c--a-w- C:\WINDOWS\system32\VM305Prp.Ax
2010-11-22 18:49:21 . 2010-11-22 18:49:44 -------- dc----w- C:\Program Files\Montezumova pomsta
2010-11-22 15:14:36 . 2010-11-29 16:25:42 -------- dc----w- C:\Program Files\Ford Racing 3
2010-11-22 14:46:10 . 2010-11-24 18:50:06 -------- dc----w- C:\Program Files\formule
2010-11-20 17:29:16 . 2010-11-20 17:29:16 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\Badoo
2010-11-20 17:25:33 . 2010-11-20 17:25:33 -------- dc-h--w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\AlterGeo
2010-11-14 13:58:19 . 2010-11-14 13:58:19 -------- dc----w- C:\WINDOWS\Performance
2010-11-14 13:58:10 . 2010-11-14 13:58:10 -------- dc----w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\Microsoft Corporation
2010-11-14 13:57:39 . 2010-11-14 13:57:41 -------- dc----w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2010-11-13 16:00:48 . 2010-11-13 16:00:48 -------- dc----w- C:\Documents and Settings\Ladislav\Local Settings\Data aplikací\Opera
2010-11-13 15:55:54 . 2010-11-26 07:10:12 -------- dc----w- C:\Program Files\Opera
2010-11-12 21:42:02 . 2010-09-07 15:52:03 165584 -c--a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2010-11-12 21:42:02 . 2010-09-07 15:47:07 17744 -c--a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-11-12 21:42:01 . 2010-09-07 15:47:46 23376 -c--a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-11-12 21:42:00 . 2010-09-07 15:52:25 46672 -c--a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-11-12 21:41:59 . 2010-09-07 15:47:19 100176 -c--a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-11-12 21:41:59 . 2010-09-07 15:47:16 94544 -c--a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2010-11-12 21:41:59 . 2010-09-07 15:46:51 28880 -c--a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-11-12 21:41:42 . 2010-09-07 16:12:17 38848 -c--a-w- C:\WINDOWS\avastSS.scr
2010-11-12 21:41:42 . 2010-09-07 16:11:54 167592 -c--a-w- C:\WINDOWS\system32\aswBoot.exe
2010-11-12 19:18:13 . 2010-11-12 19:18:16 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-11-12 19:17:09 . 2010-11-12 19:17:09 -------- dc----w- C:\Program Files\Lavasoft
2010-11-12 19:17:09 . 2010-11-12 19:17:09 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-11-11 18:58:48 . 2010-11-11 19:10:07 0 -c--a-w- C:\winscxs.exe
2010-11-10 11:22:06 . 2010-11-10 14:02:15 257 -c--a-w- C:\jshd.exe
2010-11-09 16:13:51 . 2010-11-09 16:13:51 256 -c--a-w- C:\2xhs.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51:33 . 2010-01-17 16:30:26 222080 -c----w- C:\WINDOWS\system32\MpSigStub.exe
2010-10-07 23:21:31 . 2010-10-25 15:57:05 6146896 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2E1D9874-74A9-441F-846C-6123F9599297}\mpengine.dll
2010-10-07 23:21:31 . 2010-09-28 09:19:39 6146896 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-09-23 07:39:28 . 2010-09-23 07:39:52 863616 -c--a-w- C:\WINDOWS\system32\drivers\AF9035HB.sys
2010-09-18 10:23:38 . 2007-04-03 08:44:48 974848 -c--a-w- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 06:53:37 . 2008-04-14 08:51:46 974848 -c--a-w- C:\WINDOWS\system32\mfc42.dll
2010-09-18 06:53:37 . 2008-04-14 08:51:46 953856 -c--a-w- C:\WINDOWS\system32\mfc40u.dll
2010-09-18 06:53:37 . 2001-10-25 16:00:00 954368 -c--a-w- C:\WINDOWS\system32\mfc40.dll
2010-09-15 03:50:37 . 2010-05-31 18:24:36 472808 -c--a-w- C:\WINDOWS\system32\deployJava1.dll
2010-09-15 01:29:49 . 2010-05-31 18:24:36 73728 -c--a-w- C:\WINDOWS\system32\javacpl.cpl
2010-09-09 22:52:57 . 2010-09-25 12:32:29 6084944 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{7BD00391-DAF0-463C-B763-CD4C11A2413E}\mpengine.dll
2010-09-09 22:52:57 . 2010-01-17 16:30:31 6084944 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-09-01 11:52:28 . 2008-04-14 08:37:56 285824 -c--a-w- C:\WINDOWS\system32\atmfd.dll
2010-09-01 07:57:41 . 2008-04-14 07:45:36 1852800 -c--a-w- C:\WINDOWS\system32\win32k.sys
2006-12-13 03:12:30 . 2010-11-26 07:12:27 66648 -c--a-w- C:\Program Files\mozilla firefox\components\jar50.dll
2006-12-13 03:12:31 . 2010-11-26 07:12:27 54352 -c--a-w- C:\Program Files\mozilla firefox\components\jsd3250.dll
2006-12-13 03:12:32 . 2010-11-26 07:12:27 34928 -c--a-w- C:\Program Files\mozilla firefox\components\myspell.dll
2006-12-13 03:12:33 . 2010-11-26 07:12:27 46696 -c--a-w- C:\Program Files\mozilla firefox\components\spellchk.dll
2006-12-13 03:12:34 . 2010-11-26 07:12:27 172120 -c--a-w- C:\Program Files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 00:10:32 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\atapi.sys
[-] 2008-04-14 00:10:32 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\atapi.sys
[-] 2008-04-14 00:27:28 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\asyncmac.sys
[-] 2008-04-14 00:27:28 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\asyncmac.sys
[-] 2001-10-25 16:00:00 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\dllcache\beep.sys
[-] 2001-10-25 16:00:00 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\beep.sys
[-] 2008-04-14 07:59:08 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\kbdclass.sys
[-] 2008-04-14 04:59:08 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\drivers\kbdclass.sys
[-] 2008-04-14 00:50:38 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ndis.sys
[-] 2008-04-14 00:50:38 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ndis.sys
[-] 2008-04-14 00:45:54 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\ntfs.sys
[-] 2008-04-14 00:45:54 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\drivers\ntfs.sys
[-] 2001-10-25 16:00:00 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\dllcache\null.sys
[-] 2001-10-25 16:00:00 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0 (XPClient.010817-1148)] . . C:\WINDOWS\system32\drivers\null.sys
[-] 2008-06-20 11:59:02 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51:12 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\drivers\tcpip.sys
[-] 2008-04-14 08:51:38 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\browser.dll
[-] 2008-04-14 08:51:38 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\browser.dll
[-] 2008-04-14 08:52:30 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\lsass.exe
[-] 2008-04-14 08:52:30 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\lsass.exe
[-] 2008-04-14 08:51:52 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\netman.dll
[-] 2008-04-14 08:51:52 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\netman.dll
[-] 2008-04-14 08:51:56 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\qmgr.dll
[-] 2008-04-14 08:51:56 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\qmgr.dll
[-] 2009-02-09 10:59:26 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 10:56:06 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\rpcss.dll
[-] 2009-02-09 10:56:06 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\rpcss.dll
[-] 2009-02-09 11:25:57 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\services.exe
[-] 2009-02-09 11:25:57 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] . . C:\WINDOWS\system32\dllcache\services.exe
[-] 2009-02-09 11:18:56 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] . . C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 08:52:54 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\winlogon.exe
[-] 2008-04-14 08:52:54 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\winlogon.exe
[-] 2008-04-14 08:51:40 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\cryptsvc.dll
[-] 2008-04-14 08:51:40 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:29:06 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\es.dll
[-] 2008-07-07 20:29:06 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\system32\dllcache\es.dll
[-] 2008-07-07 20:25:38 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 08:51:44 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\imm32.dll
[-] 2008-04-14 08:51:44 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\imm32.dll
[-] 2009-03-21 14:09:02 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] . . C:\WINDOWS\system32\kernel32.dll
[-] 2009-03-21 14:09:02 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] . . C:\WINDOWS\system32\dllcache\kernel32.dll
[-] 2009-03-21 14:03:50 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781 (xpsp_sp3_qfe.090321-1341)] . . C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 08:51:46 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\linkinfo.dll
[-] 2008-04-14 08:51:46 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\linkinfo.dll
[-] 2008-04-14 08:51:46 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\lpk.dll
[-] 2008-04-14 08:51:46 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\lpk.dll
[-] 2008-04-14 08:51:50 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\msvcrt.dll
[-] 2008-04-14 08:51:50 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\msvcrt.dll
[-] 2008-04-14 08:37:10 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2001-10-25 16:00:00 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-06-20 17:49:25 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\mswsock.dll
[-] 2008-06-20 17:49:25 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] . . C:\WINDOWS\system32\dllcache\mswsock.dll
[-] 2008-06-20 17:44:39 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] . . C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 08:51:52 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\netlogon.dll
[-] 2008-04-14 08:51:52 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\netlogon.dll
[-] 2008-04-14 08:51:54 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\powrprof.dll
[-] 2008-04-14 08:51:54 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\powrprof.dll
[-] 2008-04-14 08:51:56 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\scecli.dll
[-] 2008-04-14 08:51:56 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\scecli.dll
[-] 2008-04-14 08:51:56 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfc.dll
[-] 2008-04-14 08:51:56 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\sfc.dll
[-] 2008-04-14 08:52:50 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\svchost.exe
[-] 2008-04-14 08:52:50 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\svchost.exe
[-] 2008-04-14 08:52:04 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\tapisrv.dll
[-] 2008-04-14 08:52:04 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\tapisrv.dll
[-] 2008-04-14 08:52:06 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\user32.dll
[-] 2008-04-14 08:52:06 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\user32.dll
[-] 2008-04-14 08:52:52 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\userinit.exe
[-] 2008-04-14 08:52:52 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\userinit.exe
[-] 2008-04-14 08:52:08 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2_32.dll
[-] 2008-04-14 08:52:08 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ws2_32.dll
[-] 2008-04-14 08:52:08 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ws2help.dll
[-] 2008-04-14 08:52:08 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ws2help.dll
[-] 2008-04-14 08:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\explorer.exe
[-] 2008-04-14 08:52:24 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\explorer.exe
[-] 2008-04-14 08:52:04 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\srsvc.dll
[-] 2008-04-14 08:52:04 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\srsvc.dll
[-] 2008-04-14 08:52:56 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\wscntfy.exe
[-] 2008-04-14 08:52:56 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\wscntfy.exe
[-] 2008-04-14 08:52:10 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\xmlprov.dll
[-] 2008-04-14 08:52:10 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\xmlprov.dll
[-] 2008-04-14 08:51:42 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\eventlog.dll
[-] 2008-04-14 08:51:42 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\eventlog.dll
[-] 2008-04-27 10:22:40 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\sfcfiles.dll
[-] 2008-04-14 08:52:18 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\ctfmon.exe
[-] 2008-04-14 08:52:18 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\ctfmon.exe
[-] 2008-04-14 08:51:56 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\shsvcs.dll
[-] 2008-04-14 08:51:56 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\shsvcs.dll
[-] 2008-04-14 08:51:56 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\regsvc.dll
[-] 2008-04-14 08:51:56 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\regsvc.dll
[-] 2008-04-14 08:51:56 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\schedsvc.dll
[-] 2008-04-14 08:51:56 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512 (xpsp.080413-2108)] . . C:\WINDOWS\system32\dllcache\schedsvc.dll
[-] 2008-04-14 08:52:04 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\ssdpsrv.dll
[-] 2008-04-14 08:52:04 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ssdpsrv.dll
[-] 2008-04-14 08:52:04 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\termsrv.dll
[-] 2008-04-14 08:52:04 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\termsrv.dll
[-] 2008-04-14 08:51:38 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\appmgmts.dll
[-] 2008-04-14 08:51:38 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\appmgmts.dll
[-] 2001-10-25 16:00:00 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\system32\dllcache\acpiec.sys
[-] 2001-10-25 16:00:00 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0 (xpclient.010817-1148)] . . C:\WINDOWS\system32\drivers\acpiec.sys
[-] 2008-04-13 19:09:24 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\system32\dllcache\aec.sys
[-] 2008-04-13 19:09:24 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . C:\WINDOWS\system32\drivers\aec.sys
[-] 2008-04-14 00:23:36 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\ip6fw.sys
[-] 2008-04-14 00:23:36 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\drivers\ip6fw.sys
[-] 2008-04-14 08:51:50 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\msgsvc.dll
[-] 2008-04-14 08:51:50 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512 (xpsp.080413-2113)] . . C:\WINDOWS\system32\dllcache\msgsvc.dll
[-] 2008-04-27 11:19:33 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\mspmsnsv.dll
[-] 2008-04-27 11:19:33 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . C:\WINDOWS\system32\dllcache\mspmsnsv.dll
[-] 2008-04-14 08:51:52 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . C:\WINDOWS\system32\ntmssvc.dll
[-] 2008-04-14 08:51:52 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . C:\WINDOWS\system32\dllcache\ntmssvc.dll
[-] 2008-04-14 08:52:06 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\upnphost.dll
[-] 2008-04-14 08:52:06 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512 (xpsp.080413-0852)] . . C:\WINDOWS\system32\dllcache\upnphost.dll
[-] 2008-04-14 08:51:42 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dsound.dll
[-] 2008-04-14 08:51:42 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\dsound.dll
[7] 2004-07-09 03:27:28 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
[-] 2008-04-14 08:51:40 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\d3d9.dll
[-] 2008-04-14 08:51:40 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\d3d9.dll
[-] 2008-04-14 08:51:40 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\ddraw.dll
[-] 2008-04-14 08:51:40 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512 (xpsp.080413-0845)] . . C:\WINDOWS\system32\dllcache\ddraw.dll
[7] 2004-07-09 03:27:28 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
[-] 2008-04-14 08:51:54 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\system32\olepro32.dll
[-] 2008-04-14 08:51:54 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . C:\WINDOWS\system32\dllcache\olepro32.dll
[-] 2008-04-14 08:51:54 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\perfctrs.dll
[-] 2008-04-14 08:51:54 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS\system32\dllcache\perfctrs.dll
[-] 2008-04-14 08:52:06 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\version.dll
[-] 2008-04-14 08:52:06 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512 (xpsp.080413-2105)] . . C:\WINDOWS\system32\dllcache\version.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27:16 153136]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 11:58:52 495616]
"Badoo Desktop"="C:\Documents and Settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe" [2010-10-29 12:55:50 983552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2010-03-17 19:53:36 421888]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 15:05:02 81920]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 09:44:46 248552]
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 06:39:18 1164584]
"UpdatePDRShortCut"="C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 20:16:16 222504]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 14:41:22 45056]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 02:47:04 35760]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 21:07:44 932288]
"avast5"="C:\Program Files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 16:12:02 2838912]
"VMSnap5"="C:\WINDOWS\VMSnap5.EXE" [2006-06-28 16:39:38 49152]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 08:52:18 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07:44 932288 -c--a-r- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47:04 35760 -c--a-w- C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-01 06:39:18 1164584 -c--a-w- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52:38 1695232 -c----w- C:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57:24 153136 -c--a-w- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08:54 2512392 -c--a-w- C:\WINDOWS\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-12-04 10:34:44 406016 -c--a-w- C:\WINDOWS\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 14:28:22 577536 -c--a-w- C:\WINDOWS\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 18:20:12 866584 -c--a-w- C:\Program Files\Windows Defender\MSASCui.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6.5\\ICQ.exe"=
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"C:\\Program Files\\ICQ7.0\\ICQ.exe"=
"C:\\Program Files\\ICQ7.0\\aolload.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Rockstar Games\\counter-strike 1.6\\hl.exe"=
"C:\\Program Files\\ToCA Race Driver\\RaceDriver.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\formule\\f1_2000.exe"=
"C:\\Program Files\\Ford Racing 3\\fr3.exe"=
R0 d347bus;d347bus;C:\WINDOWS\system32\drivers\d347bus.sys [29.7.2010 12:41:36 155136]
R0 d347prt;d347prt;C:\WINDOWS\system32\drivers\d347prt.sys [29.7.2010 12:41:36 5248]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [17.1.2010 16:17:16 715248]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [12.11.2010 22:42:02 165584]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [12.11.2010 22:42:02 17744]
R2 ICQ Service;ICQ Service;C:\Program Files\ICQ6Toolbar\ICQ Service.exe [18.1.2010 17:02:52 246520]
S2 rifzerrn;rifzerrn; [x]
S2 vctxaium;vctxaium;C:\WINDOWS\system32\drivers\vctxaium.sys [26.11.2010 8:33:17 216]
S2 WinDefend;Windows Defender;C:\Program Files\Windows Defender\MsMpEng.exe [3.11.2006 19:19:58 13592]
S3 AF9035HB;AF9035 Hybrid Device;C:\WINDOWS\system32\drivers\AF9035HB.sys [23.9.2010 8:39:52 863616]
S3 mpfbzcvp;mpfbzcvp;\??\C:\WINDOWS\System32\Drivers\mpfbzcvp.sys --> C:\WINDOWS\System32\Drivers\mpfbzcvp.sys [?]
S3 xjonzzfj;xjonzzfj;\??\C:\WINDOWS\System32\Drivers\xjonzzfj.sys --> C:\WINDOWS\System32\Drivers\xjonzzfj.sys [?]
S3 ZSMC0305;Vimicro USB PC Camera (VC0305);C:\WINDOWS\system32\drivers\usbVM305.sys [25.11.2010 22:01:58 391737]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-22 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34:12 . 2008-07-30 10:34:12]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://googleure.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - C:\Documents and Settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: C:\Documents and Settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\components\dtTransparency.dll
FF - component: C:\Program Files\Mozilla Firefox\components\xpinstal.dll
FF - plugin: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-SmartRAM - C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
MSConfigStartUp-Corel File Shell Monitor - C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSConfigStartUp-Corel Photo Downloader - C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
MSConfigStartUp-WinampAgent - C:\Program Files\Winamp\winampa.exe
hotovo
Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
Prejmenujte ComboFix na Beruska.com Pokud nemate, tak presunte Combofix (Berusku) na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Collect:: C:\WINDOWS\system32\drivers\imsrdzgx.sys C:\WINDOWS\system32\drivers\btumjuor.sys C:\WINDOWS\system32\drivers\hprtwpsc.sys C:\WINDOWS\system32\drivers\kljccnyz.sys C:\WINDOWS\system32\drivers\mdkncdvm.sys C:\WINDOWS\system32\drivers\vwqorrif.sys c:\WINDOWS\system32\drivers\vctxaium.sys C:\WINDOWS\system32\drivers\fvvifnyc.sys C:\WINDOWS\vidcap32.Exe C:\winscxs.exe C:\jshd.exe C:\2xhs.exe Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- "RocketDock"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=- "DAEMON Tools-1033"=- "SunJavaUpdateSched"=- "DivXUpdate"=- "UpdatePDRShortCut"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] Driver:: ICQ Service rifzerrn vctxaium mpfbzcvp xjonzzfj File:: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job Folder:: C:\Program Files\ICQ6Toolbar DDS:: uStart Page = hxxp://googleure.com- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix (Berusku) a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
ComboFix 10-11-29.01 - Ladislav 29.11.2010 20:01:15.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.639.287 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ladislav\Plocha\Beruska.com
Použité ovládací přepínače :: c:\docume~1\Ladislav\Plocha\CFScript.txt
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"
file zipped: C:\2xhs.exe
file zipped: C:\jshd.exe
file zipped: c:\windows\system32\drivers\btumjuor.sys
file zipped: c:\windows\system32\drivers\fvvifnyc.sys
file zipped: c:\windows\system32\drivers\hprtwpsc.sys
file zipped: c:\windows\system32\drivers\imsrdzgx.sys
file zipped: c:\windows\system32\drivers\kljccnyz.sys
file zipped: c:\windows\system32\drivers\mdkncdvm.sys
file zipped: c:\windows\system32\drivers\vctxaium.sys
file zipped: c:\windows\system32\drivers\vwqorrif.sys
file zipped: c:\windows\vidcap32.Exe
file zipped: C:\winscxs.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\2xhs.exe
C:\jshd.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\install_semcz_icq65.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\drivers\btumjuor.sys
c:\windows\system32\drivers\fvvifnyc.sys
c:\windows\system32\drivers\hprtwpsc.sys
c:\windows\system32\drivers\imsrdzgx.sys
c:\windows\system32\drivers\kljccnyz.sys
c:\windows\system32\drivers\mdkncdvm.sys
c:\windows\system32\drivers\vctxaium.sys
c:\windows\system32\drivers\vwqorrif.sys
c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\vidcap32.Exe
C:\winscxs.exe
.
---- Předchozí spuštění -------
.
C:\21.exe
C:\6164.exe
C:\Autorun.inf
c:\data\WINDOWSDEFENDER.EXE
c:\documents and settings\Ladislav\secupdat.dat
C:\min32.exe
c:\windows\daemon.dll
c:\windows\system32\msconfig.exe
c:\windows\system32\secupdat.dat
c:\windows\VM305Cap.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_mpfbzcvp
-------\Service_rifzerrn
-------\Service_vctxaium
-------\Service_xjonzzfj
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-29 )))))))))))))))))))))))))))))))
.
2010-11-29 18:48 . 2010-11-09 19:33 6273872 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7B38B680-F371-4F06-BE54-AC0D127C5F89}\mpengine.dll
2010-11-29 18:45 . 2010-11-29 18:45 -------- dc----w- c:\program files\Microsoft Security Essentials
2010-11-29 17:38 . 2010-11-29 17:39 -------- dc----w- c:\program files\trend micro
2010-11-29 17:38 . 2010-11-29 17:39 -------- dc----w- C:\rsit
2010-11-29 10:59 . 2006-12-13 03:12 407016 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe
2010-11-29 10:59 . 2006-12-13 03:12 14432 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
2010-11-29 10:59 . 2006-12-13 03:12 156520 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\fullsoft.dll
2010-11-29 10:59 . 2006-12-13 03:12 99816 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\BrandRes.dll
2010-11-26 07:58 . 2010-11-26 07:58 -------- dc----w- C:\73ffa2532a0a3ac4efa77de0
2010-11-26 07:35 . 2010-11-26 07:37 -------- dc----w- C:\c6de10370373a8a1f3eeff683d7a7d
2010-11-25 21:10 . 2006-10-11 17:40 57344 -c--a-w- c:\windows\Sti305.exe
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\windows\CatRoot
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\windows\EffectResources
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\program files\Vimicro
2010-11-25 21:10 . 2002-07-25 16:06 282624 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2010-11-25 21:01 . 2006-06-28 16:39 49152 -c--a-w- c:\windows\VMSnap5.exe
2010-11-25 21:01 . 2005-08-05 17:36 81920 -c--a-w- c:\windows\system32\VM305Sti.dll
2010-11-25 21:01 . 2006-08-10 11:32 391737 -c--a-w- c:\windows\system32\drivers\usbVM305.sys
2010-11-25 21:01 . 2006-07-14 17:23 209041 -c--a-w- c:\windows\system32\VM305Prp.Ax
2010-11-22 18:49 . 2010-11-22 18:49 -------- dc----w- c:\program files\Montezumova pomsta
2010-11-22 15:14 . 2010-11-29 16:25 -------- dc----w- c:\program files\Ford Racing 3
2010-11-22 14:46 . 2010-11-24 18:50 -------- dc----w- c:\program files\formule
2010-11-20 17:29 . 2010-11-20 17:29 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Badoo
2010-11-20 17:25 . 2010-11-20 17:25 -------- dc-h--w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\AlterGeo
2010-11-14 13:58 . 2010-11-14 13:58 -------- dc----w- c:\windows\Performance
2010-11-14 13:58 . 2010-11-14 13:58 -------- dc----w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\Microsoft Corporation
2010-11-13 16:00 . 2010-11-13 16:00 -------- dc----w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\Opera
2010-11-13 15:55 . 2010-11-26 07:10 -------- dc----w- c:\program files\Opera
2010-11-12 19:18 . 2010-11-12 19:18 -------- dc----w- c:\documents and settings\All Users\Data aplikací\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-11-12 19:17 . 2010-11-12 19:17 -------- dc----w- c:\program files\Lavasoft
2010-11-12 19:17 . 2010-11-12 19:17 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2010-01-17 16:30 222080 -c----w- c:\windows\system32\MpSigStub.exe
2010-09-23 07:39 . 2010-09-23 07:39 863616 -c--a-w- c:\windows\system32\drivers\AF9035HB.sys
2010-09-18 10:23 . 2007-04-03 08:44 974848 -c--a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 08:51 974848 -c--a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 08:51 953856 -c--a-w- c:\windows\system32\mfc40u.dll
2010-09-18 06:53 . 2001-10-25 16:00 954368 -c--a-w- c:\windows\system32\mfc40.dll
2010-09-15 03:50 . 2010-05-31 18:24 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2010-05-31 18:24 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2010-09-09 22:52 . 2010-09-25 12:32 6084944 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{7BD00391-DAF0-463C-B763-CD4C11A2413E}\mpengine.dll
2010-09-09 22:52 . 2010-01-17 16:30 6084944 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-09-01 11:52 . 2008-04-14 08:37 285824 -c--a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 07:45 1852800 -c--a-w- c:\windows\system32\win32k.sys
2006-12-13 03:12 . 2010-11-26 07:12 66648 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-12-13 03:12 . 2010-11-26 07:12 54352 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-12-13 03:12 . 2010-11-26 07:12 34928 -c--a-w- c:\program files\mozilla firefox\components\myspell.dll
2006-12-13 03:12 . 2010-11-26 07:12 46696 -c--a-w- c:\program files\mozilla firefox\components\spellchk.dll
2006-12-13 03:12 . 2010-11-26 07:12 172120 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-13 19:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 19:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
[-] 2008-04-27 11:19 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-27 11:19 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2008-04-14 08:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 08:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
[7] 2004-07-09 03:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
[7] 2004-07-09 03:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
[-] 2008-04-14 08:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 08:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-11-29_18.24.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-29 19:12 . 2010-11-29 19:12 16384 c:\windows\Temp\Perflib_Perfdata_124.dat
+ 2010-11-29 18:45 . 2010-11-29 18:45 47104 c:\windows\Installer\109423.msi
+ 2010-03-25 20:30 . 2010-03-25 20:30 151216 c:\windows\system32\drivers\MpFilter.sys
- 2010-03-25 19:30 . 2010-03-25 19:30 151216 c:\windows\system32\drivers\MpFilter.sys
+ 2010-11-29 18:45 . 2010-11-29 18:45 272384 c:\windows\Installer\10941a.msi
+ 2010-11-29 18:45 . 2010-11-29 18:45 264192 c:\windows\Installer\109414.msi
+ 2010-11-29 18:45 . 2010-11-29 18:45 301056 c:\windows\Installer\10940e.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [BU]
"Badoo Desktop"="c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe" [2010-10-29 983552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"VMSnap5"="c:\windows\VMSnap5.EXE" [2006-06-28 49152]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 -c--a-w- c:\windows\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-12-04 10:34 406016 -c--a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 14:28 577536 -c--a-w- c:\windows\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
c:\program files\Winamp\winampa.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 18:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Rockstar Games\\counter-strike 1.6\\hl.exe"=
"c:\\Program Files\\ToCA Race Driver\\RaceDriver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\formule\\f1_2000.exe"=
"c:\\Program Files\\Ford Racing 3\\fr3.exe"=
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [29.7.2010 12:41 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [29.7.2010 12:41 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.1.2010 16:17 715248]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\drivers\AF9035HB.sys [23.9.2010 8:39 863616]
S3 ZSMC0305;Vimicro USB PC Camera (VC0305);c:\windows\system32\drivers\usbVM305.sys [25.11.2010 22:01 391737]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-29 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]
2010-11-29 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\documents and settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\components\dtTransparency.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-29 20:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1454471165-616249376-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:59,86,8a,f2,49,31,23,0e,cc,85,f9,86,cf,dd,78,1c,89,53,4f,77,79,
53,32,5d,b8,2e,ff,cd,77,7e,66,95,5c,53,79,68,08,14,fc,f9,e5,e2,ac,67,cd,67,\
"rkeysecu"=hex:bc,d8,b9,2a,87,94,72,78,74,85,b5,ab,25,d7,cd,76
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):95,15,d2,69,6c,fe,36,27,0b,c1,14,51,89,ee,c6,d0,d8,ba,65,64,b8,
61,19,5b,22,7b,ab,a7,5b,9c,81,1d,e7,28,4a,b9,a1,5c,1f,e6,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{e72b34f4-eba8-4c0a-8568-837050512b00}]
@Denied: (Full) (Everyone)
"Model"=dword:00000079
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,29,53,01,52,53,ee,8c,54,13,79,5b,6f,fa,dc,99,d5,83,e0,8b,c5,07,bb,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="D872B1511121C82FF1EC07CDC58952B80CEACB5FAA6FCF795F70647A76E4E174A120B59F0DFE7B51EEF26620B93AA206444D2B30E834C9D48B5F27498034361837D8D6E43D8476DFE5DF147EAB9B68DBA7EC9EE2A58E4F9CBDE2BE5DE764FC9B7D84F3A6AE24039736332E2873C200462DFEA597A15B6F4A2684ADD3F5B6168482262E9B5623F1AE65831B964C1D49C573CB8422034AB9CC9B64387C5A4060CFF1506CB40B9A154C98767E72586728D03A334489D1DEC10419B2E75BA669C4EC222858918879C18B1EC9461C9BB5834FE7A3310A7CF022C73AB68A2B52EDAABB876AE0886D80547E64CD9FA4FDEDC71E8424D991D42BF6E2C24B3056FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D8EDD5E5BE2F6E667FEBC9E127BECC74C5005F6DEE7E2DE4174F205E5F31ADC4A1ED9A41A6FFA0430AF54325FB541B78E14F961A2E8E5ECD4FE18184D7A050BB2BDB8D2164686D9479EFD1A9CBD267B25DC470A55A1BF042B28ACE9C84D6F8E23B744D09B9004F33DE5BE5BEE1AC181CE6BCB758AF16CCCE81CD4305A862B91BDBC86A3BAC0BB1ED3E0256C1537EFD289E339ABCCDF7C336CE688A278639EFE5CE2DAD6F56E87E480CF91C7BDA49F4107CF98B69694176844F9147E0DC644890C2671F6C3D4D69CEB543BEB0E96D65DAF1A4228DADB745E34AA1705F5B5AAA50CE3D11610512E58F4762BDC1CE4ACFE9C94E591FEA6E1CF33B28379065AF38C51DED1C839E7A374AC23BF1FF68BCE421C71070C5A0BC1B6ECAE24A4028256BB043D21299240E28F5828AA3F1B2B7C0632CB7BB33BC108D4C0A09254A4A11CF3818A3ED663A32A8972B870CA7F06096C149EEDA6E2A53FAD43ED3F589BCA233A5A337EF06681CE0B266DEC540A845EDD2C495D89843A8289BA606E8589BADDD8D20A0A9D4A6D36FC58414C73183479849A921D834B2306742325363504CC535C6246DF87B29DDC0D9B139042794267502FA154C0D2A80D3EACCC044394051D1537034EDA366D52ADBBA5905FF105CF73F3827CEF2D39F07B3A4E188FBA87E899B1BC7BCB60D9B815B4A2F36D3973E96620266546DEE49E84E2818401E620FAC16457DF0DAE0948BE39933B13FAA880E3A4E0B07960E099F473A431FD003B27AB1A18C8D996BFCA66ADE9367B59E5756AA2EA56471F85F4AD6A58DBF45F6BD9374FAA56EF7DEA2290AB768BD3678EBCBDF1E0A06EFC50DA52FAA312D45465100B321DFC11BF96BE810171B4D0AB2A5E649AC22EB14EE2884A8EEEB9149F055C90A9DF85022BF6A8C430F67E2824E476AADD76725A5C004F44BE8788A9F847E4F2CC4C0E8C8263FC286D070D143F0FB61EAD42B2B2E21215AC5B9D0B1388CDE325E99B867EFC"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2880)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-11-29 20:20:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-29 19:20
Před spuštěním: Volných bajtů: 73 356 566 528
Po spuštění: Volných bajtů: 73 333 284 864
- - End Of File - - FF3E6FCD7D486FFE373A4126F7C00BA2
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.639.287 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ladislav\Plocha\Beruska.com
Použité ovládací přepínače :: c:\docume~1\Ladislav\Plocha\CFScript.txt
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"
file zipped: C:\2xhs.exe
file zipped: C:\jshd.exe
file zipped: c:\windows\system32\drivers\btumjuor.sys
file zipped: c:\windows\system32\drivers\fvvifnyc.sys
file zipped: c:\windows\system32\drivers\hprtwpsc.sys
file zipped: c:\windows\system32\drivers\imsrdzgx.sys
file zipped: c:\windows\system32\drivers\kljccnyz.sys
file zipped: c:\windows\system32\drivers\mdkncdvm.sys
file zipped: c:\windows\system32\drivers\vctxaium.sys
file zipped: c:\windows\system32\drivers\vwqorrif.sys
file zipped: c:\windows\vidcap32.Exe
file zipped: C:\winscxs.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\2xhs.exe
C:\jshd.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\install_semcz_icq65.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\drivers\btumjuor.sys
c:\windows\system32\drivers\fvvifnyc.sys
c:\windows\system32\drivers\hprtwpsc.sys
c:\windows\system32\drivers\imsrdzgx.sys
c:\windows\system32\drivers\kljccnyz.sys
c:\windows\system32\drivers\mdkncdvm.sys
c:\windows\system32\drivers\vctxaium.sys
c:\windows\system32\drivers\vwqorrif.sys
c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\vidcap32.Exe
C:\winscxs.exe
.
---- Předchozí spuštění -------
.
C:\21.exe
C:\6164.exe
C:\Autorun.inf
c:\data\WINDOWSDEFENDER.EXE
c:\documents and settings\Ladislav\secupdat.dat
C:\min32.exe
c:\windows\daemon.dll
c:\windows\system32\msconfig.exe
c:\windows\system32\secupdat.dat
c:\windows\VM305Cap.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_mpfbzcvp
-------\Service_rifzerrn
-------\Service_vctxaium
-------\Service_xjonzzfj
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-29 )))))))))))))))))))))))))))))))
.
2010-11-29 18:48 . 2010-11-09 19:33 6273872 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7B38B680-F371-4F06-BE54-AC0D127C5F89}\mpengine.dll
2010-11-29 18:45 . 2010-11-29 18:45 -------- dc----w- c:\program files\Microsoft Security Essentials
2010-11-29 17:38 . 2010-11-29 17:39 -------- dc----w- c:\program files\trend micro
2010-11-29 17:38 . 2010-11-29 17:39 -------- dc----w- C:\rsit
2010-11-29 10:59 . 2006-12-13 03:12 407016 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\talkback.exe
2010-11-29 10:59 . 2006-12-13 03:12 14432 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
2010-11-29 10:59 . 2006-12-13 03:12 156520 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\fullsoft.dll
2010-11-29 10:59 . 2006-12-13 03:12 99816 -c--a-w- c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\BrandRes.dll
2010-11-26 07:58 . 2010-11-26 07:58 -------- dc----w- C:\73ffa2532a0a3ac4efa77de0
2010-11-26 07:35 . 2010-11-26 07:37 -------- dc----w- C:\c6de10370373a8a1f3eeff683d7a7d
2010-11-25 21:10 . 2006-10-11 17:40 57344 -c--a-w- c:\windows\Sti305.exe
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\windows\CatRoot
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\windows\EffectResources
2010-11-25 21:10 . 2010-11-26 06:59 -------- dc----w- c:\program files\Vimicro
2010-11-25 21:10 . 2002-07-25 16:06 282624 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2010-11-25 21:01 . 2006-06-28 16:39 49152 -c--a-w- c:\windows\VMSnap5.exe
2010-11-25 21:01 . 2005-08-05 17:36 81920 -c--a-w- c:\windows\system32\VM305Sti.dll
2010-11-25 21:01 . 2006-08-10 11:32 391737 -c--a-w- c:\windows\system32\drivers\usbVM305.sys
2010-11-25 21:01 . 2006-07-14 17:23 209041 -c--a-w- c:\windows\system32\VM305Prp.Ax
2010-11-22 18:49 . 2010-11-22 18:49 -------- dc----w- c:\program files\Montezumova pomsta
2010-11-22 15:14 . 2010-11-29 16:25 -------- dc----w- c:\program files\Ford Racing 3
2010-11-22 14:46 . 2010-11-24 18:50 -------- dc----w- c:\program files\formule
2010-11-20 17:29 . 2010-11-20 17:29 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Badoo
2010-11-20 17:25 . 2010-11-20 17:25 -------- dc-h--w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\AlterGeo
2010-11-14 13:58 . 2010-11-14 13:58 -------- dc----w- c:\windows\Performance
2010-11-14 13:58 . 2010-11-14 13:58 -------- dc----w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\Microsoft Corporation
2010-11-13 16:00 . 2010-11-13 16:00 -------- dc----w- c:\documents and settings\Ladislav\Local Settings\Data aplikací\Opera
2010-11-13 15:55 . 2010-11-26 07:10 -------- dc----w- c:\program files\Opera
2010-11-12 19:18 . 2010-11-12 19:18 -------- dc----w- c:\documents and settings\All Users\Data aplikací\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-11-12 19:17 . 2010-11-12 19:17 -------- dc----w- c:\program files\Lavasoft
2010-11-12 19:17 . 2010-11-12 19:17 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 20:51 . 2010-01-17 16:30 222080 -c----w- c:\windows\system32\MpSigStub.exe
2010-09-23 07:39 . 2010-09-23 07:39 863616 -c--a-w- c:\windows\system32\drivers\AF9035HB.sys
2010-09-18 10:23 . 2007-04-03 08:44 974848 -c--a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 08:51 974848 -c--a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 08:51 953856 -c--a-w- c:\windows\system32\mfc40u.dll
2010-09-18 06:53 . 2001-10-25 16:00 954368 -c--a-w- c:\windows\system32\mfc40.dll
2010-09-15 03:50 . 2010-05-31 18:24 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2010-05-31 18:24 73728 -c--a-w- c:\windows\system32\javacpl.cpl
2010-09-09 22:52 . 2010-09-25 12:32 6084944 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{7BD00391-DAF0-463C-B763-CD4C11A2413E}\mpengine.dll
2010-09-09 22:52 . 2010-01-17 16:30 6084944 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2010-09-01 11:52 . 2008-04-14 08:37 285824 -c--a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 07:45 1852800 -c--a-w- c:\windows\system32\win32k.sys
2006-12-13 03:12 . 2010-11-26 07:12 66648 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-12-13 03:12 . 2010-11-26 07:12 54352 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-12-13 03:12 . 2010-11-26 07:12 34928 -c--a-w- c:\program files\mozilla firefox\components\myspell.dll
2006-12-13 03:12 . 2010-11-26 07:12 46696 -c--a-w- c:\program files\mozilla firefox\components\spellchk.dll
2006-12-13 03:12 . 2010-11-26 07:12 172120 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2001-10-25 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll
[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\dllcache\acpiec.sys
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-13 19:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 19:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll
[-] 2008-04-27 11:19 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-27 11:19 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2008-04-14 08:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 08:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll
[7] 2004-07-09 03:27 . 033A45AB696EEF481707C2808C806E1A . 381952 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dsound.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll
[7] 2004-07-09 03:27 . 90114704C17A581DA1BAE029F20932BE . 292864 . . [5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)] . . c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\ddraw.dll
[-] 2008-04-14 08:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 08:51 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-11-29_18.24.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-29 19:12 . 2010-11-29 19:12 16384 c:\windows\Temp\Perflib_Perfdata_124.dat
+ 2010-11-29 18:45 . 2010-11-29 18:45 47104 c:\windows\Installer\109423.msi
+ 2010-03-25 20:30 . 2010-03-25 20:30 151216 c:\windows\system32\drivers\MpFilter.sys
- 2010-03-25 19:30 . 2010-03-25 19:30 151216 c:\windows\system32\drivers\MpFilter.sys
+ 2010-11-29 18:45 . 2010-11-29 18:45 272384 c:\windows\Installer\10941a.msi
+ 2010-11-29 18:45 . 2010-11-29 18:45 264192 c:\windows\Installer\109414.msi
+ 2010-11-29 18:45 . 2010-11-29 18:45 301056 c:\windows\Installer\10940e.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [BU]
"Badoo Desktop"="c:\documents and settings\All Users\Data aplikací\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe" [2010-10-29 983552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"VMSnap5"="c:\windows\VMSnap5.EXE" [2006-06-28 49152]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2007-05-11 01:08 2512392 -c--a-w- c:\windows\system32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-12-04 10:34 406016 -c--a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 14:28 577536 -c--a-w- c:\windows\soundman.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
c:\program files\Winamp\winampa.exe [BU]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-03 18:20 866584 -c--a-w- c:\program files\Windows Defender\MSASCui.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Rockstar Games\\counter-strike 1.6\\hl.exe"=
"c:\\Program Files\\ToCA Race Driver\\RaceDriver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\formule\\f1_2000.exe"=
"c:\\Program Files\\Ford Racing 3\\fr3.exe"=
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [29.7.2010 12:41 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [29.7.2010 12:41 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.1.2010 16:17 715248]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\drivers\AF9035HB.sys [23.9.2010 8:39 863616]
S3 ZSMC0305;Vimicro USB PC Camera (VC0305);c:\windows\system32\drivers\usbVM305.sys [25.11.2010 22:01 391737]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-29 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]
2010-11-29 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\documents and settings\Ladislav\Data aplikací\Mozilla\Firefox\Profiles\506go8jn.default\extensions\{5D0EC45B-D2E4-4DD0-A5B2-69DDEFE852A8}\components\dtTransparency.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 1000000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 1000000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 1000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-29 20:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1454471165-616249376-1417001333-1003\Software\SecuROM\License information*]
"datasecu"=hex:59,86,8a,f2,49,31,23,0e,cc,85,f9,86,cf,dd,78,1c,89,53,4f,77,79,
53,32,5d,b8,2e,ff,cd,77,7e,66,95,5c,53,79,68,08,14,fc,f9,e5,e2,ac,67,cd,67,\
"rkeysecu"=hex:bc,d8,b9,2a,87,94,72,78,74,85,b5,ab,25,d7,cd,76
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):95,15,d2,69,6c,fe,36,27,0b,c1,14,51,89,ee,c6,d0,d8,ba,65,64,b8,
61,19,5b,22,7b,ab,a7,5b,9c,81,1d,e7,28,4a,b9,a1,5c,1f,e6,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{e72b34f4-eba8-4c0a-8568-837050512b00}]
@Denied: (Full) (Everyone)
"Model"=dword:00000079
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,29,53,01,52,53,ee,8c,54,13,79,5b,6f,fa,dc,99,d5,83,e0,8b,c5,07,bb,\
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="D872B1511121C82FF1EC07CDC58952B80CEACB5FAA6FCF795F70647A76E4E174A120B59F0DFE7B51EEF26620B93AA206444D2B30E834C9D48B5F27498034361837D8D6E43D8476DFE5DF147EAB9B68DBA7EC9EE2A58E4F9CBDE2BE5DE764FC9B7D84F3A6AE24039736332E2873C200462DFEA597A15B6F4A2684ADD3F5B6168482262E9B5623F1AE65831B964C1D49C573CB8422034AB9CC9B64387C5A4060CFF1506CB40B9A154C98767E72586728D03A334489D1DEC10419B2E75BA669C4EC222858918879C18B1EC9461C9BB5834FE7A3310A7CF022C73AB68A2B52EDAABB876AE0886D80547E64CD9FA4FDEDC71E8424D991D42BF6E2C24B3056FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D8EDD5E5BE2F6E667FEBC9E127BECC74C5005F6DEE7E2DE4174F205E5F31ADC4A1ED9A41A6FFA0430AF54325FB541B78E14F961A2E8E5ECD4FE18184D7A050BB2BDB8D2164686D9479EFD1A9CBD267B25DC470A55A1BF042B28ACE9C84D6F8E23B744D09B9004F33DE5BE5BEE1AC181CE6BCB758AF16CCCE81CD4305A862B91BDBC86A3BAC0BB1ED3E0256C1537EFD289E339ABCCDF7C336CE688A278639EFE5CE2DAD6F56E87E480CF91C7BDA49F4107CF98B69694176844F9147E0DC644890C2671F6C3D4D69CEB543BEB0E96D65DAF1A4228DADB745E34AA1705F5B5AAA50CE3D11610512E58F4762BDC1CE4ACFE9C94E591FEA6E1CF33B28379065AF38C51DED1C839E7A374AC23BF1FF68BCE421C71070C5A0BC1B6ECAE24A4028256BB043D21299240E28F5828AA3F1B2B7C0632CB7BB33BC108D4C0A09254A4A11CF3818A3ED663A32A8972B870CA7F06096C149EEDA6E2A53FAD43ED3F589BCA233A5A337EF06681CE0B266DEC540A845EDD2C495D89843A8289BA606E8589BADDD8D20A0A9D4A6D36FC58414C73183479849A921D834B2306742325363504CC535C6246DF87B29DDC0D9B139042794267502FA154C0D2A80D3EACCC044394051D1537034EDA366D52ADBBA5905FF105CF73F3827CEF2D39F07B3A4E188FBA87E899B1BC7BCB60D9B815B4A2F36D3973E96620266546DEE49E84E2818401E620FAC16457DF0DAE0948BE39933B13FAA880E3A4E0B07960E099F473A431FD003B27AB1A18C8D996BFCA66ADE9367B59E5756AA2EA56471F85F4AD6A58DBF45F6BD9374FAA56EF7DEA2290AB768BD3678EBCBDF1E0A06EFC50DA52FAA312D45465100B321DFC11BF96BE810171B4D0AB2A5E649AC22EB14EE2884A8EEEB9149F055C90A9DF85022BF6A8C430F67E2824E476AADD76725A5C004F44BE8788A9F847E4F2CC4C0E8C8263FC286D070D143F0FB61EAD42B2B2E21215AC5B9D0B1388CDE325E99B867EFC"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2880)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-11-29 20:20:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-29 19:20
Před spuštěním: Volných bajtů: 73 356 566 528
Po spuštění: Volných bajtů: 73 333 284 864
- - End Of File - - FF3E6FCD7D486FFE373A4126F7C00BA2
Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- c:\windows\system32\svchost.exe
c:\windows\system32\lsass.exe
c:\windows\system32\drivers\atapi.sys - Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Send File
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
Napiste jak se chova PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
pánové mockkrát vám děkuju, už vás nebudu dál zdržovat.. jako vdycky jste i pomohli a oceňuju vaši práci.. Počíta běží parádně
Re: Prosím o kontrolu logu, mám nejspíš zavirovaný PC
Jeste mi neutikejte -musime uklidit po utilitach, preci Vam tam nebudou strasit 
Pro muj klid mi prosim ty tri soubory, neprosli detekci na digitalni podpis 
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
Pro muj klid mi prosim ty tri soubory, neprosli detekci na digitalni podpis T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?