VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Au_.exe

https://forum.viry.cz:443/viewtopic.php?t=108044

Stránka 1 z 1

Au_.exe

Napsal: 01 led 2011 16:09
od PetrVesely
prosim o radu jak odstranitAu_.exe Dekuji.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2011-01-01 16:01:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 72 GB (47%) free of 153 GB
Total RAM: 1023 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:01:50, on 1.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\logon.scr
C:\_APLIKACE_\RSIT\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0912832046
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAA27AC7-B91A-49D8-B1EF-012B002DFA28}: NameServer = 192.168.0.250
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: PC Tools Disk Suite (DiskSuiteService) - PC Tools Software - C:\Program Files\PC Tools Disk Suite\DSService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: UltiDev Cassini Web Server for ASP.NET 2.0 - UltiDev LLC - C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe

--
End of file - 7761 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-651377827-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-651377827-839522115-1003UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SDMsgUpdate (TE).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-02-17 97760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Admin\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2008-12-30 131072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-06-01 7618560]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-09-15 1094224]
"PrintDisp"=C:\WINDOWS\system32\PrintDisp.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Check4me]
C:\Program Files\Check4Me v2\Check4Me.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DefragTaskBar]
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2009-11-02 222736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-10-31 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocster Backup]
C:\Program Files\Ocster Backup\bin\backupClient-ox.exe --hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrintDisp]
C:\WINDOWS\system32\PrintDisp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cisco Systems VPN Client.lnk]
C:\PROGRA~1\CISCOS~1\VPNCLI~1\vpngui.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QNAP\Finder\Finder.exe"="C:\Program Files\QNAP\Finder\Finder.exe:*:Enabled:Finder"
"C:\_PROFIA_\_SERVER2_\_SERVER_\ffe.exe"="C:\_PROFIA_\_SERVER2_\_SERVER_\ffe.exe:*:Enabled:FlashFiler Explorer"
"C:\Program Files\wincmd\TOTALCMD.EXE"="C:\Program Files\wincmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\_PROFIA_\_SERVER2_\_SERVER_\ffserver.exe"="C:\_PROFIA_\_SERVER2_\_SERVER_\ffserver.exe:*:Enabled:FlashFiler Server"
"\\Dns-323\Volume_1\_ _ PROFIA _ _\2009\RC_5 KLIENT_PLUS\RC_CLIENT.exe"="\\Dns-323\Volume_1\_ _ PROFIA _ _\2009\RC_5 KLIENT_PLUS\RC_CLIENT.exe:*:Enabled:RC_CLIENT"
"C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\setup\easy_search(3.6.0.0).exe"="D:\setup\easy_search(3.6.0.0).exe:*:Enabled:D-Link Easy Search Utility"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe"="C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe:LocalSubNet:Enabled:UltiDev Cassini Web Server for ASP.NET 2.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-01-01 15:58:04 ----D---- C:\rsit
2011-01-01 15:58:04 ----D---- C:\Program Files\trend micro
2011-01-01 15:38:34 ----A---- C:\WINDOWS\OEWABLog.txt
2010-12-27 19:43:27 ----D---- C:\Program Files\Space Invaders
2010-12-27 19:43:03 ----D---- C:\_ _ SPECTRUM HRY _ _
2010-12-26 10:33:20 ----D---- C:\Program Files\STDU Viewer
2010-12-26 10:12:21 ----A---- C:\stduviewer.exe
2010-12-26 09:53:05 ----D---- C:\Program Files\STDU Explorer
2010-12-26 09:51:40 ----A---- C:\stduexplorer.exe
2010-12-26 08:44:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\STDUConverter
2010-12-26 08:44:04 ----D---- C:\Program Files\Common Files\STDUtility
2010-12-26 08:44:03 ----D---- C:\Program Files\STDU Converter
2010-12-26 08:43:43 ----A---- C:\stduconverter.exe
2010-12-26 08:37:29 ----D---- C:\Documents and Settings\Admin\Data aplikací\UDC Profiles
2010-12-26 08:36:20 ----A---- C:\WINDOWS\system32\udcpm.dll
2010-12-26 08:36:05 ----D---- C:\Program Files\Universal Document Converter
2010-12-23 17:08:00 ----A---- C:\WINDOWS\system32\advddischlp.dll
2010-12-23 17:07:59 ----A---- C:\WINDOWS\system32\elbycdio.dll
2010-12-23 17:07:59 ----A---- C:\WINDOWS\system32\drivers\elbycdio.sys
2010-12-23 17:07:59 ----A---- C:\WINDOWS\system32\drivers\anydvd.sys
2010-12-23 17:07:59 ----A---- C:\WINDOWS\system32\anydialog.dll
2010-12-23 17:07:57 ----A---- C:\WINDOWS\system32\kenale32.dll
2010-12-23 17:07:29 ----D---- C:\Program Files\Plato Blu-ray DVD Ripper
2010-12-16 03:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-16 03:10:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-16 03:10:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-16 03:09:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-16 03:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-16 03:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-16 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-15 13:13:09 ----D---- C:\Program Files\TeamViewer
2010-12-10 06:49:56 ----D---- C:\ZALOHA_DATABAZE
2010-12-09 12:55:22 ----D---- C:\SMS_DATA
2010-12-05 21:52:06 ----D---- C:\Program Files\PixiePack Codec Pack
2010-12-05 21:49:28 ----D---- C:\Program Files\RapidSolution
2010-12-05 21:49:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\RapidSolution
2010-12-04 08:36:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\UltiDev
2010-12-04 08:36:12 ----D---- C:\Program Files\UltiDev
2010-12-04 08:34:32 ----D---- C:\Program Files\Microsoft ASP.NET
2010-12-04 08:33:28 ----D---- C:\Program Files\SolarWinds
2010-12-04 08:33:28 ----D---- C:\Documents and Settings\Admin\Data aplikací\SolarWinds
2010-12-04 08:32:01 ----D---- C:\Program Files\Syslogd

======List of files/folders modified in the last 1 months======

2011-01-01 16:01:44 ----D---- C:\WINDOWS\Temp
2011-01-01 16:00:33 ----D---- C:\Program Files\Mozilla Firefox
2011-01-01 15:59:01 ----D---- C:\WINDOWS\Prefetch
2011-01-01 15:58:04 ----D---- C:\Program Files
2011-01-01 15:57:48 ----D---- C:\_APLIKACE_
2011-01-01 15:48:07 ----D---- C:\Program Files\Ashampoo
2011-01-01 15:46:37 ----SD---- C:\WINDOWS\Tasks
2011-01-01 15:43:34 ----A---- C:\WINDOWS\win.ini
2011-01-01 15:41:44 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-01 15:40:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-01 15:40:19 ----D---- C:\Documents and Settings
2011-01-01 15:38:48 ----SHD---- C:\WINDOWS\Installer
2011-01-01 15:38:36 ----D---- C:\WINDOWS
2011-01-01 15:27:10 ----D---- C:\Program Files\Cisco Systems
2011-01-01 15:26:52 ----D---- C:\Program Files\Common Files
2011-01-01 15:26:46 ----D---- C:\WINDOWS\system32\drivers
2011-01-01 15:26:46 ----D---- C:\WINDOWS\system32
2011-01-01 15:24:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\ActMask EMF Virtual Printer SDK
2011-01-01 14:59:39 ----D---- C:\Program Files\VstPlugins
2011-01-01 14:49:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2011-01-01 14:49:11 ----HD---- C:\WINDOWS\inf
2011-01-01 14:35:58 ----D---- C:\WINDOWS\WinSxS
2011-01-01 14:35:53 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-01 14:35:30 ----RSD---- C:\WINDOWS\Fonts
2011-01-01 14:31:56 ----D---- C:\Documents and Settings\Admin\Data aplikací\Any Video Converter
2011-01-01 12:01:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-01-01 12:01:34 ----D---- C:\WINDOWS\Debug
2011-01-01 11:29:57 ----D---- C:\Downloads
2010-12-31 22:51:08 ----D---- C:\Program Files\JDownloader 0.6.193
2010-12-31 03:01:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-31 03:01:15 ----D---- C:\WINDOWS\system32\cs-cz
2010-12-31 03:01:10 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-30 18:56:17 ----D---- C:\_MULTIMEDIA_
2010-12-23 17:27:08 ----HD---- C:\Documents and Settings\All Users\Data aplikací\sysnfxo
2010-12-22 21:28:08 ----D---- C:\Program Files\Microsoft Silverlight
2010-12-20 19:52:15 ----D---- C:\WINDOWS\system32\config
2010-12-20 18:14:11 ----D---- C:\_PROFIA_
2010-12-20 18:14:05 ----D---- C:\_ PROFIA STARE FF SERVERY _
2010-12-16 03:09:57 ----HD---- C:\WINDOWS\$hf_mig$
2010-12-16 03:09:07 ----D---- C:\Program Files\Internet Explorer
2010-12-16 03:01:42 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-16 03:01:30 ----D---- C:\Program Files\Outlook Express
2010-12-14 07:14:37 ----D---- C:\temp
2010-12-09 14:35:41 ----D---- C:\Documents and Settings\Admin\Data aplikací\Canon
2010-12-09 14:35:21 ----D---- C:\_ SCAN _
2010-12-05 10:25:15 ----D---- C:\Program Files\eDATA Unerase
2010-12-04 09:27:46 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-04 09:01:43 ----RSD---- C:\WINDOWS\assembly
2010-12-04 08:39:31 ----RASHD---- C:\Documents and Settings\All Users\Data aplikací\TEMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 oodisr;O&O DiskImage Snapshot/Restore Driver; C:\WINDOWS\system32\DRIVERS\oodisr.sys [2009-02-27 95752]
R0 oodisrh;oodisrh; C:\WINDOWS\system32\DRIVERS\oodisrh.sys [2009-02-27 28680]
R0 oodivd;O&O DiskImage VirtualDisk Driver; C:\WINDOWS\system32\DRIVERS\oodivd.sys [2009-02-27 133640]
R0 oodivdh;oodivdh; C:\WINDOWS\system32\DRIVERS\oodivdh.sys [2009-02-27 31240]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-11-29 43528]
R0 sbp2port;Ovladač sběrnice pro přenos dat zařízení podporujícího protokol SBP-2; C:\WINDOWS\system32\DRIVERS\sbp2port.sys [2008-04-13 43904]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-29 691696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 usedisk;USEDisk Driver; C:\WINDOWS\system32\DRIVERS\usedisk.sys [2010-11-29 17408]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 ASPI32;ASPI32; C:\WINDOWS\System32\drivers\aspi32.sys [2009-10-11 16512]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 elbycdio;elbycdio; \??\C:\WINDOWS\system32\drivers\elbycdio.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-01-09 601100]
R3 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2008-11-09 4096]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-01 3925920]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-12-10 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\yukonx86.sys [2003-10-17 176256]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 anydvd;anydvd; \??\C:\WINDOWS\system32\drivers\anydvd.sys []
S2 BT848;Conexant's BtPCI WDM Video Capture; C:\WINDOWS\system32\DRIVERS\BT848.sys [2010-10-29 371349]
S3 a4kx7xry;a4kx7xry; C:\WINDOWS\system32\drivers\a4kx7xry.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\ASFWHide []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2003-05-01 5220]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4ufd;HP Dot4usb Filter; C:\WINDOWS\system32\DRIVERS\hppaufd0.sys [2003-07-21 16800]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-27 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 QCDonner;Logitech QuickCam Express; C:\WINDOWS\system32\DRIVERS\OVCD.sys [2001-08-17 28032]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-01-27 73728]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 199384]
R2 msftesql;SQL Server FullText Search (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [2005-08-26 92880]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [2005-10-14 14557912]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-01 155715]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]
R2 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2005-10-14 318680]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0; C:\Program Files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2007-02-08 49152]
R2 WTService;WTService; C:\WINDOWS\system32\atwtusb.exe [2008-10-29 372384]
S2 DiskSuiteService;PC Tools Disk Suite; C:\Program Files\PC Tools Disk Suite\DSService.exe [2009-03-10 869696]
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-25 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------

Re: Au_.exe

Napsal: 01 led 2011 17:16
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: Au_.exe

Napsal: 01 led 2011 19:18
od PetrVesely
PREEM DEKUJI a zaroven preji krasny rok 2011 :)

ComboFix 11-01-01.01 - Admin 01.01.2011 19:06:50.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.516 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Admin\System
c:\documents and settings\Admin\System\win_qs8.jqx
C:\Thumbs.db
c:\windows\ST6UNST.000
c:\windows\XSxS

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-01 do 2011-01-01 )))))))))))))))))))))))))))))))
.

2011-01-01 14:58 . 2011-01-01 15:01 -------- d-----w- c:\program files\trend micro
2011-01-01 14:58 . 2011-01-01 14:58 -------- d-----w- C:\rsit
2010-12-30 10:44 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1C9B37CE-FDCF-4E83-8073-0B7AC2F96115}\mpengine.dll
2010-12-27 18:43 . 2010-12-27 18:43 -------- d-----w- c:\program files\Space Invaders
2010-12-27 18:43 . 2010-12-27 18:43 -------- d-----w- C:\_ _ SPECTRUM HRY _ _
2010-12-26 09:33 . 2010-12-26 09:34 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\STDUViewer
2010-12-26 09:33 . 2010-12-26 09:33 -------- d-----w- c:\program files\STDU Viewer
2010-12-26 09:12 . 2010-12-26 09:08 2181557 ----a-w- C:\stduviewer.exe
2010-12-26 08:53 . 2010-12-26 08:53 -------- d-----w- c:\program files\STDU Explorer
2010-12-26 08:51 . 2010-12-26 08:48 3049782 ----a-w- C:\stduexplorer.exe
2010-12-26 07:44 . 2010-12-26 07:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\STDUConverter
2010-12-26 07:44 . 2010-12-26 09:33 -------- d-----w- c:\program files\Common Files\STDUtility
2010-12-26 07:44 . 2010-12-26 07:44 -------- d-----w- c:\program files\STDU Converter
2010-12-26 07:43 . 2010-12-26 07:40 1492169 ----a-w- C:\stduconverter.exe
2010-12-26 07:37 . 2010-12-26 07:37 -------- d-----w- c:\documents and settings\Admin\Data aplikací\UDC Profiles
2010-12-26 07:36 . 2010-03-18 21:27 24440 ----a-w- c:\windows\system32\udcpm.dll
2010-12-26 07:36 . 2010-12-26 07:36 -------- d-----w- c:\program files\Universal Document Converter
2010-12-23 16:23 . 2011-01-01 14:53 -------- d-----w- c:\documents and settings\_ocster_backup_
2010-12-23 16:08 . 2010-12-23 16:08 117696 ----a-w- c:\windows\system32\advddischlp.dll
2010-12-23 16:07 . 2010-12-23 16:07 89256 ----a-w- c:\windows\system32\elbycdio.dll
2010-12-23 16:07 . 2010-12-23 16:07 24232 ----a-w- c:\windows\system32\drivers\elbycdio.sys
2010-12-23 16:07 . 2010-12-23 16:07 1046464 ----a-w- c:\windows\system32\anydialog.dll
2010-12-23 16:07 . 2010-12-23 16:07 103744 ----a-w- c:\windows\system32\drivers\anydvd.sys
2010-12-23 16:07 . 2010-12-23 16:07 4359680 ----a-w- c:\windows\system32\kenale32.dll
2010-12-23 16:07 . 2010-12-23 16:08 -------- d-----w- c:\program files\Plato Blu-ray DVD Ripper
2010-12-16 09:32 . 2010-12-16 09:32 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\PCHealth
2010-12-15 16:10 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 16:10 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-15 12:13 . 2010-12-15 12:13 -------- d-----w- c:\program files\TeamViewer
2010-12-10 05:49 . 2010-12-10 05:52 -------- d-----w- C:\ZALOHA_DATABAZE
2010-12-09 11:55 . 2010-12-09 11:55 -------- d-----w- C:\SMS_DATA
2010-12-05 20:52 . 2010-12-05 20:52 -------- d-----w- c:\program files\PixiePack Codec Pack
2010-12-05 20:49 . 2010-12-05 20:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RapidSolution
2010-12-05 20:49 . 2010-12-05 20:49 -------- d-----w- c:\program files\RapidSolution
2010-12-05 20:45 . 2010-12-05 20:45 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\RapidSolution
2010-12-04 07:36 . 2010-12-04 07:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\UltiDev
2010-12-04 07:36 . 2010-12-04 07:36 -------- d-----w- c:\program files\UltiDev
2010-12-04 07:34 . 2010-12-04 07:34 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-12-04 07:33 . 2010-12-04 07:33 -------- d-----w- c:\program files\SolarWinds
2010-12-04 07:33 . 2010-12-04 07:33 -------- d-----w- c:\documents and settings\Admin\Data aplikací\SolarWinds
2010-12-04 07:32 . 2010-12-23 19:40 -------- d-----w- c:\program files\Syslogd

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 21:10 . 2010-11-29 21:10 17408 ----a-w- c:\windows\system32\drivers\usedisk.sys
2010-11-18 18:15 . 2007-09-27 16:12 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-10 04:33 . 2010-11-07 00:43 6273872 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-11-08 02:00 . 2010-11-08 02:00 229208 ----a-w- c:\windows\system32\drivers\VMM.sys
2010-11-06 00:25 . 2006-06-23 11:27 832512 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:25 . 2004-08-17 22:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-11-06 00:25 . 2003-04-16 12:00 1830912 ------w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:25 . 2003-04-16 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-11-03 12:25 . 2004-08-17 22:44 389120 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2003-04-16 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-29 14:27 . 2010-10-29 14:27 371349 ----a-w- c:\windows\system32\drivers\BT848.sys
2010-10-28 13:09 . 2003-04-16 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2003-04-16 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-19 20:51 . 2010-11-06 21:00 222080 ------w- c:\windows\system32\MpSigStub.exe
2004-10-01 14:00 . 2009-03-01 09:41 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OODIIcon]
@="{14A94384-BBED-47ed-86C0-6BF63FD892D0}"
[HKEY_CLASSES_ROOT\CLSID\{14A94384-BBED-47ed-86C0-6BF63FD892D0}]
2009-02-26 23:31 111872 ----a-w- c:\program files\OO Software\DiskImage\oodishi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 86016]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cisco Systems VPN Client.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Cisco Systems VPN Client.lnk
backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:22 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
2009-11-02 08:58 222736 ----a-w- c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-31 06:30 136176 ----atw- c:\documents and settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DiskSuite"=c:\program files\PC Tools Disk Suite\aDSProcMngr.exe
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"MacrokeyManager"=WTMKM.exe
"VX1000"=c:\windows\vVX1000.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"NvMediaCenter"=RunDLL32.exe NvMCTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe"
"Device Detector"=DevDetect.exe -autorun

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QNAP\\Finder\\Finder.exe"=
"c:\\_PROFIA_\\_SERVER2_\\_SERVER_\\ffe.exe"=
"c:\\Program Files\\wincmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\_PROFIA_\\_SERVER2_\\_SERVER_\\ffserver.exe"=
"\\\\Dns-323\\Volume_1\\_ _ PROFIA _ _\\2009\\RC_5 KLIENT_PLUS\\RC_CLIENT.exe"=
"c:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1433:TCP"= 1433:TCP:MSSQL
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 oodisr;O&O DiskImage Snapshot/Restore Driver;c:\windows\system32\drivers\oodisr.sys [27.2.2009 0:35 95752]
R0 oodisrh;oodisrh;c:\windows\system32\drivers\oodisrh.sys [27.2.2009 0:35 28680]
R0 oodivd;O&O DiskImage VirtualDisk Driver;c:\windows\system32\drivers\oodivd.sys [27.2.2009 0:35 133640]
R0 oodivdh;oodivdh;c:\windows\system32\drivers\oodivdh.sys [27.2.2009 0:35 31240]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.10.2008 8:12 691696]
R1 usedisk;USEDisk Driver;c:\windows\system32\drivers\usedisk.sys [29.11.2010 22:10 17408]
R2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [14.10.2005 2:45 199384]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [8.2.2007 0:06 49152]
R2 WTService;WTService;c:\windows\system32\atwtusb.exe -s --> c:\windows\system32\atwtusb.exe -s [?]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [9.11.2008 8:12 4096]
R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [27.9.2007 17:28 176256]
S2 BT848;Conexant's BtPCI WDM Video Capture;c:\windows\system32\drivers\BT848.sys [29.10.2010 15:27 371349]
S2 DiskSuiteService;PC Tools Disk Suite;c:\program files\PC Tools Disk Suite\DSService.exe [30.6.2010 3:27 869696]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [26.8.2009 20:38 1527900]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [24.6.2010 6:05 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [24.6.2010 6:05 11088]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-27 21:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 18:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 20:40]

2011-01-01 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~2\Messages\SDNotify.exe [2009-12-27 16:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = hxxp://search.qip.ru/search?query=%s&from=IE
IE: Free YouTube Download - c:\documents and settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
TCP: {FAA27AC7-B91A-49D8-B1EF-012B002DFA28} = 192.168.0.250
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\0usntu2i.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: text/plain: {e1c8879e-9db4-4adf-92d2-d4856bd434ef} - %profile%\extensions\{e1c8879e-9db4-4adf-92d2-d4856bd434ef}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: AutocompletePro - Your handy search suggestions tool: support@predictad.com - c:\program files\AutocompletePro\support@predictad.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-PrintDisp - c:\windows\system32\PrintDisp.exe
MSConfigStartUp-Check4me - c:\program files\Check4Me v2\Check4Me.exe
MSConfigStartUp-DefragTaskBar - c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
MSConfigStartUp-Ocster Backup - c:\program files\Ocster Backup\bin\backupClient-ox.exe
MSConfigStartUp-PrintDisp - c:\windows\system32\PrintDisp.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-01 19:11
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\Admin\LOCALS~1\Temp\ASFWHide"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2052111302-651377827-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d2,75,f8,68,da,73,e8,55,45,a6,f9,bf,6a,59,fb,db,06,cd,30,ae,55,e0,47,
1d,93,5b,ff,4c,de,cb,eb,bd,6f,7d,b3,76,00,f9,89,f2,fa,3b,7f,59,b5,0a,8a,89,\
"??"=hex:ce,07,34,14,6f,df,ba,98,e1,cc,66,7b,c1,c9,d7,2f

[HKEY_USERS\S-1-5-21-2052111302-651377827-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:9b,ad,ac,49,ae,f8,b1,62,a0,a1,a7,38,0b,1e,01,28,c7,03,b9,90,4f,
19,8a,df,1d,ad,3c,a8,74,5e,94,ed,6d,57,70,6d,20,1f,c0,04,b6,a5,b8,f3,f5,3e,\
"rkeysecu"=hex:65,1b,f7,17,8b,e2,32,f7,7f,8e,d7,4b,f7,0b,f4,7c

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODI03.00.00.01PRO"="A006D98E6CEF10EC305D8DC3D539E3A9F349CE87BC8AE69440E6622C4643A12707D39AB309305FD35E8EC0830A30D1B7DF585AA07D616EEB553737FED7E7AFCFB2FAD4DEB9C097F8E75C09BE1D220B2475A209D5E06DF9BE6064352215B3D77AEAC9BE0EA7C764F7206E9293D360C1F836499905E7C96028302551D7DAA836F3E7AF24802ECF46EC4F0E9A62261E7AC3138D6254CAF04B4985D81523BD2DB90D5944613CDEC792FAAFAC77D34371119777D849A7F2C4BB45147E1CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB34525D575E7D6A3B98088EDD5E5BE2F6E667E72BBAEA432491F948C4E782F87D449EC80EE1F005930CE63D2EC98752152367AB48A285C741D88089BD000714978D6C0B4249B682D4BE2182C592D9DEBC2102CB2072A86EB7C95CD01C81F47741E9BD104DD4A45621970E43AD93F821FA2A86069519A86329A5EC1C04A54460E732A6382EA476EE54A7976163F904D73829D6DC46E9A85328CFA62E4C883F8D6A63D027973C3BBBBA263C8297D26EC3CFACE3957B9CA2F13E509290FDAA8442A01EF9C4F28857B296EB0E8EAD0F822B8F69B4BBB94D66F6E6D24C0B587187C6522873BED9D483CA1FF6B2B54008DCD63AB3E61DB579151B11A703304DA38D66BC6AA2031CD2C8827CE9E5E499F66E950707A8CAD706231EA1427CD004EDB2F010EFFE48BD180AD84E0A74D33CF97B39A2843C9B3F3A5BC1713A9084D6E165B9F16C9784761E79D3A6C1C1FB5B139C162AEB7A2BBCC05B4E4B4D2C2754F16898FBB18D74B1C19EFB0B1E421A60A9BF86B0A64D54552A158CEED8CED73FF8536ABABB16988FC4D5DCF4D2032DE507A4E73FBDB5BC44694D4C92620CF88D320F0D2EA47AB562CCCE8852B320FDBFDA609CCEE1444775541F5FDB128DB26A3CDC64CCAF96D232E28D12073BCC136F375A89CEE4A3A18AA8F89DE8B1106E349ECCD97F405DBC3A75689367884FBA2F91529823BC8C37D8059A61C634615DFB40C756235F55826A540EA83D5B0205EA44D63822864FBA6B6C1A887CAAE7F18B6D874C08BA93F966367B72481CD2C7C210CC589600CE247EC662F680CE9BE2D9D69A2DF3A2493A053306963953C39D0C146E70BF0C02AA84DEB091BF7C08AA979064719F8CB69F534AD4BB362F6BE14FD9477851B1F54EA26497C499B1CD0A27939C153990AFC90FDA630FD800743548C9B7EF719BC751316AFA7EE194A1049DBB4C18DE6C1F1FACAC0343B03E1D7E68B1F556BC19ABB93FE895B0E16CCBDEC74AD17CA9018144D3E75589BE8237E4D24689333F9D69CF0E3CF5D254A42726A262E2CA9E52E8285F19531E798A29D8629C500F7E3E5A2592A1FC5F69CD26A8618C0390BD8979F95F3349BB"
.
Celkový čas: 2011-01-01 19:15:04
ComboFix-quarantined-files.txt 2011-01-01 18:15
ComboFix2.txt 2008-06-30 16:04

Před spuštěním: Volných bajtů: 73 563 570 176
Po spuštění: Volných bajtů: 73 620 312 064

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - 353B7793C3C65D4C6410BEFEEA1DB6AB

Re: Au_.exe

Napsal: 01 led 2011 19:54
od Rudy
5 položek bylo smazáno, zbytek logu vypadá čistý. Soubor Au_.exe nikde v logu nevidím. Kde se nachází?

Re: Au_.exe

Napsal: 01 led 2011 19:58
od PetrVesely
Rudy píše:5 položek bylo smazáno, zbytek logu vypadá čistý. Soubor Au_.exe nikde v logu nevidím. Kde se nachází?

MOC DIKY, byl tam, ale uz NENI :) Jste super. Preji at se vam dari a krasny rok 2011 !

Re: Au_.exe

Napsal: 01 led 2011 20:01
od Rudy
Totéž přeji i já vám a nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz