c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090908-213858.156.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090908-214925.984.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-145320.703.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-175935.171.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-180844.625.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-182453.671.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-183018.906.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-183257.156.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-185315.015.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-185534.812.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-194203.390.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-195652.796.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090909-195748.921.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090910-142736.875.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090910-153317.750.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-141017.546.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-142215.234.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-170332.515.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-174833.703.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-175306.515.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-182043.546.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-192223.234.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-193410.062.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-204626.093.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-205123.984.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-210110.500.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-210454.906.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-210937.781.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090911-225433.859.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-100950.250.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-101828.703.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-102313.203.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-112058.078.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-112534.406.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-113615.031.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-113733.625.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-114004.843.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-124027.906.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-161543.234.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-164111.546.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-171936.390.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-171941.812.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-172001.046.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-172019.890.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-172942.859.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-173532.031.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-173536.656.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-191427.968.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-192622.296.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\HJHP_20090912-193015.562.log
c:\documents and settings\Řehák\Local Settings\Data aplikací\Media Access Startup\1.5.0.850\ipdata.md
c:\documents and settings\Řehák\WINDOWS
c:\psnkillergui\PsnKillerGUI.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-22 do 2011-04-22 )))))))))))))))))))))))))))))))
.
.
2011-04-21 15:00 . 2011-04-21 15:00 -------- d-----w- c:\documents and settings\Řehák\Data aplikací\GameRanger
2011-04-20 22:13 . 2011-04-20 22:13 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2011-04-20 19:49 . 2011-04-20 19:49 -------- d-----w- c:\program files\Veetle
2011-04-16 20:11 . 2011-04-16 20:11 -------- d-----w- c:\program files\SopCast
2011-04-15 18:50 . 2011-04-15 19:14 -------- d-----w- c:\program files\VS Revo Group
2011-04-13 11:35 . 2011-04-13 11:35 -------- d-----w- c:\program files\Vstplugins
2011-04-11 14:22 . 2011-04-11 14:22 -------- d-----w- c:\documents and settings\Řehák\Data aplikací\com.goplayalong.41DF8ADAAE31CA841C48A6C358D6E3DCCEC38798.1
2011-04-11 14:22 . 2011-04-11 14:24 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-04-09 11:41 . 2011-04-09 11:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype Extras
2011-04-09 11:40 . 2011-04-09 13:11 -------- d-----w- c:\documents and settings\Řehák\Data aplikací\Skype
2011-04-09 11:39 . 2011-04-09 11:39 -------- d-----w- c:\program files\Common Files\Skype
2011-04-08 20:04 . 2011-04-22 09:31 -------- d-----w- C:\PsnKillerGUI
2011-04-07 06:00 . 2011-04-07 06:00 -------- d-----w- c:\documents and settings\Řehák\Data aplikací\TeamViewer
2011-04-06 20:32 . 2011-04-06 20:36 -------- d-----w- c:\program files\Real
2011-03-31 15:26 . 2011-04-19 06:14 -------- d-----w- C:\Fraps
2011-03-29 11:54 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-12 10:57 . 2011-03-11 10:26 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-04-06 20:32 . 2009-04-04 13:49 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-04-06 20:32 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-30 16:35 . 2011-03-18 18:36 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-30 16:35 . 2011-03-18 18:35 270240 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-30 16:35 . 2009-04-06 19:31 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-03-30 15:00 . 2011-03-18 18:35 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-18 18:36 . 2009-05-18 15:06 138056 ----a-w- c:\documents and settings\Řehák\Data aplikací\PnkBstrK.sys
2011-03-18 18:35 . 2011-03-18 18:35 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-07 05:33 . 2009-04-04 11:59 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:36 . 2006-03-02 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2006-03-02 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:08 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-02-22 23:08 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2006-03-02 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2006-03-02 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2006-03-02 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2006-03-02 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2006-03-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2006-03-02 12:00 978944 ------w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2009-04-04 11:57 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2009-04-04 11:57 677888 ----a-w- c:\windows\system32\mstsc.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}"= "c:\program files\Hunt_TB\prxtbHun0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Hunt_TB\prxtbHun0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}"= "c:\program files\Hunt_TB\prxtbHun0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{D3F4B70A-92E0-4393-A0F3-976D03B1EBF5}"= "c:\program files\Hunt_TB\prxtbHun0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{d3f4b70a-92e0-4393-a0f3-976d03b1ebf5}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-03-28 1910152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 17:03 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 15:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\call of duty 2\\CoD2MP_s.exe"=
"d:\\rFactor Crack\\rFactor.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\track mania United Forever\\TmUnitedForever\\TmForever.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"d:\\rFactor Crack\\rFactor Dedicated.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"58550:TCP"= 58550:TCP:Pando Media Booster
"58550:UDP"= 58550:UDP:Pando Media Booster
"58641:TCP"= 58641:TCP:Pando Media Booster
"58641:UDP"= 58641:UDP:Pando Media Booster
"58133:TCP"= 58133:TCP:Pando Media Booster
"58133:UDP"= 58133:UDP:Pando Media Booster
"58691:TCP"= 58691:TCP:Pando Media Booster
"58691:UDP"= 58691:UDP:Pando Media Booster
.
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [28.3.2011 15:41 1242504]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [24.10.2009 12:59 27632]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [10.12.2010 16:22 27136]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.10.2009 19:42 697328]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.5.2010 12:01 294608]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [22.1.2010 22:22 19064]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.5.2010 12:01 17744]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.4.2010 10:30 135664]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [10.12.2010 16:22 718072]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [19.8.2010 19:01 13224]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [12.12.2009 14:41 58536]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 08:30]
.
2011-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-30 08:30]
.
2011-04-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
uDefault_Search_URL =
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
uCustomizeSearch =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google ????... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - /105
IE: Stáhnout pomocí &BitSpiritu - c:\program files\BitSpirit\bsurl.htm
TCP: {CDFE3105-AC99-4BFC-97E2-96FF050DE5FD} = 208.67.222.222
DPF: {6678BE91-1E04-4A4A-9C32-63145EA79C2A} - hxxp://fifa-online.easports.com/fo3-theme/addons/EAFO3AXLauncher.cab
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://
www.o2c.de/download/o2cplayer.cab
FF - ProfilePath - c:\documents and settings\Řehák\Data aplikací\Mozilla\Firefox\Profiles\4rz0s8bo.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 3.6 Beta 5\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: NASA Night Launch:
nasanightlaunch@example.com - %profile%\extensions\
nasanightlaunch@example.com
FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
FF - Ext: AvantGarde Mist: {1bb9ca60-cdad-11dd-ad8b-0800200c9a66} - %profile%\extensions\{1bb9ca60-cdad-11dd-ad8b-0800200c9a66}
FF - Ext: AmbientFox: {c8f71e5b-88f8-42a7-98bb-e4c506161de9} - %profile%\extensions\{c8f71e5b-88f8-42a7-98bb-e4c506161de9}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: Facebook Chat:
webagent86@gmail.com - %profile%\extensions\
webagent86@gmail.com
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: PandoraTV Toolbar:
toolbar@ask.com - %profile%\extensions\
toolbar@ask.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Start WingMan Profiler - (no file)
MSConfigStartUp-nwiz - nwiz.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-04-22 11:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-583907252-1644491937-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D12FE6D-F6D6-CDE6-1B95-6AC6ECDAA925}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oalofilpdamafnakidohhodeodbdjo"=hex:61,69,6e,6a,6f,6f,6a,6b,70,62,70,65,6b,6a,
6f,62,63,6a,63,68,6c,6f,61,63,64,66,6a,70,64,6b,6e,6a,6a,66,66,67,6e,66,65,\
"iagpbibnpoabbaamml"=hex:6a,61,64,6b,70,66,67,61,69,64,61,68,6f,62,63,6a,6f,6a,
70,70,00,00
"haapljaicbnnoofh"=hex:6a,61,64,6b,70,66,67,61,69,64,61,68,6f,62,63,6a,6f,6a,
70,70,00,00
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1116)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-04-22 11:33:48
ComboFix-quarantined-files.txt 2011-04-22 09:33
.
Před spuštěním: Volných bajtů: 23 243 866 112
Po spuštění: Volných bajtů: 23 387 344 896
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - F7C15861543AC2D556EF78139E33A0D2
tak Konec
Stiahni na plochu>>2x klik a spust-po skane sa vytvori log>>log.txt >vloz sem