Ahoj, prosim o kontrolu logu. PC občas padá a windows update nabízí dokola, po každém restartu, k instalaci ty stejné aktualizace, které předtím několikrát nainstaloval. Všechno jsou to aktualizace které mají v názvu Microsoft .NET framework.
PC je cca měsíc nově přeinstalováno.
edit: Zapoměl jsem uvést problém s Eset antivirus: program se často nespustí a napíše chybu: Nepodařilo se inicializovat virový skener. Většina částí antivirového programu nebude správně fungovat.
Děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maruška at 2011-09-05 00:11:15
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (31%) free of 48 GB
Total RAM: 1023 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:11:45, on 5.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\programy\totalcmd\TOTALCMD.EXE
c:\Documents and Settings\Maruška\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\trend micro\Maruška.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-343818398-1532298954-839522115-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5336 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1532298954-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-343818398-1532298954-839522115-1004UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npwachk.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\searchplugins\
icq-search.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-10-24 90112]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-14 7323648]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-01-03 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-01-03 69632]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-12-14 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-07-29 17361032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2011-09-05 00:11:27 ----D---- C:\Program Files\trend micro
2011-09-05 00:11:14 ----D---- C:\rsit
2011-09-04 23:19:38 ----D---- C:\Program Files\Common Files\Apple
2011-09-04 23:19:25 ----D---- C:\Program Files\Apple Software Update
2011-09-04 23:19:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-08-23 21:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-08-18 10:18:16 ----D---- C:\Program Files\ESET
2011-08-18 10:18:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-08-17 21:30:50 ----D---- C:\Program Files\Prime95
2011-08-17 19:41:45 ----D---- C:\Program Files\HD Tune
2011-08-17 00:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-08-15 21:41:48 ----D---- C:\Program Files\Microsoft.NET
2011-08-15 21:38:38 ----D---- C:\WINDOWS\system32\XPSViewer
2011-08-15 21:38:35 ----D---- C:\Program Files\MSBuild
2011-08-15 21:38:33 ----D---- C:\WINDOWS\system32\en-US
2011-08-15 21:38:29 ----D---- C:\Program Files\Reference Assemblies
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-08-15 21:37:18 ----RSD---- C:\WINDOWS\assembly
2011-08-15 21:36:55 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-15 21:17:09 ----D---- C:\WINDOWS\pss
2011-08-15 20:50:54 ----RD---- C:\Program Files\Skype
2011-08-15 20:26:40 ----D---- C:\Program Files\Registry Repair Wizard
2011-08-15 20:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-15 20:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-15 20:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-15 18:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-15 18:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-13 19:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-08-06 10:30:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
======List of files/folders modified in the last 1 month======
2011-09-05 00:11:32 ----D---- C:\WINDOWS\Temp
2011-09-05 00:11:27 ----RD---- C:\Program Files
2011-09-05 00:09:34 ----SHD---- C:\Config.Msi
2011-09-05 00:09:29 ----SHD---- C:\WINDOWS\Installer
2011-09-05 00:09:26 ----D---- C:\WINDOWS\system32
2011-09-05 00:09:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-05 00:09:15 ----D---- C:\WINDOWS\WinSxS
2011-09-04 23:51:32 ----D---- C:\WINDOWS\Prefetch
2011-09-04 23:48:25 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-04 23:47:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-04 23:23:43 ----D---- C:\Program Files\Mozilla Firefox
2011-09-04 23:19:38 ----D---- C:\Program Files\Common Files
2011-09-04 23:19:28 ----SD---- C:\WINDOWS\Tasks
2011-08-30 16:21:41 ----D---- C:\WINDOWS\Minidump
2011-08-30 16:21:41 ----D---- C:\WINDOWS
2011-08-28 18:42:21 ----HD---- C:\WINDOWS\inf
2011-08-23 20:00:21 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2011-08-18 10:18:26 ----D---- C:\WINDOWS\system32\drivers
2011-08-17 22:26:19 ----D---- C:\Program Files\The KMPlayer
2011-08-17 21:00:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-08-17 20:58:38 ----SD---- C:\Documents and Settings\Maruška\Data aplikací\Microsoft
2011-08-17 20:58:38 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Adobe
2011-08-17 00:29:28 ----A---- C:\WINDOWS\imsins.BAK
2011-08-17 00:29:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-08-17 00:29:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-15 21:38:32 ----RSD---- C:\WINDOWS\Fonts
2011-08-15 21:38:06 ----D---- C:\WINDOWS\system32\spool
2011-08-15 21:36:59 ----D---- C:\Program Files\Internet Explorer
2011-08-15 21:18:09 ----SH---- C:\boot.ini
2011-08-15 21:18:09 ----A---- C:\WINDOWS\win.ini
2011-08-15 21:18:09 ----A---- C:\WINDOWS\system.ini
2011-08-15 21:17:00 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Skype
2011-08-15 20:50:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-08-15 20:39:24 ----D---- C:\WINDOWS\system32\config
2011-08-15 20:02:24 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-15 20:02:00 ----D---- C:\WINDOWS\ie8updates
2011-08-15 19:01:38 ----D---- C:\programy
2011-08-15 18:57:10 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-14 3580480]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-14 143427]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dobrý večer 
Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
Program nepoužívejte bez doporučení Rádce a pozorně se řiďte následujících pokynu,protože program netoleruje chyby a může dojít k úplnému poškození systému!!
Stáhneme si Combofix 
- Program uložíme nejlépe na Plochu
- Vypneme všechny rezidentní štíty.Jak antiviru,tak antispywaru a firewallu
- Vypneme všechny běžící aplikace (ICQ,prohlížeč,programy) a necháme pouze Combofix
- Spustíme Combofix.exe s administrátorským oprávněním
U Windows XP se přihlásíme pod účtem správce
Ve Windows 7 a Vista klikněte pravým tlačítkem myši na Combofix.exe a dejte ,,Spustit jako správce,,) - Hned po startu programu na vás vyskočí licenční podmínky,tak potvrdíme tlačítkemANO
- Pokud vám Combofix nabídne instalaci Konzoly pro zotavení,tak souhlaste a nechte nainstalovat(zde je potřeba aktivní připojení na internet)
- Pokračujte dle pokynů programu a během skenování na nic neklikejte,na pc nepracujte(ICQ,jiné aplikace,internet..).Nechte počítač v klidu.
- Celý sken tvá mezi 5-15 min,ale pokud je v PC hodně havěti,tak se čas může lišit.
- Po skončení skenování(případném restartu počítače) se vám zobrazí log z Combofixu,který mi vložte sem(Kdyby se log nezobrazil,tak jej najdete zde: C:\ComboFix.txt
- (Pokud si nevíte rady s kterýmkoliv z výše uvedených kroků,tak se ptejte nebo mrkněte na detailnější návod včetně obrázků http://www.bleepingcomputer.com/combofi ... t-combofix )
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Dobrý večer, zde přikládám log z combofixu.
Comodo firewall jsem vypnul těsně před spuštěním combofixu, tak možná proto je uveden jako enabled.
Během skenu vyskočila hláška o Ukončení programu grep.exe s nabídkou odeslání error kódu společnosti Microsoft. (zamítnul jsem)
ComboFix 11-09-05.03 - Maruška 05.09.2011 19:46:05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.659 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\MaruÜka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\SysInfo.dll
C:\WINDOWS\system32\WinSys.exe
Nakažená kopie C:\WINDOWS\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe
Nakažená kopie C:\WINDOWS\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\system32\dllcache\asycfilt.dll
Nakažená kopie C:\WINDOWS\system32\ddraw.dll byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-05 do 2011-09-05 )))))))))))))))))))))))))))))))
2011-09-04 22:11:27 . 2011-09-04 22:11:45 -------- d-----w- C:\Program Files\trend micro
2011-09-04 22:11:14 . 2011-09-04 22:11:47 -------- d-----w- C:\rsit
2011-09-04 21:23:43 . 2011-08-30 23:12:22 134104 ----a-w- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23:43 . 2011-08-30 23:12:21 924632 ----a-w- C:\Program Files\Mozilla Firefox\firefox.exe
2011-09-04 21:19:38 . 2011-09-04 21:19:38 -------- d-----w- C:\Program Files\Common Files\Apple
2011-09-04 21:19:27 . 2011-09-04 21:19:27 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Apple
2011-09-04 21:19:25 . 2011-09-04 21:19:26 -------- d-----w- C:\Program Files\Apple Software Update
2011-09-04 21:19:25 . 2011-09-04 21:19:25 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-08-18 08:18:16 . 2011-08-18 08:18:16 -------- d-----w- C:\Program Files\ESET
2011-08-18 08:18:16 . 2011-08-18 08:18:16 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-08-17 19:30:50 . 2011-09-04 20:59:21 -------- d-----w- C:\Program Files\Prime95
2011-08-17 18:58:37 . 2011-08-17 18:58:37 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Adobe
2011-08-17 17:41:45 . 2011-08-17 17:41:46 -------- d-----w- C:\Program Files\HD Tune
2011-08-17 17:29:19 . 2011-08-17 17:29:19 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41:48 . 2011-08-15 19:41:48 -------- d-----w- C:\Program Files\Microsoft.NET
2011-08-15 19:38:38 . 2011-08-15 19:38:38 -------- d-----w- C:\WINDOWS\system32\XPSViewer
2011-08-15 19:38:35 . 2011-08-15 19:38:35 -------- d-----w- C:\Program Files\MSBuild
2011-08-15 19:38:29 . 2011-08-15 19:38:29 -------- d-----w- C:\Program Files\Reference Assemblies
2011-08-15 19:38:07 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 89088 -c----w- C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 575488 -c----w- C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 1676288 -c----w- C:\WINDOWS\system32\dllcache\xpssvcs.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dll
2011-08-15 19:37:54 . 2008-07-06 10:50:03 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37:54 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28:40 . 2011-08-15 19:28:40 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50:54 . 2011-08-15 18:50:54 -------- d-----r- C:\Program Files\Skype
2011-08-15 18:26:40 . 2011-08-23 18:00:24 -------- d-----w- C:\Program Files\Registry Repair Wizard
2011-08-15 16:50:30 . 2011-06-24 14:10:39 139656 -c----w- C:\WINDOWS\system32\dllcache\rdpwd.sys
2011-08-15 16:49:22 . 2011-07-08 14:02:00 10496 -c----w- C:\WINDOWS\system32\dllcache\ndistapi.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-08-30 20:13:57 . 2011-08-04 14:50:30 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33:30 . 2011-08-04 14:33:42 505128 ----a-w- C:\WINDOWS\system32\msvcp71.dll
2011-08-04 14:33:30 . 2011-08-04 14:33:42 353576 ----a-w- C:\WINDOWS\system32\msvcr71.dll
2011-07-15 13:29:31 . 2004-08-18 12:00:00 456320 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 . 2004-08-18 12:00:00 10496 ----a-w- C:\WINDOWS\system32\drivers\ndistapi.sys
2011-06-30 07:38:16 . 2011-06-30 07:38:16 97504 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys
2011-06-30 07:38:14 . 2011-06-30 07:38:14 29400 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys
2011-06-30 07:38:14 . 2011-06-30 07:38:14 242600 ----a-w- C:\WINDOWS\system32\drivers\cmdGuard.sys
2011-06-30 07:38:12 . 2011-06-30 07:38:12 17416 ----a-w- C:\WINDOWS\system32\drivers\cmderd.sys
2011-06-30 07:37:26 . 2011-06-30 07:37:26 285256 ----a-w- C:\WINDOWS\system32\guard32.dll
2011-06-24 14:10:39 . 2011-08-04 13:12:13 139656 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-06-23 18:31:31 . 2004-08-18 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2011-06-23 18:31:30 . 2004-08-18 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2011-06-23 18:31:30 . 2004-08-18 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2011-06-23 12:05:34 . 2004-08-18 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2011-06-20 17:44:52 . 2004-08-18 12:00:00 293376 ----a-w- C:\WINDOWS\system32\winsrv.dll
2011-08-30 23:12:22 . 2011-09-04 21:23:43 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17:24 1487240 ----a-w- C:\Program Files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 06:45:16 90112]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 06:51:00 7323648]
"nwiz"="nwiz.exe" [2005-12-14 06:51:00 1519616]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2006-01-03 02:58:28 208896]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2006-01-03 02:59:00 69632]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-14 06:51:00 86016]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 10:55:28 937920]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 07:37:06 2554696]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 14:41:24 2219184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31:22 17361032 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
Comodo firewall jsem vypnul těsně před spuštěním combofixu, tak možná proto je uveden jako enabled.
Během skenu vyskočila hláška o Ukončení programu grep.exe s nabídkou odeslání error kódu společnosti Microsoft. (zamítnul jsem)
ComboFix 11-09-05.03 - Maruška 05.09.2011 19:46:05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.659 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\MaruÜka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\SysInfo.dll
C:\WINDOWS\system32\WinSys.exe
Nakažená kopie C:\WINDOWS\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe
Nakažená kopie C:\WINDOWS\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\system32\dllcache\asycfilt.dll
Nakažená kopie C:\WINDOWS\system32\ddraw.dll byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\$NtServicePackUninstall$\ddraw.dll
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-05 do 2011-09-05 )))))))))))))))))))))))))))))))
2011-09-04 22:11:27 . 2011-09-04 22:11:45 -------- d-----w- C:\Program Files\trend micro
2011-09-04 22:11:14 . 2011-09-04 22:11:47 -------- d-----w- C:\rsit
2011-09-04 21:23:43 . 2011-08-30 23:12:22 134104 ----a-w- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23:43 . 2011-08-30 23:12:21 924632 ----a-w- C:\Program Files\Mozilla Firefox\firefox.exe
2011-09-04 21:19:38 . 2011-09-04 21:19:38 -------- d-----w- C:\Program Files\Common Files\Apple
2011-09-04 21:19:27 . 2011-09-04 21:19:27 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Apple
2011-09-04 21:19:25 . 2011-09-04 21:19:26 -------- d-----w- C:\Program Files\Apple Software Update
2011-09-04 21:19:25 . 2011-09-04 21:19:25 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-08-18 08:18:16 . 2011-08-18 08:18:16 -------- d-----w- C:\Program Files\ESET
2011-08-18 08:18:16 . 2011-08-18 08:18:16 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-08-17 19:30:50 . 2011-09-04 20:59:21 -------- d-----w- C:\Program Files\Prime95
2011-08-17 18:58:37 . 2011-08-17 18:58:37 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Adobe
2011-08-17 17:41:45 . 2011-08-17 17:41:46 -------- d-----w- C:\Program Files\HD Tune
2011-08-17 17:29:19 . 2011-08-17 17:29:19 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41:48 . 2011-08-15 19:41:48 -------- d-----w- C:\Program Files\Microsoft.NET
2011-08-15 19:38:38 . 2011-08-15 19:38:38 -------- d-----w- C:\WINDOWS\system32\XPSViewer
2011-08-15 19:38:35 . 2011-08-15 19:38:35 -------- d-----w- C:\Program Files\MSBuild
2011-08-15 19:38:29 . 2011-08-15 19:38:29 -------- d-----w- C:\Program Files\Reference Assemblies
2011-08-15 19:38:07 . 2008-07-06 12:06:10 89088 ----a-w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 89088 -c----w- C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 575488 -c----w- C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 575488 ------w- C:\WINDOWS\system32\xpsshhdr.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 1676288 -c----w- C:\WINDOWS\system32\dllcache\xpssvcs.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 1676288 ------w- C:\WINDOWS\system32\xpssvcs.dll
2011-08-15 19:37:54 . 2008-07-06 12:06:10 117760 ------w- C:\WINDOWS\system32\prntvpt.dll
2011-08-15 19:37:54 . 2008-07-06 10:50:03 597504 -c----w- C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37:54 . 2008-07-06 10:50:03 597504 ------w- C:\WINDOWS\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28:40 . 2011-08-15 19:28:40 -------- d-----w- C:\Documents and Settings\Maruška\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50:54 . 2011-08-15 18:50:54 -------- d-----r- C:\Program Files\Skype
2011-08-15 18:26:40 . 2011-08-23 18:00:24 -------- d-----w- C:\Program Files\Registry Repair Wizard
2011-08-15 16:50:30 . 2011-06-24 14:10:39 139656 -c----w- C:\WINDOWS\system32\dllcache\rdpwd.sys
2011-08-15 16:49:22 . 2011-07-08 14:02:00 10496 -c----w- C:\WINDOWS\system32\dllcache\ndistapi.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-08-30 20:13:57 . 2011-08-04 14:50:30 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33:30 . 2011-08-04 14:33:42 505128 ----a-w- C:\WINDOWS\system32\msvcp71.dll
2011-08-04 14:33:30 . 2011-08-04 14:33:42 353576 ----a-w- C:\WINDOWS\system32\msvcr71.dll
2011-07-15 13:29:31 . 2004-08-18 12:00:00 456320 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 . 2004-08-18 12:00:00 10496 ----a-w- C:\WINDOWS\system32\drivers\ndistapi.sys
2011-06-30 07:38:16 . 2011-06-30 07:38:16 97504 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys
2011-06-30 07:38:14 . 2011-06-30 07:38:14 29400 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys
2011-06-30 07:38:14 . 2011-06-30 07:38:14 242600 ----a-w- C:\WINDOWS\system32\drivers\cmdGuard.sys
2011-06-30 07:38:12 . 2011-06-30 07:38:12 17416 ----a-w- C:\WINDOWS\system32\drivers\cmderd.sys
2011-06-30 07:37:26 . 2011-06-30 07:37:26 285256 ----a-w- C:\WINDOWS\system32\guard32.dll
2011-06-24 14:10:39 . 2011-08-04 13:12:13 139656 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-06-23 18:31:31 . 2004-08-18 12:00:00 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2011-06-23 18:31:30 . 2004-08-18 12:00:00 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2011-06-23 18:31:30 . 2004-08-18 12:00:00 1469440 ------w- C:\WINDOWS\system32\inetcpl.cpl
2011-06-23 12:05:34 . 2004-08-18 12:00:00 385024 ----a-w- C:\WINDOWS\system32\html.iec
2011-06-20 17:44:52 . 2004-08-18 12:00:00 293376 ----a-w- C:\WINDOWS\system32\winsrv.dll
2011-08-30 23:12:22 . 2011-09-04 21:23:43 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17:24 1487240 ----a-w- C:\Program Files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 06:45:16 90112]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 06:51:00 7323648]
"nwiz"="nwiz.exe" [2005-12-14 06:51:00 1519616]
"SW20"="C:\WINDOWS\system32\sw20.exe" [2006-01-03 02:58:28 208896]
"SW24"="C:\WINDOWS\system32\sw24.exe" [2006-01-03 02:59:00 69632]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-14 06:51:00 86016]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 10:55:28 937920]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 07:37:06 2554696]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 14:41:24 2219184]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31:22 17361032 ----a-r- C:\Program Files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Poprosím o zbytek logu,není kompletní 
najdete ho na C:\
najdete ho na C:\Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Omlouvám se, pravděpodobně se při vytváření logu restartoval PC. Kompletní log jsem nenašel. Proto jsem combofix spustil dnes podruhé a zde je nový, snad kompletní log.
Opět při práci combofixu vyskočilo hlášení o pádu aplikace grep.3XE.
ComboFix 11-09-07.04 - Maruška 07.09.2011 20:27:13.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.647 [GMT 2:00]
Spuštěný z: c:\documents and settings\Maruška\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
---- Předchozí spuštění -------
.
c:\windows\iun6002.exe
c:\windows\system32\SysInfo.dll
c:\windows\system32\WinSys.exe
.
-- Předchozí spuštění --
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\asycfilt.dll
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\asycfilt.dll
.
Nakažená kopie c:\windows\system32\ddraw.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\ddraw.dll
.
--------
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-07 do 2011-09-07 )))))))))))))))))))))))))))))))
.
.
2011-09-07 18:26 . 2011-09-07 18:26 -------- d-----w- c:\windows\LastGood
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- c:\program files\trend micro
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- C:\rsit
2011-09-04 21:23 . 2011-08-30 23:12 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23 . 2011-08-30 23:12 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Common Files\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Apple Software Update
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\program files\ESET
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-17 19:30 . 2011-09-04 20:59 -------- d-----w- c:\program files\Prime95
2011-08-17 18:58 . 2011-08-17 18:58 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Adobe
2011-08-17 17:41 . 2011-08-17 17:41 -------- d-----w- c:\program files\HD Tune
2011-08-17 17:29 . 2011-08-17 17:29 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41 . 2011-08-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\windows\system32\XPSViewer
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\MSBuild
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\Reference Assemblies
2011-08-15 19:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-08-15 19:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28 . 2011-08-15 19:28 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50 . 2011-08-15 18:50 -------- d-----r- c:\program files\Skype
2011-08-15 18:26 . 2011-08-23 18:00 -------- d-----w- c:\program files\Registry Repair Wizard
2011-08-15 16:50 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-15 16:49 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-30 20:13 . 2011-08-04 14:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33 . 2011-08-04 14:33 505128 ----a-w- c:\windows\system32\msvcp71.dll
2011-08-04 14:33 . 2011-08-04 14:33 353576 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-30 07:38 . 2011-06-30 07:38 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 07:38 . 2011-06-30 07:38 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 07:38 . 2011-06-30 07:38 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 07:38 . 2011-06-30 07:38 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 07:37 . 2011-06-30 07:37 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10 . 2011-08-04 13:12 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-30 23:12 . 2011-09-04 21:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-05_17.51.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-18 12:00 . 2011-09-05 04:17 67870 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 67870 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-09-05 04:17 78452 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 78452 c:\windows\system32\perfc005.dat
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-18 12:00 . 2011-09-05 04:17 432914 c:\windows\system32\perfh009.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-05 04:17 429440 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 429440 c:\windows\system32\perfh005.dat
- 2011-09-05 04:17 . 2011-09-05 04:17 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-28 01:27 . 2011-03-28 01:27 15456256 c:\windows\Installer\1acf1.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 90112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"nwiz"="nwiz.exe" [2005-12-14 1519616]
"SW20"="c:\windows\system32\sw20.exe" [2006-01-03 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-01-03 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-14 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31 17361032 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [30.6.2011 9:38 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [30.6.2011 9:38 29400]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-06 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-02-01 17:17]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.228.41.113 160.218.161.54
FF - ProfilePath - c:\documents and settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-07 20:31
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(804)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
Celkový čas: 2011-09-07 20:33:11
ComboFix-quarantined-files.txt 2011-09-07 18:33
.
Před spuštěním: Volných bajtů: 17 488 728 064
Po spuštění: Volných bajtů: 18 021 892 096
.
- - End Of File - - 459D6F3B67BF39A1A98F63C3FB44DC28
Opět při práci combofixu vyskočilo hlášení o pádu aplikace grep.3XE.
ComboFix 11-09-07.04 - Maruška 07.09.2011 20:27:13.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.647 [GMT 2:00]
Spuštěný z: c:\documents and settings\Maruška\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
---- Předchozí spuštění -------
.
c:\windows\iun6002.exe
c:\windows\system32\SysInfo.dll
c:\windows\system32\WinSys.exe
.
-- Předchozí spuštění --
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\asycfilt.dll
.
Nakažená kopie c:\windows\system32\mplay32.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\mplay32.exe
.
Nakažená kopie c:\windows\system32\asycfilt.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\dllcache\asycfilt.dll
.
Nakažená kopie c:\windows\system32\ddraw.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtServicePackUninstall$\ddraw.dll
.
--------
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-07 do 2011-09-07 )))))))))))))))))))))))))))))))
.
.
2011-09-07 18:26 . 2011-09-07 18:26 -------- d-----w- c:\windows\LastGood
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- c:\program files\trend micro
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- C:\rsit
2011-09-04 21:23 . 2011-08-30 23:12 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23 . 2011-08-30 23:12 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Common Files\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Apple Software Update
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\program files\ESET
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-17 19:30 . 2011-09-04 20:59 -------- d-----w- c:\program files\Prime95
2011-08-17 18:58 . 2011-08-17 18:58 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Adobe
2011-08-17 17:41 . 2011-08-17 17:41 -------- d-----w- c:\program files\HD Tune
2011-08-17 17:29 . 2011-08-17 17:29 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41 . 2011-08-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\windows\system32\XPSViewer
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\MSBuild
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\Reference Assemblies
2011-08-15 19:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-08-15 19:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28 . 2011-08-15 19:28 -------- d-----w- c:\documents and settings\Maruška\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50 . 2011-08-15 18:50 -------- d-----r- c:\program files\Skype
2011-08-15 18:26 . 2011-08-23 18:00 -------- d-----w- c:\program files\Registry Repair Wizard
2011-08-15 16:50 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-15 16:49 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-30 20:13 . 2011-08-04 14:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33 . 2011-08-04 14:33 505128 ----a-w- c:\windows\system32\msvcp71.dll
2011-08-04 14:33 . 2011-08-04 14:33 353576 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-30 07:38 . 2011-06-30 07:38 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 07:38 . 2011-06-30 07:38 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 07:38 . 2011-06-30 07:38 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 07:38 . 2011-06-30 07:38 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 07:37 . 2011-06-30 07:37 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10 . 2011-08-04 13:12 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-30 23:12 . 2011-09-04 21:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-05_17.51.35 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-18 12:00 . 2011-09-05 04:17 67870 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 67870 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-09-05 04:17 78452 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 78452 c:\windows\system32\perfc005.dat
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-18 12:00 . 2011-09-05 04:17 432914 c:\windows\system32\perfh009.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-05 04:17 429440 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-09-07 18:26 429440 c:\windows\system32\perfh005.dat
- 2011-09-05 04:17 . 2011-09-05 04:17 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 18:26 . 2011-09-07 18:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-05 04:17 . 2011-09-05 04:17 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-07 18:25 . 2011-09-07 18:25 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-28 01:27 . 2011-03-28 01:27 15456256 c:\windows\Installer\1acf1.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 17:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 90112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"nwiz"="nwiz.exe" [2005-12-14 1519616]
"SW20"="c:\windows\system32\sw20.exe" [2006-01-03 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-01-03 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-14 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31 17361032 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [30.6.2011 9:38 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [30.6.2011 9:38 29400]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-06 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-02-01 17:17]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.228.41.113 160.218.161.54
FF - ProfilePath - c:\documents and settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-07 20:31
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(804)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
Celkový čas: 2011-09-07 20:33:11
ComboFix-quarantined-files.txt 2011-09-07 18:33
.
Před spuštěním: Volných bajtů: 17 488 728 064
Po spuštění: Volných bajtů: 18 021 892 096
.
- - End Of File - - 459D6F3B67BF39A1A98F63C3FB44DC28
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Odinstalujte Ask.com K tomu grep.exe,nejspíše používáte Yahoo! Widgets,takže Combofix jej natvrdo ukončil tak přestal pracovat Otevřeme si Poznámkový blok 
- (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
- Vložíme do něj následující script:
Kód: Vybrat vše
KillAll:: Firefox:: FF - ProfilePath - c:\documents and settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\ FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q= FF - prefs.js: network.proxy.type - 0 File:: c:\windows\Tasks\Scheduled Update for Ask Toolbar.job Folder:: c:\program files\Ask.com\ Driver:: gupdate gupdatem Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"=- "Adobe ARM"=- Reboot:: - Soubor uložíme na Plochu jako CFScript.txt
- Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme
- Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Zde je nový log.
ComboFix 11-09-07.04 - Maruka 08.09.2011 10:51:17.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.650 [GMT 2:00]
Sputěný z: c:\documents and settings\MaruÜka\Plocha\ComboFix.exe
Pouité ovládací přepínače :: c:\documents and settings\MaruÜka\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-08 do 2011-09-08 )))))))))))))))))))))))))))))))
.
.
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- c:\program files\trend micro
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- C:\rsit
2011-09-04 21:23 . 2011-08-30 23:12 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23 . 2011-08-30 23:12 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Common Files\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Apple Software Update
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-09-03 10:17 . 2011-09-03 10:17 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\program files\ESET
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-17 19:30 . 2011-09-04 20:59 -------- d-----w- c:\program files\Prime95
2011-08-17 18:58 . 2011-08-17 18:58 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Adobe
2011-08-17 17:41 . 2011-08-17 17:41 -------- d-----w- c:\program files\HD Tune
2011-08-17 17:29 . 2011-08-17 17:29 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41 . 2011-08-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\windows\system32\XPSViewer
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\MSBuild
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\Reference Assemblies
2011-08-15 19:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-08-15 19:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28 . 2011-08-15 19:28 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50 . 2011-08-15 18:50 -------- d-----r- c:\program files\Skype
2011-08-15 18:26 . 2011-08-23 18:00 -------- d-----w- c:\program files\Registry Repair Wizard
2011-08-15 16:50 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-15 16:49 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-03 10:17 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-30 20:13 . 2011-08-04 14:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33 . 2011-08-04 14:33 505128 ----a-w- c:\windows\system32\msvcp71.dll
2011-08-04 14:33 . 2011-08-04 14:33 353576 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-30 07:38 . 2011-06-30 07:38 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 07:38 . 2011-06-30 07:38 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 07:38 . 2011-06-30 07:38 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 07:38 . 2011-06-30 07:38 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 07:37 . 2011-06-30 07:37 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10 . 2011-08-04 13:12 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-30 23:12 . 2011-09-04 21:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-09-07_18.31.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-18 12:00 . 2011-09-07 18:26 67870 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 67870 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 78452 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 78452 c:\windows\system32\perfc005.dat
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-09-07 18:25 . 2011-09-07 18:25 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-18 12:00 . 2011-09-07 21:38 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 429440 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 429440 c:\windows\system32\perfh005.dat
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\1a14c.msp
- 2011-09-07 18:25 . 2011-09-07 18:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-28 01:27 . 2011-03-28 01:27 15456256 c:\windows\Installer\9b0f57.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spoutěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 90112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"nwiz"="nwiz.exe" [2005-12-14 1519616]
"SW20"="c:\windows\system32\sw20.exe" [2006-01-03 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-01-03 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-14 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31 17361032 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [30.6.2011 9:38 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [30.6.2011 9:38 29400]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
S2 gupdate;Sluba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 gupdatem;Sluba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.228.41.113 160.218.161.54
FF - ProfilePath - c:\documents and settings\Maruka\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-08 11:34
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých poloek 'Po sputění' ...
.
skenování skrytých souborů ...
.
sken byl úspeně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(3840)
c:\windows\system32\guard32.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné sputené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-09-08 11:36:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-08 09:36
ComboFix2.txt 2011-09-07 18:33
.
Před sputěním: Volných bajtů: 17 864 306 688
Po sputění: Volných bajtů: 17 909 469 184
.
- - End Of File - - 07FC76EEA722C0EDFC1055ACE6569AF3
ComboFix 11-09-07.04 - Maruka 08.09.2011 10:51:17.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.650 [GMT 2:00]
Sputěný z: c:\documents and settings\MaruÜka\Plocha\ComboFix.exe
Pouité ovládací přepínače :: c:\documents and settings\MaruÜka\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-08 do 2011-09-08 )))))))))))))))))))))))))))))))
.
.
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- c:\program files\trend micro
2011-09-04 22:11 . 2011-09-04 22:11 -------- d-----w- C:\rsit
2011-09-04 21:23 . 2011-08-30 23:12 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-09-04 21:23 . 2011-08-30 23:12 924632 ----a-w- c:\program files\Mozilla Firefox\firefox.exe
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Common Files\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Apple
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\program files\Apple Software Update
2011-09-04 21:19 . 2011-09-04 21:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-09-03 10:17 . 2011-09-03 10:17 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\program files\ESET
2011-08-18 08:18 . 2011-08-18 08:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-17 19:30 . 2011-09-04 20:59 -------- d-----w- c:\program files\Prime95
2011-08-17 18:58 . 2011-08-17 18:58 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Adobe
2011-08-17 17:41 . 2011-08-17 17:41 -------- d-----w- c:\program files\HD Tune
2011-08-17 17:29 . 2011-08-17 17:29 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\PCHealth
2011-08-15 19:41 . 2011-08-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\windows\system32\XPSViewer
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\MSBuild
2011-08-15 19:38 . 2011-08-15 19:38 -------- d-----w- c:\program files\Reference Assemblies
2011-08-15 19:38 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-08-15 19:37 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-08-15 19:37 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-08-15 19:37 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-08-15 19:28 . 2011-08-15 19:28 -------- d-----w- c:\documents and settings\Maruka\Local Settings\Data aplikací\Apple Computer
2011-08-15 18:50 . 2011-08-15 18:50 -------- d-----r- c:\program files\Skype
2011-08-15 18:26 . 2011-08-23 18:00 -------- d-----w- c:\program files\Registry Repair Wizard
2011-08-15 16:50 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-15 16:49 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-03 10:17 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-30 20:13 . 2011-08-04 14:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-04 14:33 . 2011-08-04 14:33 505128 ----a-w- c:\windows\system32\msvcp71.dll
2011-08-04 14:33 . 2011-08-04 14:33 353576 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-30 07:38 . 2011-06-30 07:38 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 07:38 . 2011-06-30 07:38 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 07:38 . 2011-06-30 07:38 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 07:38 . 2011-06-30 07:38 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 07:37 . 2011-06-30 07:37 285256 ----a-w- c:\windows\system32\guard32.dll
2011-06-24 14:10 . 2011-08-04 13:12 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-08-18 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-08-30 23:12 . 2011-09-04 21:23 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-09-07_18.31.39 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-18 12:00 . 2011-09-07 18:26 67870 c:\windows\system32\perfc009.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 67870 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 78452 c:\windows\system32\perfc005.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 78452 c:\windows\system32\perfc005.dat
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-09-07 18:25 . 2011-09-07 18:25 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2004-08-18 12:00 . 2011-09-07 21:38 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 432914 c:\windows\system32\perfh009.dat
- 2004-08-18 12:00 . 2011-09-07 18:26 429440 c:\windows\system32\perfh005.dat
+ 2004-08-18 12:00 . 2011-09-07 21:38 429440 c:\windows\system32\perfh005.dat
+ 2010-02-24 22:14 . 2010-02-24 22:14 543232 c:\windows\Installer\1a14c.msp
- 2011-09-07 18:25 . 2011-09-07 18:25 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-07 18:26 . 2011-09-07 18:26 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 5238784 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-09-07 18:25 . 2011-09-07 18:25 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-09-07 21:38 . 2011-09-07 21:38 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-03-28 01:27 . 2011-03-28 01:27 15456256 c:\windows\Installer\9b0f57.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spoutěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 90112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"nwiz"="nwiz.exe" [2005-12-14 1519616]
"SW20"="c:\windows\system32\sw20.exe" [2006-01-03 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-01-03 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-14 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-07-29 10:31 17361032 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [30.6.2011 9:38 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [30.6.2011 9:38 29400]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
S2 gupdate;Sluba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 gupdatem;Sluba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.8.2011 16:05 136176]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
2011-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-04 14:05]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.228.41.113 160.218.161.54
FF - ProfilePath - c:\documents and settings\Maruka\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-08 11:34
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých poloek 'Po sputění' ...
.
skenování skrytých souborů ...
.
sken byl úspeně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(800)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(3840)
c:\windows\system32\guard32.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné sputené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-09-08 11:36:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-08 09:36
ComboFix2.txt 2011-09-07 18:33
.
Před sputěním: Volných bajtů: 17 864 306 688
Po sputění: Volných bajtů: 17 909 469 184
.
- - End Of File - - 07FC76EEA722C0EDFC1055ACE6569AF3
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Výborně
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter
T-Cleaner
TFC
Malwarebytes' Anti-Malware 
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter T-Cleaner
- Spustíme,zmáčkneme klávesu A a potvrdíme ENTER(některé antiviry mohou detekovat utilitu jako vir-jedá se o falešný poplach,proto IGNOROVAT nebo dočasně vypnout antivir )
- po použití T-Cleaner smažte
TFC
- Stáhneme a spustíme program
- Klikneme na Start a potvrdíme OK
- Program začne uklízet,poté restartuje pc
- po použití program smažte
Malwarebytes' Anti-Malware
- Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
- Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
- Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
- Objeví se vám log,který mi sem vložte
- NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Takže jsem vše provedl. Program TFC vymazal nějakýho troskýho koně. A taky asi smazal aktualizace nebo změnil vzhled windows, protože win XP nyní má šedé lišty, hranaté okraje atd...
Níže log z Malwarebytes.
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11.9.2011 20:36:03
mbam-log-2011-09-11 (20-36-03).txt
Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 179104
Uplynulý čas: 25 minut, 8 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Níže log z Malwarebytes.
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11.9.2011 20:36:03
mbam-log-2011-09-11 (20-36-03).txt
Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 179104
Uplynulý čas: 25 minut, 8 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Vše je v pořádku..vzhled windows si vraťte manuálně... pravým tlačítkem myši kliknete na plochu a zvolíte Vlastnosti a u kolonky Motivy vyberete Windows XP
Můžete odinstalovat malwarebytes..
Údržba PC:
1)Čištění dočasných složek + neplatné registry
Ccleaner
Defraggler
FileHippo.com Update Checker
Jak se chová PC + nový RSIT
Můžete odinstalovat malwarebytes..Údržba PC:
1)Čištění dočasných složek + neplatné registry
- Stáhneme a nainstalujeme program
- Spustíme program
- ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner - Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů - Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
Defraggler
- Stáhneme a nainstalujeme program
- Spustíme program
- Vybereme disk ( C:,D:..prostě který používáme)
- Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
- Proveďte se všemi používanými disky
- Provádíme 1x za měsíc
FileHippo.com Update Checker
- Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
- Spustíme program
- Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
- Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní - Provádíme 1x za 14 dní nebo jednou za měsíc
Jak se chová PC + nový RSITNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Dobrý den,Tak jsem vše před několika dny provedl podle návodu, a sledoval jsem chování PC. PC se již bezdůvodně nerestartuje. Vypadá to že i Firefox se bezdůvodně nevypíná. Bohužel problém s opakovaným stahováním a instalováním aktualizací nezmizel. Systém vždy při instalaci nových aktualizací (pro Microsoft net framework) zahlásí že není možné aktualizace nainstalovat a vše se opakuje znovu.
Nicméně by jsem chtěl již teď poděkovat za pomoc s vyřešením některých problémů.
Nový log přiložen zde.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maruška at 2011-09-12 10:40:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (27%) free of 48 GB
Total RAM: 1023 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:43, on 12.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\FileHippo\UpdateChecker.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Maruška\Plocha\RSIT.exe
C:\Program Files\trend micro\Maruška.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-343818398-1532298954-839522115-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4882 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\searchplugins\
icq-search.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-10-24 90112]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-14 7323648]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-01-03 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-01-03 69632]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-12-14 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2006-10-26 434528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-08-26 17361032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2011-09-12 10:40:39 ----D---- C:\rsit
2011-09-12 10:36:52 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-09-12 10:36:47 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2011-09-12 10:36:21 ----D---- C:\Program Files\Windows Media Connect 2
2011-09-12 10:36:12 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2011-09-12 10:35:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-09-12 10:35:10 ----A---- C:\WINDOWS\imsins.BAK
2011-09-12 10:35:09 ----D---- C:\WINDOWS\system32\LogFiles
2011-09-12 10:35:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-09-12 10:35:02 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-09-12 10:34:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-09-12 10:34:03 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-09-12 10:33:31 ----D---- C:\WINDOWS\LastGood
2011-09-12 10:33:30 ----D---- C:\WINDOWS\RegisteredPackages
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxwma.dll
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-09-12 10:01:56 ----D---- C:\Program Files\FileHippo
2011-09-12 00:35:57 ----D---- C:\Program Files\QuickTime
2011-09-12 00:35:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-09-11 21:23:35 ----D---- C:\Program Files\Defraggler
2011-09-11 21:16:47 ----D---- C:\Program Files\CCleaner
2011-09-11 20:10:01 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Malwarebytes
2011-09-11 20:09:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-09-11 20:09:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-09-11 20:09:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-09-11 20:09:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-09-11 17:07:12 ----SHD---- C:\RECYCLER
2011-09-08 12:03:49 ----A---- C:\WINDOWS\system32\muweb.dll
2011-09-08 12:03:49 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-09-08 11:36:34 ----D---- C:\WINDOWS\temp
2011-09-07 23:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-05 19:40:53 ----A---- C:\Boot.bak
2011-09-05 19:40:49 ----RASHD---- C:\cmdcons
2011-09-05 19:39:29 ----D---- C:\Qoobox
2011-09-05 00:11:27 ----D---- C:\Program Files\trend micro
2011-09-04 23:19:38 ----D---- C:\Program Files\Common Files\Apple
2011-09-04 23:19:25 ----D---- C:\Program Files\Apple Software Update
2011-09-04 23:19:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-08-23 21:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-08-18 10:18:16 ----D---- C:\Program Files\ESET
2011-08-18 10:18:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-08-17 21:30:50 ----D---- C:\Program Files\Prime95
2011-08-17 19:41:45 ----D---- C:\Program Files\HD Tune
2011-08-17 00:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-08-15 21:41:48 ----D---- C:\Program Files\Microsoft.NET
2011-08-15 21:38:38 ----D---- C:\WINDOWS\system32\XPSViewer
2011-08-15 21:38:35 ----D---- C:\Program Files\MSBuild
2011-08-15 21:38:33 ----D---- C:\WINDOWS\system32\en-US
2011-08-15 21:38:29 ----D---- C:\Program Files\Reference Assemblies
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-08-15 21:37:18 ----RSD---- C:\WINDOWS\assembly
2011-08-15 21:36:55 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-15 21:17:09 ----D---- C:\WINDOWS\pss
2011-08-15 20:50:54 ----RD---- C:\Program Files\Skype
2011-08-15 20:26:40 ----D---- C:\Program Files\Registry Repair Wizard
2011-08-15 20:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-15 20:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-15 20:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-15 18:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-15 18:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-13 19:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
======List of files/folders modified in the last 1 month======
2011-09-12 10:37:07 ----D---- C:\WINDOWS\Prefetch
2011-09-12 10:37:01 ----HD---- C:\WINDOWS\inf
2011-09-12 10:37:00 ----D---- C:\WINDOWS
2011-09-12 10:36:59 ----D---- C:\WINDOWS\system32
2011-09-12 10:36:31 ----A---- C:\WINDOWS\win.ini
2011-09-12 10:36:21 ----RD---- C:\Program Files
2011-09-12 10:36:21 ----D---- C:\Program Files\Windows Media Player
2011-09-12 10:36:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-12 10:36:18 ----D---- C:\WINDOWS\Help
2011-09-12 10:35:38 ----D---- C:\WINDOWS\system32\drivers
2011-09-12 10:34:15 ----D---- C:\Program Files\Winamp
2011-09-12 10:34:01 ----D---- C:\WINDOWS\system32\DirectX
2011-09-12 10:33:58 ----D---- C:\WINDOWS\Logs
2011-09-12 10:33:50 ----D---- C:\WINDOWS\security
2011-09-12 10:32:56 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Winamp
2011-09-12 10:30:24 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Skype
2011-09-12 10:30:15 ----SHD---- C:\WINDOWS\Installer
2011-09-12 10:30:13 ----D---- C:\Config.Msi
2011-09-12 10:15:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-12 10:14:53 ----D---- C:\WINDOWS\WinSxS
2011-09-12 10:09:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-09-12 09:51:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-12 09:50:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-11 22:05:07 ----D---- C:\Program Files\The KMPlayer
2011-09-11 21:20:30 ----D---- C:\WINDOWS\Debug
2011-09-11 20:03:21 ----D---- C:\WINDOWS\Minidump
2011-09-11 20:03:06 ----SHD---- C:\System Volume Information
2011-09-11 20:03:06 ----D---- C:\WINDOWS\system32\Restore
2011-09-11 17:07:53 ----D---- C:\Program Files\Mozilla Firefox
2011-09-08 11:34:16 ----A---- C:\WINDOWS\system.ini
2011-09-08 11:33:54 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-08 11:32:40 ----D---- C:\WINDOWS\system32\config
2011-09-08 11:12:59 ----D---- C:\WINDOWS\AppPatch
2011-09-08 11:10:45 ----D---- C:\Program Files\Common Files
2011-09-08 10:24:49 ----SD---- C:\WINDOWS\Tasks
2011-09-07 20:51:40 ----SD---- C:\Documents and Settings\Maruška\Data aplikací\Microsoft
2011-09-07 20:13:34 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-05 19:40:53 ----RASH---- C:\boot.ini
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-08-23 20:00:21 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2011-08-17 21:00:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-08-17 20:58:38 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Adobe
2011-08-17 00:29:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-08-15 21:38:32 ----RSD---- C:\WINDOWS\Fonts
2011-08-15 21:38:06 ----D---- C:\WINDOWS\system32\spool
2011-08-15 21:36:59 ----D---- C:\Program Files\Internet Explorer
2011-08-15 20:50:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-08-15 20:02:00 ----D---- C:\WINDOWS\ie8updates
2011-08-15 19:01:38 ----D---- C:\programy
2011-08-15 18:57:10 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-14 3580480]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-14 143427]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Nicméně by jsem chtěl již teď poděkovat za pomoc s vyřešením některých problémů.
Nový log přiložen zde.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maruška at 2011-09-12 10:40:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (27%) free of 48 GB
Total RAM: 1023 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:43, on 12.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\FileHippo\UpdateChecker.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Maruška\Plocha\RSIT.exe
C:\Program Files\trend micro\Maruška.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-343818398-1532298954-839522115-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4882 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.3.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
C:\Documents and Settings\Maruška\Data aplikací\Mozilla\Firefox\Profiles\febeprof.maruska\searchplugins\
icq-search.xml
icqplugin.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-10-24 90112]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-14 7323648]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-01-03 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-01-03 69632]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-12-14 86016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2006-10-26 434528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-08-26 17361032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2011-09-12 10:40:39 ----D---- C:\rsit
2011-09-12 10:36:52 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-09-12 10:36:47 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2011-09-12 10:36:21 ----D---- C:\Program Files\Windows Media Connect 2
2011-09-12 10:36:12 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2011-09-12 10:35:29 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-09-12 10:35:10 ----A---- C:\WINDOWS\imsins.BAK
2011-09-12 10:35:09 ----D---- C:\WINDOWS\system32\LogFiles
2011-09-12 10:35:09 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-09-12 10:35:02 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-09-12 10:34:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-09-12 10:34:03 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-09-12 10:33:31 ----D---- C:\WINDOWS\LastGood
2011-09-12 10:33:30 ----D---- C:\WINDOWS\RegisteredPackages
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxwma.dll
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-09-12 10:33:01 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-09-12 10:01:56 ----D---- C:\Program Files\FileHippo
2011-09-12 00:35:57 ----D---- C:\Program Files\QuickTime
2011-09-12 00:35:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-09-11 21:23:35 ----D---- C:\Program Files\Defraggler
2011-09-11 21:16:47 ----D---- C:\Program Files\CCleaner
2011-09-11 20:10:01 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Malwarebytes
2011-09-11 20:09:54 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-09-11 20:09:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-09-11 20:09:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-09-11 20:09:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-09-11 17:07:12 ----SHD---- C:\RECYCLER
2011-09-08 12:03:49 ----A---- C:\WINDOWS\system32\muweb.dll
2011-09-08 12:03:49 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-09-08 11:36:34 ----D---- C:\WINDOWS\temp
2011-09-07 23:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-05 19:40:53 ----A---- C:\Boot.bak
2011-09-05 19:40:49 ----RASHD---- C:\cmdcons
2011-09-05 19:39:29 ----D---- C:\Qoobox
2011-09-05 00:11:27 ----D---- C:\Program Files\trend micro
2011-09-04 23:19:38 ----D---- C:\Program Files\Common Files\Apple
2011-09-04 23:19:25 ----D---- C:\Program Files\Apple Software Update
2011-09-04 23:19:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-08-23 21:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-08-18 10:18:16 ----D---- C:\Program Files\ESET
2011-08-18 10:18:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-08-17 21:30:50 ----D---- C:\Program Files\Prime95
2011-08-17 19:41:45 ----D---- C:\Program Files\HD Tune
2011-08-17 00:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-08-15 21:41:48 ----D---- C:\Program Files\Microsoft.NET
2011-08-15 21:38:38 ----D---- C:\WINDOWS\system32\XPSViewer
2011-08-15 21:38:35 ----D---- C:\Program Files\MSBuild
2011-08-15 21:38:33 ----D---- C:\WINDOWS\system32\en-US
2011-08-15 21:38:29 ----D---- C:\Program Files\Reference Assemblies
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-08-15 21:37:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-08-15 21:37:18 ----RSD---- C:\WINDOWS\assembly
2011-08-15 21:36:55 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-15 21:17:09 ----D---- C:\WINDOWS\pss
2011-08-15 20:50:54 ----RD---- C:\Program Files\Skype
2011-08-15 20:26:40 ----D---- C:\Program Files\Registry Repair Wizard
2011-08-15 20:02:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-15 20:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-15 20:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-15 18:56:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-15 18:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-13 19:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
======List of files/folders modified in the last 1 month======
2011-09-12 10:37:07 ----D---- C:\WINDOWS\Prefetch
2011-09-12 10:37:01 ----HD---- C:\WINDOWS\inf
2011-09-12 10:37:00 ----D---- C:\WINDOWS
2011-09-12 10:36:59 ----D---- C:\WINDOWS\system32
2011-09-12 10:36:31 ----A---- C:\WINDOWS\win.ini
2011-09-12 10:36:21 ----RD---- C:\Program Files
2011-09-12 10:36:21 ----D---- C:\Program Files\Windows Media Player
2011-09-12 10:36:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-12 10:36:18 ----D---- C:\WINDOWS\Help
2011-09-12 10:35:38 ----D---- C:\WINDOWS\system32\drivers
2011-09-12 10:34:15 ----D---- C:\Program Files\Winamp
2011-09-12 10:34:01 ----D---- C:\WINDOWS\system32\DirectX
2011-09-12 10:33:58 ----D---- C:\WINDOWS\Logs
2011-09-12 10:33:50 ----D---- C:\WINDOWS\security
2011-09-12 10:32:56 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Winamp
2011-09-12 10:30:24 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Skype
2011-09-12 10:30:15 ----SHD---- C:\WINDOWS\Installer
2011-09-12 10:30:13 ----D---- C:\Config.Msi
2011-09-12 10:15:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-12 10:14:53 ----D---- C:\WINDOWS\WinSxS
2011-09-12 10:09:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-09-12 09:51:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-12 09:50:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-11 22:05:07 ----D---- C:\Program Files\The KMPlayer
2011-09-11 21:20:30 ----D---- C:\WINDOWS\Debug
2011-09-11 20:03:21 ----D---- C:\WINDOWS\Minidump
2011-09-11 20:03:06 ----SHD---- C:\System Volume Information
2011-09-11 20:03:06 ----D---- C:\WINDOWS\system32\Restore
2011-09-11 17:07:53 ----D---- C:\Program Files\Mozilla Firefox
2011-09-08 11:34:16 ----A---- C:\WINDOWS\system.ini
2011-09-08 11:33:54 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-08 11:32:40 ----D---- C:\WINDOWS\system32\config
2011-09-08 11:12:59 ----D---- C:\WINDOWS\AppPatch
2011-09-08 11:10:45 ----D---- C:\Program Files\Common Files
2011-09-08 10:24:49 ----SD---- C:\WINDOWS\Tasks
2011-09-07 20:51:40 ----SD---- C:\Documents and Settings\Maruška\Data aplikací\Microsoft
2011-09-07 20:13:34 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-05 19:40:53 ----RASH---- C:\boot.ini
2011-09-03 12:17:22 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-08-23 20:00:21 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2011-08-17 21:00:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-08-17 20:58:38 ----D---- C:\Documents and Settings\Maruška\Data aplikací\Adobe
2011-08-17 00:29:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-08-15 21:38:32 ----RSD---- C:\WINDOWS\Fonts
2011-08-15 21:38:06 ----D---- C:\WINDOWS\system32\spool
2011-08-15 21:36:59 ----D---- C:\Program Files\Internet Explorer
2011-08-15 20:50:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-08-15 20:02:00 ----D---- C:\WINDOWS\ie8updates
2011-08-15 19:01:38 ----D---- C:\programy
2011-08-15 18:57:10 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-14 3580480]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-14 143427]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-04 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Znovu si spustíme HijackThis
Kód: Vybrat vše
C:\Program Files\trend micro\Maruška.exe
- Dále klikneme na tlačítko Do a system scan only
- Najdeme a označíme následující položky:
Kód: Vybrat vše
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime - klikneme na položku Fix checked a potvrdíme tlačítkem Ano
Otevřeme si Služby 
- Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění. Zkopírujte a vložte sem následujíci text: services.msc a dejte enter
- Otevře se vám okno se službami vašeho pc,najděte následující služby,dvojklikem rozklikněte,klikneme na Zastavit a dále nastavte Typ spuštění:Zakázano
Kód: Vybrat vše
Služba Google Update (gupdate) Služba Google Update (gupdatem)
Aktualizace zakažte..tohle dělá snad na každých xpčkách a stáhněte si manuálně http://www.microsoft.com/downloads/cs-c ... laylang=cs
Jděte do složky C:\Windows\Minidump, pokud zde najdete soubory,tak je zabalte( třeba programem winrar) a nahrajte na http://www.leteckaposta.cz , sem mi vložte odkaz na staženíNapiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Microsoft net framework nešel nainstalovat ani když jsem ho stáhnul ručně. Opět chyba instalace. Soubor ze složky minidump zde.
http://leteckaposta.cz/896267919
http://leteckaposta.cz/896267919
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Způsobuje to ovladač Ntfs.sys
Mrkneme na disk
Stáhněte si CrystalDiskInfo
První se podíváme,zda máme v pořádku disk,pokud ano,tak budeme ovladač nahrazovatSoubor Ntfs.sys je ovladač, který umožňuje počítači číst a zapisovat do oddílu naformátovaného souborovým systémem NTFS. Problém může být způsoben nejen poškozením tohoto souboru, ale i poškozením souborového systému či části pevného disku stejně tak, jako chybnými ovladači jednotek IDE a SCSI.
Mrkneme na disk
Stáhněte si CrystalDiskInfo
- Nainstalujte a spuste
- Klikněte na Úpravy-Kopírovat
- A pak sem vložte pomocí CTRL+V
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: Prosím o kontrolu logu
Info z Crystaldisku níže.
Jinak mě taky napadlo provést test pamětí, tak jsem nabootoval cd s MEmtestem, který hlásil nespočet chyb v pamětích. Takže jsem paměti vymenil a ted již Memtest proběhl bez problému. Nicméně by jsem rád vyřešil problém s ovladačem disku. Aktualizace Net.framework se mi podařilo nyní už ručně nainstalovat. Avšak se ještě vyskytl jeden problém s instalací a to konkrétně u programu iTunes, program hlásí chybu instalace.
----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2011/09/22 19:22:43
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-H10N
- Sekundární kanál IDE (1)
+ Intel(R) 82801FB Ultra ATA Storage Controllers - 2651 [ATA]
+ Primární kanál IDE (0)
- WDC WD2500JS-00NCB1
- Sekundární kanál IDE (1)
-- Disk List ---------------------------------------------------------------
(1) WDC WD2500JS-00NCB1 : 250.0 GB [0-1-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD2500JS-00NCB1
----------------------------------------------------------------------------
Model : WDC WD2500JS-00NCB1
Firmware : 10.02E02
Serial Number : WD-WMANK2160121
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 9610 hod.
Power On Count : 2710 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 187 _21 000000001552 Čas na roztočení ploten
04 _97 _97 __0 000000000EDA Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _87 _87 __0 00000000258A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A96 Počet cyklů zapnutí zařízení
BE _71 _50 _45 00000000001D Teplota toku vzduchu
C2 121 100 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 4E
020: 4B 32 31 36 30 31 32 31 00 00 40 00 00 32 31 30
030: 2E 30 32 45 30 32 57 44 43 20 57 44 32 35 30 30
040: 4A 53 2D 30 30 4E 43 42 31 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 00 FE 00 00 74 6B 7F 61 40 23 74 69 3C 41 40 23
0B0: 20 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 59 70 1D 1C 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 16 63 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 A5
Jinak mě taky napadlo provést test pamětí, tak jsem nabootoval cd s MEmtestem, který hlásil nespočet chyb v pamětích. Takže jsem paměti vymenil a ted již Memtest proběhl bez problému. Nicméně by jsem rád vyřešil problém s ovladačem disku. Aktualizace Net.framework se mi podařilo nyní už ručně nainstalovat. Avšak se ještě vyskytl jeden problém s instalací a to konkrétně u programu iTunes, program hlásí chybu instalace.
----------------------------------------------------------------------------
CrystalDiskInfo 4.0.2 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2011/09/22 19:22:43
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-H10N
- Sekundární kanál IDE (1)
+ Intel(R) 82801FB Ultra ATA Storage Controllers - 2651 [ATA]
+ Primární kanál IDE (0)
- WDC WD2500JS-00NCB1
- Sekundární kanál IDE (1)
-- Disk List ---------------------------------------------------------------
(1) WDC WD2500JS-00NCB1 : 250.0 GB [0-1-0, pd1]
----------------------------------------------------------------------------
(1) WDC WD2500JS-00NCB1
----------------------------------------------------------------------------
Model : WDC WD2500JS-00NCB1
Firmware : 10.02E02
Serial Number : WD-WMANK2160121
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 9610 hod.
Power On Count : 2710 krát
Temparature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 190 187 _21 000000001552 Čas na roztočení ploten
04 _97 _97 __0 000000000EDA Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _87 _87 __0 00000000258A Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A96 Počet cyklů zapnutí zařízení
BE _71 _50 _45 00000000001D Teplota toku vzduchu
C2 121 100 __0 00000000001D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 4D 41 4E
020: 4B 32 31 36 30 31 32 31 00 00 40 00 00 32 31 30
030: 2E 30 32 45 30 32 57 44 43 20 57 44 32 35 30 30
040: 4A 53 2D 30 30 4E 43 42 31 20 20 20 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 07 06 00 00 00 44 00 40
0A0: 00 FE 00 00 74 6B 7F 61 40 23 74 69 3C 41 40 23
0B0: 20 7F 00 00 00 00 00 00 FF FE 00 00 80 FE 00 00
0C0: 00 00 00 00 00 00 00 00 59 70 1D 1C 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 09 00 00 00 00 00 00 00 00 16 63 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 10 3F 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 A5
Přispějete na provoz fóra?