VIRY.CZ

Ahoj...

Mám problém s DVD-ROM v pc.. Samovolně se mi otevira a zavira... Ted vetsinou se otevre a zustane otevrena.. Po zasunuti se otevre a uz se nezasune.. Tak me napadlo jestli by to nemohl delat nejaky virus...

Dekuji za rady...

Zde je muj log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Honza at 2010-02-25 21:05:50
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 403 GB (85%) free of 477 GB
Total RAM: 2047 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:50, on 25.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Documents and Settings\Honza\Plocha\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ctfmon.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - 6289 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-04-10 29757440]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-07-16 61440]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]

C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění
ctfmon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-08 143360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\client.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\client.exe:*:Enabled:Ultima Online Client"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\6010.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\6010.exe:*:Enabled:Ultima Online Client"
"D:\NeroExpress\Installation\Setupx.exe"="D:\NeroExpress\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\6040.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\6040.exe:*:Enabled:Ultima Online Client"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\client6008.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\client6008.exe:*:Enabled:Ultima Online Client"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\CS\hl.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\CS\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\UOAM\uoam.exe"="C:\Program Files\UOAM\uoam.exe:*:Enabled:Ultima Online's premier mapping tool."
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\KelevarClient.exe"="C:\Documents and Settings\Honza\Plocha\MOjža Věci!!\Ultima Online\KelevarClient.exe:*:Enabled:Ultima Online Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{832acf6c-196c-11df-9604-002215d3f4c1}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - E:\Recycled\ctfmon.exe

======List of files/folders created in the last 1 months======

2010-02-25 21:03:08 ----D---- C:\rsit
2010-02-25 21:03:08 ----D---- C:\Program Files\trend micro
2010-02-12 22:08:29 ----D---- C:\WINDOWS\Sun
2010-02-12 22:08:19 ----D---- C:\Program Files\Common Files\Java
2010-02-12 22:08:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2010-02-12 22:08:08 ----A---- C:\WINDOWS\system32\javaws.exe
2010-02-12 22:08:08 ----A---- C:\WINDOWS\system32\javaw.exe
2010-02-12 22:08:08 ----A---- C:\WINDOWS\system32\java.exe
2010-02-12 22:08:08 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-02-12 22:07:58 ----D---- C:\Program Files\Java
2010-02-12 22:07:13 ----D---- C:\Documents and Settings\Honza\Data aplikací\Sun
2010-02-07 03:15:11 ----D---- C:\Documents and Settings\Honza\Data aplikací\PacificPoker
2010-02-07 03:15:07 ----D---- C:\Program Files\PacificPoker
2010-02-06 20:10:24 ----D---- C:\Program Files\UOAM
2010-02-03 12:16:18 ----D---- C:\Program Files\Valve
2010-01-31 12:08:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\LightScribe
2010-01-28 20:55:23 ----D---- C:\Program Files\ICQ Password
2010-01-28 16:27:12 ----D---- C:\Program Files\ICQ6Toolbar
2010-01-28 16:27:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-01-28 16:26:46 ----D---- C:\Documents and Settings\Honza\Data aplikací\ICQ
2010-01-28 16:26:37 ----D---- C:\Program Files\ICQ7.0
2010-01-28 00:19:21 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-01-28 00:19:11 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-01-28 00:18:31 ----D---- C:\Program Files\Common Files\Akamai
2010-01-27 23:29:49 ----D---- C:\Program Files\7-Zip

======List of files/folders modified in the last 1 months======

2010-02-25 21:03:14 ----D---- C:\WINDOWS\Prefetch
2010-02-25 21:03:08 ----RD---- C:\Program Files
2010-02-25 20:52:18 ----D---- C:\WINDOWS\system32
2010-02-25 20:52:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-25 20:52:13 ----D---- C:\Program Files\Mozilla Firefox
2010-02-25 20:48:18 ----D---- C:\WINDOWS\Temp
2010-02-25 20:48:16 ----D---- C:\Documents and Settings\Honza\Data aplikací\Skype
2010-02-25 16:23:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-25 12:46:57 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-25 12:22:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\skypePM
2010-02-24 00:04:54 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-14 14:26:08 ----HD---- C:\WINDOWS\inf
2010-02-12 22:08:29 ----D---- C:\WINDOWS
2010-02-12 22:08:19 ----SHD---- C:\WINDOWS\Installer
2010-02-12 22:08:19 ----D---- C:\Program Files\Common Files
2010-02-03 12:16:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-28 00:19:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-26 09:45:56 ----D---- C:\WINDOWS\security

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-04 8832]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-08 3266560]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-15 5810]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-02-14 222976]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-08 573440]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-08-08 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]

-----------------EOF-----------------

V PC máte minimálně AdWare. Dejte log z ComboFix. Vámi popisovaný jev s tím ale s největší pravděpodobností nesouvisí.

ComboFix 10-02-26.03 - Honza 27.02.2010 12:37:23.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1481 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Dokumenty\Stažené soubory\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycled\Recycled

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-27 do 2010-02-27 )))))))))))))))))))))))))))))))
.

2010-02-27 11:33 . 2010-02-27 11:32 390144 ----a-w- c:\windows\system32\CF2792.exe
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\Honza\IETldCache
2010-02-26 15:15 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-26 15:15 . 2010-02-26 15:15 -------- d-----w- c:\windows\ie8updates
2010-02-26 15:15 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-26 15:15 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-26 15:15 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-26 15:15 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-26 15:15 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-26 15:15 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-26 15:14 . 2010-02-26 15:15 -------- dc-h--w- c:\windows\ie8
2010-02-26 15:06 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-26 08:50 . 2010-02-26 08:50 -------- d-----w- c:\windows\system32\KB905474
2010-02-26 08:50 . 2009-03-10 21:26 1435008 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2010-02-26 08:50 . 2009-03-10 21:18 454024 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2010-02-26 06:21 . 2009-03-08 03:33 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2010-02-26 06:16 . 2010-02-26 06:16 -------- d-----w- c:\program files\MSXML 4.0
2010-02-25 22:35 . 2010-02-26 15:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-25 22:35 . 2010-02-25 22:35 -------- d-----w- c:\program files\Microsoft
2010-02-25 22:34 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-02-25 22:34 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-02-25 22:34 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-25 22:34 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-02-25 22:34 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-25 22:34 . 2010-02-25 22:34 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-25 22:34 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-25 22:34 . 2010-02-25 22:35 -------- d-----w- c:\program files\Windows Live
2010-02-25 22:34 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-25 22:34 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-25 22:33 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-25 22:33 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-25 22:33 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-25 22:33 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-25 22:33 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-25 22:33 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-25 22:33 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-25 22:33 . 2009-02-09 10:56 709632 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-25 22:33 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-25 22:32 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-25 22:31 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-25 22:30 . 2009-08-04 17:29 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-25 22:30 . 2009-08-04 17:29 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-25 22:30 . 2009-08-04 17:29 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-25 22:30 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-02-25 22:30 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-02-25 22:29 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-25 22:25 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-25 22:13 . 2010-02-26 19:41 -------- d-----w- c:\windows\system32\cs-cz
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\l2schemas
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\cs
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\bits
2010-02-25 22:10 . 2010-02-25 22:13 -------- d-----w- c:\windows\ServicePackFiles
2010-02-25 21:50 . 2004-08-03 21:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2010-02-25 21:50 . 2004-08-03 21:41 129535 ------w- c:\windows\system32\drivers\slnt7554.sys
2010-02-25 21:50 . 2001-10-25 14:00 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-02-25 21:50 . 2001-10-25 14:00 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-02-25 21:49 . 2004-08-03 21:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 26367 ------w- c:\windows\system32\drivers\ati1snxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys
2010-02-25 21:14 . 2010-02-25 21:14 0 ----a-w- c:\windows\nsreg.dat
2010-02-25 21:00 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-25 21:00 . 2010-02-25 21:00 -------- d-s---w- c:\documents and settings\Honza\UserData
2010-02-25 20:56 . 2010-02-25 20:56 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-02-25 20:56 . 2010-02-26 15:15 -------- d--h--w- c:\windows\$hf_mig$
2010-02-25 20:25 . 2010-02-25 20:25 -------- d-----w- c:\documents and settings\Honza\temp
2010-02-25 20:03 . 2010-02-25 20:05 -------- d-----w- c:\program files\trend micro
2010-02-25 20:03 . 2010-02-25 20:03 -------- d-----w- C:\rsit
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\windows\Sun
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\program files\Common Files\Java
2010-02-12 21:08 . 2010-02-12 21:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-12 21:07 . 2010-02-12 21:07 -------- d-----w- c:\program files\Java
2010-02-07 02:15 . 2010-02-07 02:15 -------- d-----w- c:\program files\PacificPoker
2010-02-06 19:10 . 2010-02-21 15:41 -------- d-----w- c:\program files\UOAM
2010-02-03 11:16 . 2010-02-04 23:44 -------- d-----w- c:\program files\Valve
2010-01-28 19:55 . 2010-01-28 19:55 -------- d-----w- c:\program files\ICQ Password
2010-01-28 15:27 . 2010-01-28 15:27 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-28 15:26 . 2010-02-18 15:22 -------- d-----w- c:\program files\ICQ7.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-27 11:21 . 2010-01-27 23:18 -------- d-----w- c:\program files\Common Files\Akamai
2010-02-27 08:16 . 2001-10-25 14:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-27 08:16 . 2001-10-25 14:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\MSBuild
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\Reference Assemblies
2010-02-25 22:15 . 2010-01-06 13:32 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-25 22:15 . 2010-01-06 13:32 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-03 11:16 . 2010-01-06 13:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-27 22:29 . 2010-01-27 22:29 -------- d-----w- c:\program files\7-Zip
2010-01-25 19:18 . 2010-01-25 19:18 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-25 19:17 . 2010-01-25 19:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-25 19:15 . 2010-01-25 19:15 -------- d-----w- c:\program files\Nero
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Ventrilo
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-10 04:36 . 2010-01-06 13:32 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-08 19:33 . 2010-01-08 19:33 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----r- c:\program files\Skype
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----w- c:\program files\Common Files\Skype
2010-01-06 20:56 . 2010-01-06 20:55 -------- d-----w- c:\program files\DivX
2010-01-06 20:55 . 2010-01-06 20:55 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-06 15:55 . 2010-01-06 15:54 -------- d-----w- c:\program files\The KMPlayer
2010-01-06 15:54 . 2010-01-06 15:54 -------- d-----w- c:\program files\Ask.com
2010-01-06 15:10 . 2010-01-06 15:10 -------- d-----w- c:\program files\QIP
2010-01-06 14:17 . 2010-01-06 14:17 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-06 14:15 . 2010-01-06 14:12 -------- d-----w- c:\program files\ATI Technologies
2010-01-06 14:12 . 2010-01-06 13:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-06 14:03 . 2010-01-06 14:03 -------- d-----w- c:\program files\AMD
2010-01-06 14:00 . 2010-01-06 14:00 -------- d-----w- c:\program files\Realtek
2010-01-06 13:59 . 2010-01-06 13:59 -------- d-----w- c:\program files\VIA
2010-01-06 13:32 . 2010-01-06 13:32 -------- d-----w- c:\program files\microsoft frontpage
2010-01-06 13:28 . 2010-01-06 13:28 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-06 13:28 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-02 14:23 . 2009-12-02 14:23 149040 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll" [2009-07-14 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 16:14 150768 ----a-w- c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 16:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-01-29 1095872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6010.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6040.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client6008.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\CS\\hl.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\UOAM\\uoam.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\KelevarClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Honza\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 14:49 14336]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.1.2010 14:59 222976]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-02-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 16:29]

2010-02-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-26 21:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-27 12:42
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...

c:\windows\TEMP\TMP000000B09EC78FE819A958C8 524288 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(672)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1320)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-02-27 12:43:48
ComboFix-quarantined-files.txt 2010-02-27 11:43

Před spuštěním: Volných bajtů: 416 762 462 208
Po spuštění: Volných bajtů: 417 029 951 488

- - End Of File - - BF9D457A164E92389B12151E0EBC5926

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Driver::
Akamai

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

scp vlozen a vycisteno snad... Todle mi vyjelo...

ComboFix 10-02-26.03 - Honza 28.02.2010 9:22.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1394 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honza\Plocha\CFScript.txt
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AKAMAI
-------\Service_Akamai

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.

2010-02-27 11:33 . 2010-02-27 11:32 390144 ----a-w- c:\windows\system32\CF2792.exe
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\Honza\IETldCache
2010-02-26 15:15 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-26 15:15 . 2010-02-26 15:15 -------- d-----w- c:\windows\ie8updates
2010-02-26 15:15 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-26 15:15 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-26 15:15 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-26 15:15 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-26 15:15 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-26 15:15 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-26 15:14 . 2010-02-26 15:15 -------- dc-h--w- c:\windows\ie8
2010-02-26 15:06 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-26 08:50 . 2010-02-26 08:50 -------- d-----w- c:\windows\system32\KB905474
2010-02-26 08:50 . 2009-03-10 21:26 1435008 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2010-02-26 08:50 . 2009-03-10 21:18 454024 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2010-02-26 06:21 . 2009-12-09 05:55 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2010-02-26 06:16 . 2010-02-26 06:16 -------- d-----w- c:\program files\MSXML 4.0
2010-02-25 22:35 . 2010-02-26 15:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-25 22:35 . 2010-02-25 22:35 -------- d-----w- c:\program files\Microsoft
2010-02-25 22:34 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-02-25 22:34 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-02-25 22:34 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-25 22:34 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-02-25 22:34 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-25 22:34 . 2010-02-25 22:34 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-25 22:34 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-25 22:34 . 2010-02-25 22:35 -------- d-----w- c:\program files\Windows Live
2010-02-25 22:34 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-25 22:34 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-25 22:33 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-25 22:33 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-25 22:33 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-25 22:33 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-25 22:33 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-25 22:33 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-25 22:33 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-25 22:33 . 2009-02-09 10:56 709632 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-25 22:33 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-25 22:32 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-25 22:31 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-25 22:30 . 2009-08-04 17:29 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-25 22:30 . 2009-08-04 17:29 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-25 22:30 . 2009-08-04 17:29 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-25 22:30 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-02-25 22:30 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-02-25 22:29 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-25 22:25 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-25 22:13 . 2010-02-26 19:41 -------- d-----w- c:\windows\system32\cs-cz
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\l2schemas
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\cs
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\bits
2010-02-25 22:10 . 2010-02-25 22:13 -------- d-----w- c:\windows\ServicePackFiles
2010-02-25 21:50 . 2004-08-03 21:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2010-02-25 21:50 . 2004-08-03 21:41 129535 ------w- c:\windows\system32\drivers\slnt7554.sys
2010-02-25 21:50 . 2001-10-25 14:00 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-02-25 21:50 . 2001-10-25 14:00 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-02-25 21:49 . 2004-08-03 21:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 26367 ------w- c:\windows\system32\drivers\ati1snxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys
2010-02-25 21:14 . 2010-02-25 21:14 0 ----a-w- c:\windows\nsreg.dat
2010-02-25 21:00 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-25 21:00 . 2010-02-25 21:00 -------- d-s---w- c:\documents and settings\Honza\UserData
2010-02-25 20:56 . 2010-02-25 20:56 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-02-25 20:56 . 2010-02-27 13:25 -------- d--h--w- c:\windows\$hf_mig$
2010-02-25 20:25 . 2010-02-25 20:25 -------- d-----w- c:\documents and settings\Honza\temp
2010-02-25 20:03 . 2010-02-25 20:05 -------- d-----w- c:\program files\trend micro
2010-02-25 20:03 . 2010-02-25 20:03 -------- d-----w- C:\rsit
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\windows\Sun
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\program files\Common Files\Java
2010-02-12 21:08 . 2010-02-12 21:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-12 21:07 . 2010-02-12 21:07 -------- d-----w- c:\program files\Java
2010-02-07 02:15 . 2010-02-07 02:15 -------- d-----w- c:\program files\PacificPoker
2010-02-06 19:10 . 2010-02-21 15:41 -------- d-----w- c:\program files\UOAM
2010-02-03 11:16 . 2010-02-04 23:44 -------- d-----w- c:\program files\Valve

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 08:12 . 2010-01-27 23:18 -------- d-----w- c:\program files\Common Files\Akamai
2010-02-27 15:14 . 2001-10-25 14:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-27 15:14 . 2001-10-25 14:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\MSBuild
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\Reference Assemblies
2010-02-25 22:15 . 2010-01-06 13:32 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-25 22:15 . 2010-01-06 13:32 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-18 15:22 . 2010-01-28 15:26 -------- d-----w- c:\program files\ICQ7.0
2010-02-03 11:16 . 2010-01-06 13:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-28 19:55 . 2010-01-28 19:55 -------- d-----w- c:\program files\ICQ Password
2010-01-28 15:27 . 2010-01-28 15:27 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-27 22:29 . 2010-01-27 22:29 -------- d-----w- c:\program files\7-Zip
2010-01-25 19:18 . 2010-01-25 19:18 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-25 19:17 . 2010-01-25 19:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-25 19:15 . 2010-01-25 19:15 -------- d-----w- c:\program files\Nero
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Ventrilo
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-10 04:36 . 2010-01-06 13:32 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-08 19:33 . 2010-01-08 19:33 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----r- c:\program files\Skype
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----w- c:\program files\Common Files\Skype
2010-01-06 20:56 . 2010-01-06 20:55 -------- d-----w- c:\program files\DivX
2010-01-06 20:55 . 2010-01-06 20:55 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-06 15:55 . 2010-01-06 15:54 -------- d-----w- c:\program files\The KMPlayer
2010-01-06 15:10 . 2010-01-06 15:10 -------- d-----w- c:\program files\QIP
2010-01-06 14:17 . 2010-01-06 14:17 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-06 14:15 . 2010-01-06 14:12 -------- d-----w- c:\program files\ATI Technologies
2010-01-06 14:12 . 2010-01-06 13:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-06 14:03 . 2010-01-06 14:03 -------- d-----w- c:\program files\AMD
2010-01-06 14:00 . 2010-01-06 14:00 -------- d-----w- c:\program files\Realtek
2010-01-06 13:59 . 2010-01-06 13:59 -------- d-----w- c:\program files\VIA
2010-01-06 13:32 . 2010-01-06 13:32 -------- d-----w- c:\program files\microsoft frontpage
2010-01-06 13:28 . 2010-01-06 13:28 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-06 13:28 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-02 14:23 . 2009-12-02 14:23 149040 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.

((((((((((((((((((((((((((((( SnapShot@2010-02-27_11.42.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-28 08:29 . 2010-02-28 08:29 16384 c:\windows\Temp\Perflib_Perfdata_6f4.dat
- 2001-10-25 14:00 . 2010-02-27 08:16 67312 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-02-27 15:14 67312 c:\windows\system32\perfc009.dat
+ 2010-02-27 15:12 . 2010-02-27 15:12 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\8acb476a0d4ee17a12881e17ae74a6af\System.Windows.Presentation.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4b87ca3482a3c0ee733e028ecee7de65\System.Web.DynamicData.Design.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a0c71055364bd356971791284c3fb910\System.ComponentModel.DataAnnotations.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3dd0f86c966c75755d62eab8ddf0634c\PresentationFontCache.ni.exe
+ 2010-02-27 15:11 . 2010-02-27 15:11 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\034d081fe294bab1ee1ecc98c1181424\PresentationCFFRasterizer.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2673aec397c52796aef05bb9d2668df\Microsoft.Vsa.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2010-02-27 16:13 . 2010-02-27 16:13 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2010-02-27 12:43 . 2010-02-27 12:43 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
- 2010-01-23 13:25 . 2010-01-23 13:25 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
- 2010-02-26 20:19 . 2010-02-26 20:19 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-02-26 20:19 . 2010-02-26 20:19 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2001-10-25 14:00 . 2010-02-27 08:16 432356 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-02-27 15:14 432356 c:\windows\system32\perfh009.dat
+ 2004-08-17 13:49 . 2009-12-09 05:55 726528 c:\windows\system32\jscript.dll
- 2004-08-17 13:49 . 2009-03-08 03:33 726528 c:\windows\system32\jscript.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2009-03-20 10:48 . 2009-03-20 10:48 183808 c:\windows\Installer\11f25fa.msp
+ 2010-02-27 13:25 . 2008-07-08 12:59 391032 c:\windows\ie8updates\KB976662-IE8\spuninst\updspapi.dll
+ 2010-02-27 13:25 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB976662-IE8\spuninst\spuninst.exe
+ 2010-02-27 13:25 . 2009-06-22 06:48 726528 c:\windows\ie8updates\KB976662-IE8\jscript.dll
+ 2010-02-27 13:25 . 2008-07-08 12:59 391032 c:\windows\ie8updates\KB971961-IE8\spuninst\updspapi.dll
+ 2010-02-27 13:25 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB971961-IE8\spuninst\spuninst.exe
+ 2010-02-27 13:25 . 2009-03-08 03:33 726528 c:\windows\ie8updates\KB971961-IE8\jscript.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\e2098e43d115155d6ba91ba3a7e577cf\WsatConfig.ni.exe
+ 2010-02-27 15:12 . 2010-02-27 15:12 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bf92bc207f927cbbd6dfc9dc0c3eae68\WindowsFormsIntegration.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\c2fbf25609b704061a93500efa6f241d\UIAutomationClient.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\eb23b78564687badff1bd1f1d0a0ec97\System.Xml.Linq.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e7666364bf9f3ba5f4833c9efedd8218\System.Web.Routing.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\b5f1b8791e6c47e5bd5e7018c346c586\System.Web.RegularExpressions.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\884eacddf339b8b342f66aedff5f8ef9\System.Web.Extensions.Design.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\9e199645bd26f1afe58ebe185d1e7f0f\System.Web.Entity.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\652017ebe962ab2eb271c2524f31cd61\System.Web.Entity.Design.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\d0070c1c1a642ae30394e00bc0d82336\System.Web.DynamicData.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\1896753d02d146be1988d32241300f51\System.Web.Abstractions.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\408e637346ef628a3f54fb1b9b83ac9f\System.Transactions.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\1f61bccb700d687775cf778dd77752e9\System.ServiceProcess.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\a9e9b885a6601469c4058375cc74d856\System.Security.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9bc34a79af9c3ed2cf17a0226c769b4c\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\5f74a84e9d28c2332c51f6e30da0e125\System.Net.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\2c208e4c5521f31057ea7d6e93c6a567\System.Management.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\818b20a7c6f3b2fe97bf008ca24080c1\System.Management.Instrumentation.ni.dll
+ 2010-02-27 16:13 . 2010-02-27 16:13 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\6c273eb9d1ee8b66b5ecb073de4b785d\System.IO.Log.ni.dll
+ 2010-02-27 16:13 . 2010-02-27 16:13 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\7222db518afb4eaaa138824278249bc7\System.IdentityModel.Selectors.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.Wrapper.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\8a7d0bd0057a8ed38291d5662248f7a1\System.EnterpriseServices.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\ca6d7208c0fb72ff97429f2636ced321\System.Drawing.Design.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c92fc19800e701c90f90ab7a2ab44c47\System.DirectoryServices.AccountManagement.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\a601f47a98ee67df424685c9a66ea449\System.DirectoryServices.Protocols.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\b91b44015859163646f210d284f7166a\System.Data.Services.Client.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\1b35297e07b85071daecdb06f96750a1\System.Data.Services.Design.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\cf906bf9146d1f0013451ec63b58e064\System.Data.Entity.Design.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4ff4134b0d490c090e03d74e104517c4\System.Data.DataSetExtensions.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7c743462baccf29b3567b0e3ec9ac134\System.Configuration.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\443e3a85c491b2de4a2ac654cb957484\System.Configuration.Install.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\cba35f47925431a54d0e6ae147a292f1\System.AddIn.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6af32fe5cbec0aa54e2efa6910c73651\SMSvcHost.ni.exe
+ 2010-02-27 17:42 . 2010-02-27 17:42 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\7602d7687fb9bd21cd9ae60d2b187c99\SMDiagnostics.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\a23dc25782df04533a13e348203e4dc5\ServiceModelReg.ni.exe
+ 2010-02-27 15:11 . 2010-02-27 15:11 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96f74da5fc40b92f09069230bc0df4f0\PresentationFramework.Royale.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3bb4d16b042b72c2c85a0f8ac9d48f28\PresentationFramework.Luna.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\30c5c2682d3c5bdaa83bb9a36ee48afa\PresentationFramework.Aero.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07e952efd70f5608e221a008e6231ace\PresentationFramework.Classic.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\eade8c1c9c1e8e5ffb50e6c9b9af0f6a\MSBuild.ni.exe
+ 2010-02-27 17:42 . 2010-02-27 17:42 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fc4d66e0a92b3767006a84f2519d2457\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\58ca3ecc52b7246b448c109817198a0b\Microsoft.Build.Utilities.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4dd43724dd92026577c6f588270137a0\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\8c651f75bb741330370986dcad8e9e5b\Microsoft.Build.Engine.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a6dcbae619ccd938bfe808c54d6d3ae0\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a17c65f0cffaa4f792dd38d50df9d526\ComSvcConfig.ni.exe
+ 2010-02-27 16:13 . 2010-02-27 16:13 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\85d7c111956b478766d90625b35d963f\AspNetMMCExt.ni.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
- 2008-11-25 03:59 . 2008-11-25 03:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\204d6e5b335134f23ca37638b9227ecf\WindowsBase.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\0f2ed6a204eb13841e99b77025464afc\UIAutomationClientsideProviders.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 7868416 c:\windows\assembly\NativeImages_v2.0.50727_32\System\3de5bd01124463d7862bd173af90bc83\System.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5913d3f81e77194ec833991b1047a532\System.Xml.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\fa48917b13629d8effa80dd4a2f2973d\System.WorkflowServices.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6fe66ee6f3c81996bc148f1ebe7ec030\System.Workflow.Runtime.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9d0b61f2f1ebdc300bd970f594c422ef\System.Workflow.ComponentModel.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\65328898148a720d394f802f192fc2a0\System.Workflow.Activities.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\ea07ac791bb5cb9f83679e3dd1a0c0cc\System.Web.Services.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\29e2f8b1fb691ced973acf49fcee6ec1\System.Web.Mobile.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\981dea02bc63c0c083e335adf9018788\System.Web.Extensions.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\99594bae1d022502925f5b9dfcdaae9a\System.Speech.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\e182695d05ea57257568bc5f3208aca7\System.ServiceModel.Web.ni.dll
+ 2010-02-27 16:13 . 2010-02-27 16:13 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\67ad55827f2542552b576170f0a7dc56\System.Runtime.Serialization.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\e5313735a40c0800f116e27fba4754db\System.Printing.ni.dll
+ 2010-02-27 16:13 . 2010-02-27 16:13 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\c3b18fef5c6dc3bcdbe5df699fd21a55\System.IdentityModel.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\abb2ac7e08bee026f857d8fa36f9fe6f\System.Drawing.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\f47ebb9db460874b1bcbfc391dc970b1\System.DirectoryServices.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\c94a427baa7683f4221b91f90c18461b\System.Deployment.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\694c07365e0fd6bba0bc304d4d2404a7\System.Data.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\272152f0cc139490729e215611a4b244\System.Data.SqlXml.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\112a48e34620a0210eb850040da8a31b\System.Data.Services.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\32788c58ff9f8324460604cf1fe7681b\System.Data.Linq.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\9012cac7819660f61f1c69cf8e4f2ccf\System.Data.Entity.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\c0a42d2ad8a4078040b334f6770ea11f\System.Core.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\954685c29689d2a6126ceca1fd55e904\ReachFramework.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a3a6f52ce1d09a7bdccc8e7fc664792d\PresentationUI.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\f906701365083c1473db31519147e263\PresentationBuildTasks.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6eee9b772b6d12d3dbd82f118c2ab2e5\Microsoft.VisualBasic.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19e9b439636d0744597fff1331cad04\Microsoft.Transactions.Bridge.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\5b1af7b5be24c7ace065fe1c81c2b650\Microsoft.JScript.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\9eec1cc7ac37e0c7f3205e8156149c5a\Microsoft.Build.Tasks.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\28c0730288453d57d5dcd62903c4d31b\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2010-02-27 17:43 . 2010-02-27 17:43 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5dd4f58999eed37c12aee7ea9f9863ac\Microsoft.Build.Engine.ni.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 3149824 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2010-02-27 13:27 . 2010-02-27 13:27 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2010-02-26 20:19 . 2010-02-26 20:19 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-08-14 19:32 . 2009-08-14 19:32 11110912 c:\windows\Installer\11f2603.msp
+ 2010-02-27 15:12 . 2010-02-27 15:12 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2ea8d76f015817db1607075812b555f\System.Windows.Forms.ni.dll
+ 2010-02-27 17:44 . 2010-02-27 17:44 11796992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5cea03cfb008f2eac1439a9905467f37\System.Web.ni.dll
+ 2010-02-27 17:42 . 2010-02-27 17:42 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\06d6eab93282d2b136a377bd50b7c5a9\System.ServiceModel.ni.dll
+ 2010-02-27 15:12 . 2010-02-27 15:12 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\8b82e08c008924d51833cb0884bcbfc5\System.Design.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\58c7ac6b6054038dc9346d7ec8e32b4c\PresentationFramework.ni.dll
+ 2010-02-27 15:11 . 2010-02-27 15:11 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\94badbd64df59de7da249f71da38b1c2\PresentationCore.ni.dll
+ 2010-02-27 15:10 . 2010-02-27 15:10 11486720 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll" [2009-07-14 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 16:14 150768 ----a-w- c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-01-29 1095872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6010.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6040.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client6008.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\CS\\hl.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\UOAM\\uoam.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\KelevarClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Honza\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.1.2010 14:59 222976]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-02-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-26 21:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 09:29
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3140)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Microsoft Security Essentials\MsMpEng.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Microsoft Security Essentials\MpCmdRun.exe
.
**************************************************************************
.
Celkový čas: 2010-02-28 09:33:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-28 08:33
ComboFix2.txt 2010-02-27 11:43

Před spuštěním: Volných bajtů: 415 229 472 768
Po spuštění: Volných bajtů: 415 146 057 728

- - End Of File - - 5146D5E076B110FB96E9B9AFE355AC26

Spusťte CF ještě jednou tímto skriptem:

Folder::
c:\program files\Common Files\Akamai

Script vlozen.. Zde je novy log...

ComboFix 10-02-26.03 - Honza 28.02.2010 12:01:10.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1159 [GMT 1:00]
Spuštěný z: c:\documents and settings\Honza\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honza\Plocha\CFScript.txt
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Akamai
c:\program files\Common Files\Akamai\AdminTool.exe
c:\program files\Common Files\Akamai\appregistry.dat
c:\program files\Common Files\Akamai\client.ini
c:\program files\Common Files\Akamai\data.dat
c:\program files\Common Files\Akamai\debug.log
c:\program files\Common Files\Akamai\guid.ini
c:\program files\Common Files\Akamai\Readme.txt
c:\program files\Common Files\Akamai\root.pem
c:\program files\Common Files\Akamai\rswin_3647.dll
c:\program files\Common Files\Akamai\rswinui.exe
c:\program files\Common Files\Akamai\uninstall.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-28 do 2010-02-28 )))))))))))))))))))))))))))))))
.

2010-02-27 11:33 . 2010-02-27 11:32 390144 ----a-w- c:\windows\system32\CF2792.exe
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-26 19:41 . 2010-02-26 19:41 -------- d-sh--w- c:\documents and settings\Honza\IETldCache
2010-02-26 15:15 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-26 15:15 . 2010-02-26 15:15 -------- d-----w- c:\windows\ie8updates
2010-02-26 15:15 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-26 15:15 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-26 15:15 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-26 15:15 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-26 15:15 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-26 15:15 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-26 15:14 . 2010-02-26 15:15 -------- dc-h--w- c:\windows\ie8
2010-02-26 15:06 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-26 08:50 . 2010-02-26 08:50 -------- d-----w- c:\windows\system32\KB905474
2010-02-26 08:50 . 2009-03-10 21:26 1435008 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2010-02-26 08:50 . 2009-03-10 21:18 454024 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2010-02-26 06:21 . 2009-12-09 05:55 726528 -c--a-w- c:\windows\system32\dllcache\jscript.dll
2010-02-26 06:16 . 2010-02-26 06:16 -------- d-----w- c:\program files\MSXML 4.0
2010-02-25 22:35 . 2010-02-26 15:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-25 22:35 . 2010-02-25 22:35 -------- d-----w- c:\program files\Microsoft
2010-02-25 22:34 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-02-25 22:34 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-02-25 22:34 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-25 22:34 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-02-25 22:34 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-25 22:34 . 2010-02-25 22:34 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-25 22:34 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-02-25 22:34 . 2010-02-25 22:35 -------- d-----w- c:\program files\Windows Live
2010-02-25 22:34 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-02-25 22:34 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-02-25 22:33 . 2009-07-10 13:28 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-02-25 22:33 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-02-25 22:33 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-02-25 22:33 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-02-25 22:33 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-02-25 22:33 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-02-25 22:33 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-02-25 22:33 . 2009-02-09 10:56 709632 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-02-25 22:33 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-02-25 22:32 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-02-25 22:31 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-02-25 22:30 . 2009-08-04 17:29 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-25 22:30 . 2009-08-04 17:29 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-25 22:30 . 2009-08-04 17:29 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-25 22:30 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-02-25 22:30 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-02-25 22:29 . 2008-04-21 21:15 216576 -c----w- c:\windows\system32\dllcache\wordpad.exe
2010-02-25 22:25 . 2008-04-14 03:22 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-25 22:13 . 2010-02-26 19:41 -------- d-----w- c:\windows\system32\cs-cz
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\l2schemas
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\cs
2010-02-25 22:13 . 2010-02-25 22:13 -------- d-----w- c:\windows\system32\bits
2010-02-25 22:10 . 2010-02-25 22:13 -------- d-----w- c:\windows\ServicePackFiles
2010-02-25 21:50 . 2004-08-03 21:29 11871 ------w- c:\windows\system32\drivers\wadv09nt.sys
2010-02-25 21:50 . 2004-08-03 21:41 129535 ------w- c:\windows\system32\drivers\slnt7554.sys
2010-02-25 21:50 . 2001-10-25 14:00 403 -c----w- c:\windows\system32\dllcache\npdrmv2.zip
2010-02-25 21:50 . 2001-10-25 14:00 22060 -c----w- c:\windows\system32\dllcache\npds.zip
2010-02-25 21:49 . 2004-08-03 21:29 29455 ------w- c:\windows\system32\drivers\ati1xbxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 26367 ------w- c:\windows\system32\drivers\ati1snxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 13824 ------w- c:\windows\system32\drivers\atinttxx.sys
2010-02-25 21:49 . 2004-08-03 21:29 14336 ------w- c:\windows\system32\drivers\atinpdxx.sys
2010-02-25 21:14 . 2010-02-25 21:14 0 ----a-w- c:\windows\nsreg.dat
2010-02-25 21:00 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-25 21:00 . 2010-02-25 21:00 -------- d-s---w- c:\documents and settings\Honza\UserData
2010-02-25 20:56 . 2010-02-25 20:56 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-02-25 20:56 . 2010-02-27 13:25 -------- d--h--w- c:\windows\$hf_mig$
2010-02-25 20:25 . 2010-02-25 20:25 -------- d-----w- c:\documents and settings\Honza\temp
2010-02-25 20:03 . 2010-02-25 20:05 -------- d-----w- c:\program files\trend micro
2010-02-25 20:03 . 2010-02-25 20:03 -------- d-----w- C:\rsit
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\windows\Sun
2010-02-12 21:08 . 2010-02-12 21:08 -------- d-----w- c:\program files\Common Files\Java
2010-02-12 21:08 . 2010-02-12 21:08 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-12 21:07 . 2010-02-12 21:07 -------- d-----w- c:\program files\Java
2010-02-07 02:15 . 2010-02-07 02:15 -------- d-----w- c:\program files\PacificPoker
2010-02-06 19:10 . 2010-02-21 15:41 -------- d-----w- c:\program files\UOAM
2010-02-03 11:16 . 2010-02-04 23:44 -------- d-----w- c:\program files\Valve

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-28 08:33 . 2001-10-25 14:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-28 08:33 . 2001-10-25 14:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\MSBuild
2010-02-26 20:16 . 2010-02-26 20:16 -------- d-----w- c:\program files\Reference Assemblies
2010-02-25 22:15 . 2010-01-06 13:32 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-25 22:15 . 2010-01-06 13:32 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-18 15:22 . 2010-01-28 15:26 -------- d-----w- c:\program files\ICQ7.0
2010-02-03 11:16 . 2010-01-06 13:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-28 19:55 . 2010-01-28 19:55 -------- d-----w- c:\program files\ICQ Password
2010-01-28 15:27 . 2010-01-28 15:27 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-27 22:29 . 2010-01-27 22:29 -------- d-----w- c:\program files\7-Zip
2010-01-25 19:18 . 2010-01-25 19:18 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-25 19:17 . 2010-01-25 19:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-25 19:15 . 2010-01-25 19:15 -------- d-----w- c:\program files\Nero
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Ventrilo
2010-01-23 13:25 . 2010-01-23 13:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-10 04:36 . 2010-01-06 13:32 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-08 19:33 . 2010-01-08 19:33 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----r- c:\program files\Skype
2010-01-08 19:32 . 2010-01-08 19:32 -------- d-----w- c:\program files\Common Files\Skype
2010-01-06 20:56 . 2010-01-06 20:55 -------- d-----w- c:\program files\DivX
2010-01-06 20:55 . 2010-01-06 20:55 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-06 15:55 . 2010-01-06 15:54 -------- d-----w- c:\program files\The KMPlayer
2010-01-06 15:10 . 2010-01-06 15:10 -------- d-----w- c:\program files\QIP
2010-01-06 14:17 . 2010-01-06 14:17 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-06 14:15 . 2010-01-06 14:12 -------- d-----w- c:\program files\ATI Technologies
2010-01-06 14:12 . 2010-01-06 13:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-06 14:03 . 2010-01-06 14:03 -------- d-----w- c:\program files\AMD
2010-01-06 14:00 . 2010-01-06 14:00 -------- d-----w- c:\program files\Realtek
2010-01-06 13:59 . 2010-01-06 13:59 -------- d-----w- c:\program files\VIA
2010-01-06 13:32 . 2010-01-06 13:32 -------- d-----w- c:\program files\microsoft frontpage
2010-01-06 13:28 . 2010-01-06 13:28 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-06 13:28 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-02 14:23 . 2009-12-02 14:23 149040 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.

((((((((((((((((((((((((((((( SnapShot_2010-02-28_08.29.18 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 14:00 . 2010-02-27 15:14 67312 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-02-28 08:33 67312 c:\windows\system32\perfc009.dat
- 2010-02-27 12:43 . 2010-02-27 12:43 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
+ 2010-02-28 09:59 . 2010-02-28 09:59 5120 c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe
+ 2001-10-25 14:00 . 2010-02-28 08:33 432356 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2010-02-27 15:14 432356 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll" [2009-07-14 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{45FF696B-5284-4781-B2CA-ECF3A742A17B}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-14 16:14 150768 ----a-w- c:\documents and settings\Honza\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-01-24 2289664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-04-10 29757440]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-07-16 61440]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-01-29 1095872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6010.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\6040.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\client6008.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\CS\\hl.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\UOAM\\uoam.exe"=
"c:\\Documents and Settings\\Honza\\Plocha\\MOjža Věci!!\\Ultima Online\\KelevarClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\Honza\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.1.2010 14:59 222976]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 11:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-02-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-02-26 21:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\F861DC2F.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-28 12:05
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(676)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-28 12:06:49
ComboFix-quarantined-files.txt 2010-02-28 11:06
ComboFix2.txt 2010-02-28 08:33
ComboFix3.txt 2010-02-27 11:43

Před spuštěním: Volných bajtů: 415 040 208 896
Po spuštění: Volných bajtů: 415 015 632 896

- - End Of File - - A0D752AE7D26688A205EF96707A4E91B

Log již vypadá čistý. Nastala nějaká změna?

Rudy píše:Log již vypadá čistý. Nastala nějaká změna?

Bohuzel ne.. Takze virem to nebude.. Dekuji za pomoc...

Musim hledat dal cim to muze byt...

Tipuji to na konc. spinač v mechanice.

VIRY.CZ

Samovolně otevírající se DVD-ROM

Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM

Re: Samovolně otevírající se DVD-ROM