Prosím o kontrolu z LOPFIND moc tomu nerozumím
Napsal: 01 dub 2007 18:58
******************************************
1) Výpis obsahů Application Data složek pro zjištění podezřelých adresářů:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Administrator\DATAAP~1
01.08.2006 17:07 <DIR> Mozilla
01.08.2006 17:06 62 desktop.ini
01.08.2006 17:06 <DIR> Microsoft
01.08.2006 17:06 <DIR> ..
01.08.2006 17:06 <DIR> Sun
01.08.2006 17:06 <DIR> .
1 soubor…, 62 bajt…
Adres ý…: 5, Volněch bajt…: 26052546560
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\All Users\DATAAP~1
21.03.2007 22:26 <DIR> BVRP Software
12.03.2007 22:29 <DIR> WhiteCap (Holiday Edition)
05.03.2007 17:44 <DIR> Disney Interactive
03.03.2007 22:13 <DIR> AOL
03.03.2007 21:44 <DIR> TEMP
15.08.2006 12:25 <DIR> akcnicestinashw
15.08.2006 09:05 <DIR> Trojan Remover
19.07.2006 17:39 <DIR> Yahoo! Companion
16.07.2006 13:41 <DIR> Trymedia
07.06.2006 19:13 <DIR> Skype
20.04.2006 17:10 <DIR> Spybot - Search & Destroy
16.04.2006 13:56 <DIR> ConMet
31.03.2006 17:48 <DIR> avg7(2)
31.03.2006 17:48 <DIR> Grisoft(2)
31.03.2006 13:16 <DIR> Windows Genuine Advantage
30.03.2006 12:15 <DIR> avg7
23.02.2006 09:15 <DIR> espionServerData
22.02.2006 23:31 <DIR> Adobe Systems
26.12.2005 14:19 <DIR> Symantec
23.12.2005 19:13 <DIR> QuickTime
09.12.2005 13:00 <DIR> UDL
07.12.2005 10:46 <DIR> The Learning Company
29.11.2005 13:03 <DIR> CyberLink
29.11.2005 13:00 <DIR> DVD Shrink
29.11.2005 12:36 <DIR> Adobe
29.11.2005 12:02 <DIR> Ahead
29.11.2005 11:52 62 desktop.ini
29.11.2005 11:52 <DIR> Microsoft
29.11.2005 11:52 <DIR> .
29.11.2005 11:52 <DIR> ..
1 soubor…, 62 bajt…
Adres ý…: 29, Volněch bajt…: 26052476928
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\LAURA\DATAAP~1
22.12.2006 20:33 <DIR> ICQLite
22.12.2006 20:23 <DIR> Skype
09.08.2006 08:40 <DIR> ATI
22.06.2006 08:19 <DIR> Webroot
13.05.2006 08:27 <DIR> ConMet
06.05.2006 13:13 <DIR> OpenOffice.org2
24.04.2006 10:57 <DIR> Talkback
24.04.2006 10:57 <DIR> Mozilla
18.04.2006 14:04 <DIR> InstallShield
12.04.2006 16:27 <DIR> Championship Manager 2006 BETA Demo
12.04.2006 16:27 <DIR> InstallShield Installation Information
06.04.2006 18:17 <DIR> Real
01.04.2006 07:40 <DIR> AVG7
13.02.2006 13:08 <DIR> Help
05.02.2006 16:37 <DIR> Chromeflower
05.02.2006 16:37 <DIR> CrystalSpace
30.12.2005 20:32 <DIR> Template
29.12.2005 00:17 <DIR> Symantec
18.12.2005 15:23 <DIR> mbin.jp
12.12.2005 12:53 <DIR> InfoTurist
08.12.2005 20:38 <DIR> Ahead
08.12.2005 13:33 <DIR> Macromedia
07.12.2005 11:32 <DIR> AdobeUM
02.12.2005 22:52 <DIR> Adobe
02.12.2005 20:38 <DIR> Lavasoft
02.12.2005 20:15 <DIR> Identities
02.12.2005 20:15 <DIR> Microsoft
02.12.2005 20:15 <DIR> Sun
02.12.2005 20:15 <DIR> ..
02.12.2005 20:15 <DIR> .
30.11.2005 22:23 62 desktop.ini
1 soubor…, 62 bajt…
Adres ý…: 30, Volněch bajt…: 26052476928
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\mŁj internet\DATAAP~1
23.06.2006 11:22 <DIR> Webroot
04.06.2006 01:08 <DIR> ConMet
04.06.2006 01:08 <DIR> AVG7
22.04.2006 17:49 <DIR> Talkback
22.04.2006 17:49 <DIR> Mozilla
08.04.2006 18:06 <DIR> Real
08.04.2006 18:06 <DIR> Identities
08.04.2006 18:06 <DIR> Sun
07.04.2006 11:43 <DIR> Lavasoft
07.04.2006 11:41 <DIR> Macromedia
07.04.2006 11:39 62 desktop.ini
07.04.2006 11:39 <DIR> Microsoft
07.04.2006 11:39 <DIR> .
07.04.2006 11:39 <DIR> ..
1 soubor…, 62 bajt…
Adres ý…: 13, Volněch bajt…: 26052472832
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Neçpor\DATAAP~1
18.03.2007 21:43 <DIR> GlarySoft
12.09.2006 16:04 31 pcouffin.log
12.09.2006 16:04 7176 pcouffin.cat
12.09.2006 16:04 81920 ezpinst.exe
12.09.2006 16:04 47360 pcouffin.sys
12.09.2006 16:04 1144 pcouffin.inf
17.08.2006 20:45 <DIR> Elaborate Bytes
17.08.2006 11:37 <DIR> Nero
16.08.2006 18:16 85 .zreglib
15.08.2006 12:25 <DIR> akcnicestinashw
11.08.2006 13:59 <DIR> PC Tools
07.08.2006 11:25 <DIR> SlySoft
07.08.2006 00:57 <DIR> ATI
29.07.2006 18:46 <DIR> Free Download Manager
15.07.2006 19:15 <DIR> Media Player Classic
13.07.2006 17:06 <DIR> Sereniti
13.07.2006 12:48 <DIR> ICQLite
23.06.2006 12:24 <DIR> Vso
20.06.2006 18:29 <DIR> Webroot
16.06.2006 18:21 <DIR> Template
07.06.2006 19:13 <DIR> Skype
22.04.2006 13:41 <DIR> Talkback
22.04.2006 13:40 <DIR> Mozilla
16.04.2006 13:56 <DIR> ConMet
16.04.2006 08:16 <DIR> NetCentrum
13.04.2006 23:33 <DIR> OpenOffice.org2
08.04.2006 18:05 <DIR> Google
03.04.2006 22:54 <DIR> Real
02.04.2006 15:54 <DIR> VSO_HWE
31.03.2006 17:49 <DIR> AVG7
30.03.2006 23:53 <DIR> dvdcss
05.03.2006 13:17 <DIR> teamspeak2
23.02.2006 17:32 <DIR> Opera
14.01.2006 21:50 <DIR> InfoTurist
11.01.2006 00:26 <DIR> MobileAction
26.12.2005 14:20 <DIR> Symantec
23.12.2005 19:45 <DIR> Macromedia
22.12.2005 01:57 <DIR> AquaNox
18.12.2005 09:45 <DIR> mbin.jp
13.12.2005 15:48 <DIR> Help
10.12.2005 19:49 <DIR> AdobeUM
07.12.2005 11:07 <DIR> DeepBurner
07.12.2005 01:35 <DIR> XnView
04.12.2005 21:57 <DIR> Ahead
30.11.2005 22:32 <DIR> Adobe
29.11.2005 12:08 <DIR> Lavasoft
29.11.2005 11:18 <DIR> Identities
29.11.2005 11:17 62 desktop.ini
29.11.2005 11:17 <DIR> Microsoft
29.11.2005 11:17 <DIR> Sun
29.11.2005 11:17 <DIR> .
29.11.2005 11:17 <DIR> ..
7 soubor…, 137778 bajt…
Adres ý…: 45, Volněch bajt…: 26052472832
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\¦ANETA\DATAAP~1
13.01.2007 15:22 <DIR> akcnicestinashw
22.12.2006 20:20 <DIR> Skype
09.08.2006 08:41 <DIR> ATI
13.07.2006 13:46 <DIR> ICQLite
21.06.2006 23:00 <DIR> Webroot
19.06.2006 22:57 <DIR> OpenOffice.org2
10.06.2006 10:47 <DIR> Template
10.06.2006 10:42 <DIR> NetCentrum
11.05.2006 18:41 <DIR> ConMet
22.04.2006 15:47 <DIR> Talkback
22.04.2006 15:47 <DIR> Mozilla
08.04.2006 18:06 <DIR> Real
03.04.2006 20:03 <DIR> Lavasoft
30.03.2006 13:19 <DIR> Adobe
30.03.2006 13:14 <DIR> Macromedia
30.03.2006 12:27 <DIR> AVG7
30.01.2006 10:07 <DIR> Identities
30.01.2006 10:07 62 desktop.ini
30.01.2006 10:07 <DIR> Microsoft
30.01.2006 10:07 <DIR> ..
30.01.2006 10:07 <DIR> .
30.01.2006 10:07 <DIR> Sun
1 soubor…, 62 bajt…
Adres ý…: 21, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Default User\DATAAP~1
29.11.2005 11:52 62 desktop.ini
29.11.2005 11:52 <DIR> ..
29.11.2005 11:52 <DIR> Microsoft
29.11.2005 11:52 <DIR> .
29.11.2005 11:11 <DIR> Sun
1 soubor…, 62 bajt…
Adres ý…: 4, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\LocalService\DATAAP~1
13.08.2006 19:26 <DIR> Mozilla
20.06.2006 18:30 <DIR> Webroot
30.03.2006 12:15 <DIR> AVG7
29.11.2005 11:15 <DIR> Microsoft
29.11.2005 11:15 <DIR> ..
29.11.2005 11:15 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 6, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\NetworkService\DATAAP~1
01.08.2006 17:06 <DIR> Webroot
29.11.2005 11:14 <DIR> Microsoft
29.11.2005 11:14 <DIR> ..
29.11.2005 11:14 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 4, Volněch bajt…: 26052468736
******************************************
2) Vyhledávání a odstranění podezřelých .job souborů:
a) Soubory přítomné v C:\WINDOWS\tasks\ adresáři:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\WINDOWS\Tasks
18.06.2006 15:10 350 At15.job
18.06.2006 15:10 346 At14.job
18.06.2006 15:10 346 At13.job
18.06.2006 15:03 350 At12.job
18.06.2006 15:03 346 At11.job
18.06.2006 15:03 346 At10.job
18.06.2006 14:47 350 At9.job
18.06.2006 14:47 346 At8.job
18.06.2006 14:47 346 At7.job
27.12.2005 15:31 350 At6.job
27.12.2005 15:31 346 At5.job
27.12.2005 15:31 346 At4.job
27.12.2005 15:23 350 At3.job
27.12.2005 15:23 346 At2.job
27.12.2005 15:23 346 At1.job
29.11.2005 11:15 6 SA.DAT
29.11.2005 11:07 65 desktop.ini
29.11.2005 11:07 <DIR> .
29.11.2005 11:07 <DIR> ..
17 soubor…, 5˙281 bajt…
Adres ý…: 2, Volněch bajt…: 26˙052˙468˙736
––––––––––––––––––––––––––––––––––––––––––
b) Zjišťování vlastností přítomných .job souborů:
[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'At1.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At10.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At11.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At12.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At13.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At14.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At15.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At2.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At3.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At4.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At5.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At6.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At7.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At8.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At9.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
––––––––––––––––––––––––––––––––––––––––––
c) Nalezené a odstraněné nežádoucí soubory:
––––––––––––––––––––––––––––––––––––––––––
d) Soubory přítomné v adresáři po vymazání:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\WINDOWS\Tasks
18.06.2006 15:10 350 At15.job
18.06.2006 15:10 346 At14.job
18.06.2006 15:10 346 At13.job
18.06.2006 15:03 350 At12.job
18.06.2006 15:03 346 At11.job
18.06.2006 15:03 346 At10.job
18.06.2006 14:47 350 At9.job
18.06.2006 14:47 346 At8.job
18.06.2006 14:47 346 At7.job
27.12.2005 15:31 350 At6.job
27.12.2005 15:31 346 At5.job
27.12.2005 15:31 346 At4.job
27.12.2005 15:23 350 At3.job
27.12.2005 15:23 346 At2.job
27.12.2005 15:23 346 At1.job
29.11.2005 11:15 6 SA.DAT
29.11.2005 11:07 65 desktop.ini
29.11.2005 11:07 <DIR> .
29.11.2005 11:07 <DIR> ..
17 soubor…, 5˙281 bajt…
Adres ý…: 2, Volněch bajt…: 26˙052˙288˙512
******************************************
3) Vyhledávání podvodných programů ve složce Program files:
Adresář C:\Program Files\Adv Nepřítomen !
Adresář C:\Program Files\Adverts Nepřítomen !
Adresář C:\Program Files\BitDownload Nepřítomen !
Adresář C:\Program Files\BitGrabber Nepřítomen !
Adresář C:\Program Files\BitRoll Nepřítomen !
Adresář C:\Program Files\C2Media Nepřítomen !
Adresář C:\Program Files\Download Plugin Přítomen !
Adresář C:\Program Files\Messenger Plus! 3 Nepřítomen !
Adresář C:\Program Files\NetPumper Nepřítomen !
Adresář C:\Program Files\Proxy download Nepřítomen !
Adresář C:\Program Files\SuperTorrent Nepřítomen !
Adresář C:\Program Files\Torrent101 Nepřítomen !
Adresář C:\Program Files\TorrentQ Nepřítomen !
DÍKY
1) Výpis obsahů Application Data složek pro zjištění podezřelých adresářů:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Administrator\DATAAP~1
01.08.2006 17:07 <DIR> Mozilla
01.08.2006 17:06 62 desktop.ini
01.08.2006 17:06 <DIR> Microsoft
01.08.2006 17:06 <DIR> ..
01.08.2006 17:06 <DIR> Sun
01.08.2006 17:06 <DIR> .
1 soubor…, 62 bajt…
Adres ý…: 5, Volněch bajt…: 26052546560
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\All Users\DATAAP~1
21.03.2007 22:26 <DIR> BVRP Software
12.03.2007 22:29 <DIR> WhiteCap (Holiday Edition)
05.03.2007 17:44 <DIR> Disney Interactive
03.03.2007 22:13 <DIR> AOL
03.03.2007 21:44 <DIR> TEMP
15.08.2006 12:25 <DIR> akcnicestinashw
15.08.2006 09:05 <DIR> Trojan Remover
19.07.2006 17:39 <DIR> Yahoo! Companion
16.07.2006 13:41 <DIR> Trymedia
07.06.2006 19:13 <DIR> Skype
20.04.2006 17:10 <DIR> Spybot - Search & Destroy
16.04.2006 13:56 <DIR> ConMet
31.03.2006 17:48 <DIR> avg7(2)
31.03.2006 17:48 <DIR> Grisoft(2)
31.03.2006 13:16 <DIR> Windows Genuine Advantage
30.03.2006 12:15 <DIR> avg7
23.02.2006 09:15 <DIR> espionServerData
22.02.2006 23:31 <DIR> Adobe Systems
26.12.2005 14:19 <DIR> Symantec
23.12.2005 19:13 <DIR> QuickTime
09.12.2005 13:00 <DIR> UDL
07.12.2005 10:46 <DIR> The Learning Company
29.11.2005 13:03 <DIR> CyberLink
29.11.2005 13:00 <DIR> DVD Shrink
29.11.2005 12:36 <DIR> Adobe
29.11.2005 12:02 <DIR> Ahead
29.11.2005 11:52 62 desktop.ini
29.11.2005 11:52 <DIR> Microsoft
29.11.2005 11:52 <DIR> .
29.11.2005 11:52 <DIR> ..
1 soubor…, 62 bajt…
Adres ý…: 29, Volněch bajt…: 26052476928
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\LAURA\DATAAP~1
22.12.2006 20:33 <DIR> ICQLite
22.12.2006 20:23 <DIR> Skype
09.08.2006 08:40 <DIR> ATI
22.06.2006 08:19 <DIR> Webroot
13.05.2006 08:27 <DIR> ConMet
06.05.2006 13:13 <DIR> OpenOffice.org2
24.04.2006 10:57 <DIR> Talkback
24.04.2006 10:57 <DIR> Mozilla
18.04.2006 14:04 <DIR> InstallShield
12.04.2006 16:27 <DIR> Championship Manager 2006 BETA Demo
12.04.2006 16:27 <DIR> InstallShield Installation Information
06.04.2006 18:17 <DIR> Real
01.04.2006 07:40 <DIR> AVG7
13.02.2006 13:08 <DIR> Help
05.02.2006 16:37 <DIR> Chromeflower
05.02.2006 16:37 <DIR> CrystalSpace
30.12.2005 20:32 <DIR> Template
29.12.2005 00:17 <DIR> Symantec
18.12.2005 15:23 <DIR> mbin.jp
12.12.2005 12:53 <DIR> InfoTurist
08.12.2005 20:38 <DIR> Ahead
08.12.2005 13:33 <DIR> Macromedia
07.12.2005 11:32 <DIR> AdobeUM
02.12.2005 22:52 <DIR> Adobe
02.12.2005 20:38 <DIR> Lavasoft
02.12.2005 20:15 <DIR> Identities
02.12.2005 20:15 <DIR> Microsoft
02.12.2005 20:15 <DIR> Sun
02.12.2005 20:15 <DIR> ..
02.12.2005 20:15 <DIR> .
30.11.2005 22:23 62 desktop.ini
1 soubor…, 62 bajt…
Adres ý…: 30, Volněch bajt…: 26052476928
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\mŁj internet\DATAAP~1
23.06.2006 11:22 <DIR> Webroot
04.06.2006 01:08 <DIR> ConMet
04.06.2006 01:08 <DIR> AVG7
22.04.2006 17:49 <DIR> Talkback
22.04.2006 17:49 <DIR> Mozilla
08.04.2006 18:06 <DIR> Real
08.04.2006 18:06 <DIR> Identities
08.04.2006 18:06 <DIR> Sun
07.04.2006 11:43 <DIR> Lavasoft
07.04.2006 11:41 <DIR> Macromedia
07.04.2006 11:39 62 desktop.ini
07.04.2006 11:39 <DIR> Microsoft
07.04.2006 11:39 <DIR> .
07.04.2006 11:39 <DIR> ..
1 soubor…, 62 bajt…
Adres ý…: 13, Volněch bajt…: 26052472832
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Neçpor\DATAAP~1
18.03.2007 21:43 <DIR> GlarySoft
12.09.2006 16:04 31 pcouffin.log
12.09.2006 16:04 7176 pcouffin.cat
12.09.2006 16:04 81920 ezpinst.exe
12.09.2006 16:04 47360 pcouffin.sys
12.09.2006 16:04 1144 pcouffin.inf
17.08.2006 20:45 <DIR> Elaborate Bytes
17.08.2006 11:37 <DIR> Nero
16.08.2006 18:16 85 .zreglib
15.08.2006 12:25 <DIR> akcnicestinashw
11.08.2006 13:59 <DIR> PC Tools
07.08.2006 11:25 <DIR> SlySoft
07.08.2006 00:57 <DIR> ATI
29.07.2006 18:46 <DIR> Free Download Manager
15.07.2006 19:15 <DIR> Media Player Classic
13.07.2006 17:06 <DIR> Sereniti
13.07.2006 12:48 <DIR> ICQLite
23.06.2006 12:24 <DIR> Vso
20.06.2006 18:29 <DIR> Webroot
16.06.2006 18:21 <DIR> Template
07.06.2006 19:13 <DIR> Skype
22.04.2006 13:41 <DIR> Talkback
22.04.2006 13:40 <DIR> Mozilla
16.04.2006 13:56 <DIR> ConMet
16.04.2006 08:16 <DIR> NetCentrum
13.04.2006 23:33 <DIR> OpenOffice.org2
08.04.2006 18:05 <DIR> Google
03.04.2006 22:54 <DIR> Real
02.04.2006 15:54 <DIR> VSO_HWE
31.03.2006 17:49 <DIR> AVG7
30.03.2006 23:53 <DIR> dvdcss
05.03.2006 13:17 <DIR> teamspeak2
23.02.2006 17:32 <DIR> Opera
14.01.2006 21:50 <DIR> InfoTurist
11.01.2006 00:26 <DIR> MobileAction
26.12.2005 14:20 <DIR> Symantec
23.12.2005 19:45 <DIR> Macromedia
22.12.2005 01:57 <DIR> AquaNox
18.12.2005 09:45 <DIR> mbin.jp
13.12.2005 15:48 <DIR> Help
10.12.2005 19:49 <DIR> AdobeUM
07.12.2005 11:07 <DIR> DeepBurner
07.12.2005 01:35 <DIR> XnView
04.12.2005 21:57 <DIR> Ahead
30.11.2005 22:32 <DIR> Adobe
29.11.2005 12:08 <DIR> Lavasoft
29.11.2005 11:18 <DIR> Identities
29.11.2005 11:17 62 desktop.ini
29.11.2005 11:17 <DIR> Microsoft
29.11.2005 11:17 <DIR> Sun
29.11.2005 11:17 <DIR> .
29.11.2005 11:17 <DIR> ..
7 soubor…, 137778 bajt…
Adres ý…: 45, Volněch bajt…: 26052472832
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\¦ANETA\DATAAP~1
13.01.2007 15:22 <DIR> akcnicestinashw
22.12.2006 20:20 <DIR> Skype
09.08.2006 08:41 <DIR> ATI
13.07.2006 13:46 <DIR> ICQLite
21.06.2006 23:00 <DIR> Webroot
19.06.2006 22:57 <DIR> OpenOffice.org2
10.06.2006 10:47 <DIR> Template
10.06.2006 10:42 <DIR> NetCentrum
11.05.2006 18:41 <DIR> ConMet
22.04.2006 15:47 <DIR> Talkback
22.04.2006 15:47 <DIR> Mozilla
08.04.2006 18:06 <DIR> Real
03.04.2006 20:03 <DIR> Lavasoft
30.03.2006 13:19 <DIR> Adobe
30.03.2006 13:14 <DIR> Macromedia
30.03.2006 12:27 <DIR> AVG7
30.01.2006 10:07 <DIR> Identities
30.01.2006 10:07 62 desktop.ini
30.01.2006 10:07 <DIR> Microsoft
30.01.2006 10:07 <DIR> ..
30.01.2006 10:07 <DIR> .
30.01.2006 10:07 <DIR> Sun
1 soubor…, 62 bajt…
Adres ý…: 21, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\Default User\DATAAP~1
29.11.2005 11:52 62 desktop.ini
29.11.2005 11:52 <DIR> ..
29.11.2005 11:52 <DIR> Microsoft
29.11.2005 11:52 <DIR> .
29.11.2005 11:11 <DIR> Sun
1 soubor…, 62 bajt…
Adres ý…: 4, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\LocalService\DATAAP~1
13.08.2006 19:26 <DIR> Mozilla
20.06.2006 18:30 <DIR> Webroot
30.03.2006 12:15 <DIR> AVG7
29.11.2005 11:15 <DIR> Microsoft
29.11.2005 11:15 <DIR> ..
29.11.2005 11:15 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 6, Volněch bajt…: 26052468736
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\Documents and Settings\NetworkService\DATAAP~1
01.08.2006 17:06 <DIR> Webroot
29.11.2005 11:14 <DIR> Microsoft
29.11.2005 11:14 <DIR> ..
29.11.2005 11:14 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 4, Volněch bajt…: 26052468736
******************************************
2) Vyhledávání a odstranění podezřelých .job souborů:
a) Soubory přítomné v C:\WINDOWS\tasks\ adresáři:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\WINDOWS\Tasks
18.06.2006 15:10 350 At15.job
18.06.2006 15:10 346 At14.job
18.06.2006 15:10 346 At13.job
18.06.2006 15:03 350 At12.job
18.06.2006 15:03 346 At11.job
18.06.2006 15:03 346 At10.job
18.06.2006 14:47 350 At9.job
18.06.2006 14:47 346 At8.job
18.06.2006 14:47 346 At7.job
27.12.2005 15:31 350 At6.job
27.12.2005 15:31 346 At5.job
27.12.2005 15:31 346 At4.job
27.12.2005 15:23 350 At3.job
27.12.2005 15:23 346 At2.job
27.12.2005 15:23 346 At1.job
29.11.2005 11:15 6 SA.DAT
29.11.2005 11:07 65 desktop.ini
29.11.2005 11:07 <DIR> .
29.11.2005 11:07 <DIR> ..
17 soubor…, 5˙281 bajt…
Adres ý…: 2, Volněch bajt…: 26˙052˙468˙736
––––––––––––––––––––––––––––––––––––––––––
b) Zjišťování vlastností přítomných .job souborů:
[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'At1.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At10.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At11.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At12.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 15:10:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:10
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At13.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At14.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At15.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 15:17:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 15:17
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At2.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At3.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:30:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At4.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At5.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At6.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:38:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 12/27/2005
EndDate: 00/00/0000
StartTime: 14:38
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At7.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\username.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/09/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 9
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At8.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\expIorer.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/07/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 7
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'At9.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\WINDOWS\system32\sp2protect.exe'
Parameters: ''
WorkingDirectory: ''
Comment: 'Vytvořil: NetScheduleJobAdd'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 04/15/2007 14:54:00
StartError: 0x80070002
ExitCode: 0
Status: SCHED_S_TASK_HAS_NOT_RUN
ScheduledWorkItem Flags:
DeleteWhenDone = 1
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
[WARN ] Unrecognized bits = 200000
TaskFlags: 0
1 Trigger
Trigger 0:
Type: MonthlyDate
Days: 15
Months: JanFebMarAprMayJunJulAugSepOctNovDec
StartDate: 06/18/2006
EndDate: 00/00/0000
StartTime: 14:54
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
––––––––––––––––––––––––––––––––––––––––––
c) Nalezené a odstraněné nežádoucí soubory:
––––––––––––––––––––––––––––––––––––––––––
d) Soubory přítomné v adresáři po vymazání:
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 70B0-38CE.
Věpis adres ýe C:\WINDOWS\Tasks
18.06.2006 15:10 350 At15.job
18.06.2006 15:10 346 At14.job
18.06.2006 15:10 346 At13.job
18.06.2006 15:03 350 At12.job
18.06.2006 15:03 346 At11.job
18.06.2006 15:03 346 At10.job
18.06.2006 14:47 350 At9.job
18.06.2006 14:47 346 At8.job
18.06.2006 14:47 346 At7.job
27.12.2005 15:31 350 At6.job
27.12.2005 15:31 346 At5.job
27.12.2005 15:31 346 At4.job
27.12.2005 15:23 350 At3.job
27.12.2005 15:23 346 At2.job
27.12.2005 15:23 346 At1.job
29.11.2005 11:15 6 SA.DAT
29.11.2005 11:07 65 desktop.ini
29.11.2005 11:07 <DIR> .
29.11.2005 11:07 <DIR> ..
17 soubor…, 5˙281 bajt…
Adres ý…: 2, Volněch bajt…: 26˙052˙288˙512
******************************************
3) Vyhledávání podvodných programů ve složce Program files:
Adresář C:\Program Files\Adv Nepřítomen !
Adresář C:\Program Files\Adverts Nepřítomen !
Adresář C:\Program Files\BitDownload Nepřítomen !
Adresář C:\Program Files\BitGrabber Nepřítomen !
Adresář C:\Program Files\BitRoll Nepřítomen !
Adresář C:\Program Files\C2Media Nepřítomen !
Adresář C:\Program Files\Download Plugin Přítomen !
Adresář C:\Program Files\Messenger Plus! 3 Nepřítomen !
Adresář C:\Program Files\NetPumper Nepřítomen !
Adresář C:\Program Files\Proxy download Nepřítomen !
Adresář C:\Program Files\SuperTorrent Nepřítomen !
Adresář C:\Program Files\Torrent101 Nepřítomen !
Adresář C:\Program Files\TorrentQ Nepřítomen !
DÍKY
A nemužu spustit MWAV PC vypne samo od sebe.Vypíná se i při jinych věcech.Někdy šlape normálně ale když chcu spustit MWAV tak se po 30 minutach vypne (zapípá to vněm a hotovo 
