Tak tady je ten log :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:36:14, on 21.11.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\svchost\czvhost.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\jarousek\AppData\Local\Temp\xxx8227.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Eset\nod32kui.exe
C:\Users\jarousek\AppData\Local\Temp\~tmpb.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\opera.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F3 - REG:win.ini: run=c:\windows\svchost\czvhost.exe
O1 - Hosts: 67.228.186.130 L2authd.lineage2.com
O1 - Hosts: 67.228.186.130 L2testauthd.lineage2.com
O1 - Hosts: 209.34.168.66 nProtect.lineage2.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.4.29.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - C:\Program Files\ActivationManager\ActivationManager.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: livetvbar Toolbar - {ad55c869-668e-457c-b270-0cfb2f61116f} - C:\Program Files\livetvbar\tblive.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSFox] C:\Users\jarousek\AppData\Local\Temp\xxx8227.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: ĘąÓĂUUSeeĎÂÔŘ - C:\Program Files\uusee\geturltodown.htm
O8 - Extra context menu item: ĘąÓĂUUSeeĽÓËٲĄ·Ĺ - C:\Program Files\uusee\geturltoplay.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC5C1008-B31E-4804-8626-A6F483A81445}: NameServer = 10.193.1.1,10.193.5.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Just Flight Limited License Service - Just Flight Limited - C:\Program Files\Common Files\Just Flight Limited Shared\Service\JustFlightLimitedLicSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 10306 bytes
dekuji.
Prosím o kontrolu logu
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43292
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Vítej na fóru PC-HELP!
Odinstaluj:
Crawler Toolbar
Yahoo! Toolbar
ICQ Toolbar
Megaupload Toolbar
Alcohol Toolbar Helper
DAEMON Tools Toolbar
Pokud máš 32bit. verzi Windows Vista:
Vypni rez. ochranu u NOD32 a štít u ST.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Odinstaluj:
Crawler Toolbar
Yahoo! Toolbar
ICQ Toolbar
Megaupload Toolbar
Alcohol Toolbar Helper
DAEMON Tools Toolbar
Pokud máš 32bit. verzi Windows Vista:
Vypni rez. ochranu u NOD32 a štít u ST.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
ComboFix 08-11-21.02 - jarousek 2008-11-21 19:35:42.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1250.1.1029.18.91 [GMT 1:00]
Spuštěný z: c:\users\jarousek\Desktop\ComboFix.exe
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\struct~.ini
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-21 do 2008-11-21 )))))))))))))))))))))))))))))))
.
2008-11-21 16:45 . 2008-11-21 16:45 <DIR> d-------- c:\program files\Trend Micro
2008-11-21 14:27 . 2008-11-21 15:20 <DIR> d-------- c:\program files\WinClamAVShield
2008-11-21 14:21 . 2008-11-21 19:28 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 15:19 <DIR> d-------- c:\users\All Users\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 15:19 <DIR> d-------- c:\programdata\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 14:21 141,312 --a------ c:\windows\System32\drivers\sp_rsdrv2.sys
2008-11-21 14:20 . 2008-11-21 19:28 <DIR> d-------- c:\program files\Spyware Terminator
2008-11-21 14:17 . 2008-11-21 14:19 15,083,520 --a------ c:\users\jarousek\spybotsd160.exe
2008-11-21 10:32 . 2008-11-21 10:32 55,832,640 --a------ c:\windows\MEMORY.DMP
2008-11-19 22:21 . 2008-11-19 22:22 <DIR> d-------- c:\program files\FlashGet
2008-11-17 16:05 . 2008-11-17 16:05 <DIR> d-------- c:\users\All Users\Aspyr
2008-11-17 16:05 . 2008-11-17 16:05 <DIR> d-------- c:\programdata\Aspyr
2008-11-17 15:43 . 2008-11-17 15:43 <DIR> d-------- c:\program files\Aspyr
2008-11-17 09:47 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-17 09:47 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-17 09:47 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-17 09:47 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-17 09:47 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-17 09:47 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-17 09:47 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-17 09:46 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-17 09:46 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-13 17:10 . 2008-11-13 17:10 <DIR> d-------- c:\users\All Users\MumboJumbo
2008-11-13 17:10 . 2008-11-13 17:10 <DIR> d-------- c:\programdata\MumboJumbo
2008-11-13 17:05 . 2008-11-13 17:05 <DIR> d-------- c:\program files\Games
2008-11-11 19:37 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-11 19:37 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-11 19:37 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-11 19:28 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\System32\D3DX9_40.dll
2008-11-11 19:28 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\System32\D3DCompiler_40.dll
2008-11-11 19:28 . 2008-10-10 04:52 452,440 --a------ c:\windows\System32\d3dx10_40.dll
2008-11-11 19:27 . 2008-10-27 10:04 514,384 --a------ c:\windows\System32\XAudio2_3.dll
2008-11-11 19:27 . 2008-10-27 10:04 235,856 --a------ c:\windows\System32\xactengine3_3.dll
2008-11-11 19:27 . 2008-10-27 10:04 70,992 --a------ c:\windows\System32\XAPOFX1_2.dll
2008-11-11 19:27 . 2008-10-27 10:04 23,376 --a------ c:\windows\System32\X3DAudio1_5.dll
2008-11-11 19:25 . 2008-11-11 19:26 <DIR> d--h----- c:\windows\msdownld.tmp
2008-11-11 17:50 . 2008-11-11 17:50 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-11-11 17:50 . 2008-09-16 01:14 3,596,288 --a------ c:\windows\System32\qt-dx331.dll
2008-11-11 17:50 . 2008-09-24 19:41 839,680 --a------ c:\windows\System32\lameACM.acm
2008-11-11 17:50 . 2008-09-16 01:11 683,520 --a------ c:\windows\System32\divx.dll
2008-11-11 17:50 . 2004-01-25 17:18 217,088 --a------ c:\windows\System32\yv12vfw.dll
2008-11-11 17:50 . 2007-09-21 01:52 118,784 --a------ c:\windows\System32\ac3acm.acm
2008-11-11 17:50 . 2008-09-16 01:12 81,920 --a------ c:\windows\System32\dpl100.dll
2008-11-11 17:50 . 2007-07-10 17:10 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2008-11-11 17:50 . 2008-10-03 13:30 414 --a------ c:\windows\System32\lame_acm.xml
2008-11-11 15:56 . 2008-11-11 15:57 <DIR> d-------- c:\program files\VistaCodecPack
2008-11-11 15:44 . 2008-11-11 15:44 <DIR> d-------- c:\users\All Users\VistaCodecs
2008-11-11 15:44 . 2008-11-11 15:44 <DIR> d-------- c:\programdata\VistaCodecs
2008-11-10 22:29 . 2008-05-16 11:48 446,464 --a------ c:\windows\System32\NVUNINST.EXE
2008-11-10 21:36 . 2008-11-10 21:36 <DIR> d-------- c:\users\All Users\ATI
2008-11-10 21:36 . 2008-11-10 21:36 <DIR> d-------- c:\programdata\ATI
2008-11-10 20:11 . 2008-11-10 20:11 <DIR> d-------- c:\program files\JoWooD
2008-11-10 18:22 . 2008-11-10 18:22 <DIR> d-------- c:\program files\Activision
2008-11-10 15:13 . 2008-11-10 15:13 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2008-11-10 15:13 . 2008-11-10 15:13 22,328 --a------ c:\users\jarousek\AppData\Roaming\PnkBstrK.sys
2008-11-10 15:12 . 2008-11-10 15:12 682,280 --a------ c:\windows\System32\pbsvc.exe
2008-11-10 15:12 . 2008-11-10 15:12 107,832 --a------ c:\windows\System32\PnkBstrB.exe
2008-11-10 15:12 . 2008-11-10 15:12 66,872 --a------ c:\windows\System32\PnkBstrA.exe
2008-11-08 11:03 . 2008-11-08 11:03 <DIR> d-------- c:\program files\Pro Evolution Soccer 2009
2008-11-04 18:03 . 2008-11-04 18:03 <DIR> d-------- c:\program files\Footy Live Updater
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Activision
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\users\All Users\Activision
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\programdata\Activision
2008-11-02 14:46 . 2008-11-02 14:46 <DIR> d-------- c:\windows\System32\xlive
2008-10-31 22:49 . 2008-10-31 22:49 <DIR> d-------- c:\program files\Alcohol Soft
2008-10-29 13:39 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-29 13:39 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-29 13:39 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-10-28 13:08 . 2008-10-28 13:08 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Capcom
2008-10-27 23:04 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\System32\D3DX9_38.dll
2008-10-27 23:04 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\System32\D3DCompiler_38.dll
2008-10-27 23:04 . 2008-05-30 14:19 507,400 --a------ c:\windows\System32\XAudio2_1.dll
2008-10-27 23:04 . 2008-05-30 14:11 467,984 --a------ c:\windows\System32\d3dx10_38.dll
2008-10-27 23:04 . 2008-05-30 14:18 238,088 --a------ c:\windows\System32\xactengine3_1.dll
2008-10-27 23:04 . 2008-05-30 14:17 65,032 --a------ c:\windows\System32\XAPOFX1_0.dll
2008-10-27 23:04 . 2008-05-30 14:17 25,608 --a------ c:\windows\System32\X3DAudio1_4.dll
2008-10-27 13:13 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2008-10-27 13:13 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2008-10-27 13:13 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2008-10-27 13:13 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2008-10-27 13:13 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2008-10-27 13:13 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2008-10-27 09:24 . 2008-10-27 09:24 <DIR> d-------- c:\users\jarousek\Tekken3
2008-10-24 15:45 . 2008-10-24 15:45 <DIR> d-------- c:\users\jarousek\AppData\Roaming\2K Sports
2008-10-22 06:47 . 2008-10-22 06:47 995,328 --a------ c:\windows\System32\VSFilter.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-21 18:21 --------- d-----w c:\program files\DAEMON Tools Toolbar
2008-11-21 18:15 --------- d-----w c:\program files\ICQToolbar
2008-11-21 18:13 --------- d-----w c:\program files\Yahoo!
2008-11-19 21:33 --------- d-----w c:\users\jarousek\AppData\Roaming\uTorrent
2008-11-11 13:54 --------- d-----w c:\program files\ATI
2008-11-10 20:27 --------- d-----w c:\program files\ATI Technologies
2008-11-10 14:12 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-05 17:47 --------- d-----w c:\program files\Opera
2008-10-27 11:41 --------- d-----w c:\users\jarousek\AppData\Roaming\dvdcss
2008-10-24 19:10 --------- d-----w c:\program files\EA SPORTS
2008-10-19 14:52 --------- d-----w c:\programdata\Urban FreeStyle Soccer
2008-10-19 13:30 --------- d-----w c:\program files\Common Files\SWF Studio
2008-10-16 14:54 --------- d-----w c:\programdata\KONAMI
2008-10-14 18:51 --------- d-----w c:\program files\Windows Mail
2008-10-14 13:14 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2008-10-13 18:57 --------- d-----w c:\program files\PowerISO
2008-10-08 12:38 --------- d-----w c:\program files\SystemRequirementsLab
2008-10-01 16:59 --------- d-----w c:\users\jarousek\AppData\Roaming\Skype
2008-10-01 14:44 --------- d-----w c:\users\jarousek\AppData\Roaming\skypePM
2008-09-30 19:43 --------- d-----w c:\users\jarousek\AppData\Roaming\ATI
2008-09-30 19:01 --------- d-----w c:\program files\uTorrent
2008-09-30 18:11 --------- d-----w c:\program files\GameSpy
2008-09-30 16:55 --------- d-----w c:\program files\Longman
2008-09-28 15:55 --------- d-----w c:\program files\Croteam
2008-09-28 15:51 --------- d-----w c:\users\jarousek\AppData\Roaming\Canneverbe_Limited
2008-09-28 10:15 114,496 ----a-w c:\windows\system32\drivers\prodrv04.sys
2008-09-27 17:16 --------- d-----w c:\program files\Microsoft Games
2008-09-25 17:00 --------- d-----w c:\program files\TVKoo
2008-09-24 18:01 --------- d---a-w c:\programdata\TEMP
2008-09-24 03:09 3,976,192 ----a-w c:\windows\system32\drivers\atikmdag.sys
2008-09-24 01:10 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2008-08-27 18:42 674,138 ----a-w c:\windows\unins000.exe
2008-06-10 14:23 174 --sha-w c:\program files\desktop.ini
2008-03-17 16:42 32 ----a-w c:\users\All Users\ezsid.dat
2008-03-17 16:42 32 ----a-w c:\programdata\ezsid.dat
2008-02-01 12:06 0 ---h--w c:\users\All Users\PKP_DLds.DAT
2008-02-01 12:06 0 ---h--w c:\programdata\PKP_DLds.DAT
2008-01-27 06:32 20 ---h--w c:\users\All Users\PKP_DLec.DAT
2008-01-27 06:32 20 ---h--w c:\programdata\PKP_DLec.DAT
2007-08-28 11:58 87,608 ----a-w c:\users\jarousek\AppData\Roaming\ezpinst.exe
2007-08-28 11:58 47,360 ----a-w c:\users\jarousek\AppData\Roaming\pcouffin.sys
2007-03-06 23:33 1,222,656 ----a-w c:\users\jarousek\AppData\Roaming\Taskm.exe
2007-09-01 11:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-09-01 11:28 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-09-01 11:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{AD55C869-668E-457C-B270-0CFB2F61116F}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024]
[HKEY_CLASSES_ROOT\clsid\{ad55c869-668e-457c-b270-0cfb2f61116f}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ad55c869-668e-457c-b270-0cfb2f61116f}]
2008-07-10 13:04 1600024 --a------ c:\program files\livetvbar\tblive.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ad55c869-668e-457c-b270-0cfb2f61116f}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-21 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-07-06 949376]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-11-21 1783808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ir32"= c:\windows\system32\ir32_32.dll
"vidc.ir31"= c:\windows\system32\ir32_32.dll
"msacm.divxa32"= divxa32.acm
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MioSync.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MioSync.lnk
backup=c:\windows\pss\MioSync.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-24 16:02 490952 c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSmart]
--a------ 2008-08-27 05:39 16094456 c:\program files\ErrorSmart\ErrorSmart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
--a------ 2007-09-25 09:10 2007088 c:\program files\FlashGet\flashget.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-07-28 21:54 98304 c:\windows\System32\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 c:\program files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{1A6B820B-B361-44C4-86FD-8580861B6E5D}c:\\program files\\chroma clash\\chromaclash.exe"= UDP:c:\program files\chroma clash\chromaclash.exe:ChromaClash
"UDP Query User{EDEA461D-C262-4418-A32F-80AEFE58DC0B}c:\\program files\\chroma clash\\chromaclash.exe"= TCP:c:\program files\chroma clash\chromaclash.exe:ChromaClash
"TCP Query User{580DA7B9-1AF5-44E9-8C6B-05675DDF0F28}c:\\program files\\culinatix\\sql anywhere 7\\win32\\rteng7.exe"= UDP:c:\program files\culinatix\sql anywhere 7\win32\rteng7.exe:Adaptive Server Anywhere Database Engine
"UDP Query User{EA5F6566-8AED-480F-AA19-2622EEEC1787}c:\\program files\\culinatix\\sql anywhere 7\\win32\\rteng7.exe"= TCP:c:\program files\culinatix\sql anywhere 7\win32\rteng7.exe:Adaptive Server Anywhere Database Engine
"TCP Query User{EFA2FD24-A4B8-4EC6-B954-382792596F5C}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{F493ADD5-429F-4ADD-88F9-74CA1DB058B5}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{D86772C6-1A55-4AE2-808F-E9CCC655101A}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{DAC4B32F-BDBA-4DA7-B073-1D16C6EF92E3}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{DDA82FA8-337E-47E4-B976-761AEAD51BA9}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{E999119A-90B6-43D3-B59F-5D7D44F2A3D2}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{80F0A9F6-9B97-455C-8DCD-71E04F5D1C7E}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{C8DB7B3D-C230-40A3-9C58-B64CAD9F7F66}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{218C9DCC-90DE-49A7-B13C-94378D0E16D3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7D97EA4B-2D43-4C3F-AF31-5E856C6227C5}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{0F7E1736-3535-4107-AB3C-16A9416EA80B}"= UDP:9522:BitComet 9522 TCP
"{E477C5A1-6FE6-44D4-8335-D19F6EBBE121}"= TCP:9522:BitComet 9522 UDP
"TCP Query User{6DED12DB-AAF5-4F16-B939-4AB05E914AD6}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{D50F35BC-C53F-418B-A548-F2F7F34AA671}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{F2844420-77BA-478E-95EF-213D4842C095}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{053215C3-127A-4D9A-9593-031FC056B188}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{2769BD30-1F92-408B-8B26-57393CFF7A7C}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= UDP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"UDP Query User{F035C6B7-51F4-41A4-AD5A-7469A96F4C75}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= TCP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"TCP Query User{E458765D-9B96-4D54-9F96-A11E0341752D}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{A5C60D2F-421F-4243-948D-4B31970B4258}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{C49DBEBD-4ED5-43E1-B59A-B92AAFF19CC5}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{B60A8385-ECF4-462C-BC18-575A17B481D4}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{9B8FDC0E-0DD3-4F99-ABD8-1C90959D59C0}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{9EDDF0DD-D4C3-4F69-88F9-DF35851B4B82}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{E1716D8D-C8AB-447A-9463-9DCB7E9817B2}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"UDP Query User{155E3644-E2FC-41F2-A566-346C39FFCF72}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"{67B283AC-8D1C-427E-9D50-00525F04F059}"= UDP:c:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:Zoo Tycoon 2 Executable
"{8609AAFA-18C3-462D-A232-41191423BC4B}"= TCP:c:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:Zoo Tycoon 2 Executable
"TCP Query User{D73CC057-2174-4B4D-93BA-A8BE3FF2BDE2}c:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:c:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"UDP Query User{052D7D26-DB66-47A5-B496-5CE01C487326}c:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:c:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"TCP Query User{265FADE7-7B11-49EA-B105-B0EC2CDBE7D3}c:\\games\\paintball2\\paintball2.exe"= UDP:c:\games\paintball2\paintball2.exe:paintball2
"UDP Query User{130DE5D2-F1BB-46FB-B03C-54F4933EB90C}c:\\games\\paintball2\\paintball2.exe"= TCP:c:\games\paintball2\paintball2.exe:paintball2
"TCP Query User{D71AA27C-A33C-40B9-A27C-38A4E1717901}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{B253A665-F738-4B61-9EF0-73CCE426D7D8}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{E2206894-8FF3-4522-B097-987B0A5C5B0A}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{C12F6AE0-7CD9-4E43-B2D4-81CA4875543F}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{921A3CB0-C18E-46E6-AB87-AE9A3FD86579}c:\\program files\\xfire\\ua_lsp_inst.exe"= UDP:c:\program files\xfire\ua_lsp_inst.exe:ua_lsp_inst
"UDP Query User{CCE2C3C8-604E-444A-95EF-3E155A1FC1E6}c:\\program files\\xfire\\ua_lsp_inst.exe"= TCP:c:\program files\xfire\ua_lsp_inst.exe:ua_lsp_inst
"TCP Query User{FBC0C9F2-9073-428F-90D7-01B56B0DDCC9}c:\\program files\\ea games\\medal of honor pacific assault(tm)\\mohpa.exe"= UDP:c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe:Medal of Honor Pacific Assault(tm)
"UDP Query User{485D27AB-94DB-4D05-926D-B56E7040BD54}c:\\program files\\ea games\\medal of honor pacific assault(tm)\\mohpa.exe"= TCP:c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe:Medal of Honor Pacific Assault(tm)
"TCP Query User{0077AAF9-9219-4FC6-BC80-BDC64152265D}c:\\program files\\ea sports\\nhl08\\nhl2008.exe"= UDP:c:\program files\ea sports\nhl08\nhl2008.exe:nhl2008
"UDP Query User{AF0C3140-B756-411D-B974-2094720C1BAE}c:\\program files\\ea sports\\nhl08\\nhl2008.exe"= TCP:c:\program files\ea sports\nhl08\nhl2008.exe:nhl2008
"{BF9E6353-6C9F-4F73-B1C5-039ABE0DE941}"= UDP:c:\program files\DAP\DAP.exe:Download Accelerator Plus (DAP)
"{CB50C12F-DCA1-4F64-A88D-02276B767C32}"= TCP:c:\program files\DAP\DAP.exe:Download Accelerator Plus (DAP)
"TCP Query User{EDF06CD0-A76A-4551-ACEF-233F5C361AA4}c:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:c:\program files\thq\dawn of war\w40k.exe:W40K
"UDP Query User{1BEF4F7D-2DB7-4CEE-B6F8-2F8768E95006}c:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:c:\program files\thq\dawn of war\w40k.exe:W40K
"TCP Query User{1BDFA3E1-D658-4A66-A4D5-CD393CFDC8A9}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{CBEF3571-54E7-4BF9-89E2-650E3F349DB9}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{4BB96250-E214-4539-95E1-09E0EACE49A1}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{73A0E253-A60E-42A5-B1F8-01265231ABDC}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{DBDB5484-B5A0-443C-894A-811417E4EDB7}c:\\program files\\tvplayerclassic\\tvplayerclassic.exe"= UDP:c:\program files\tvplayerclassic\tvplayerclassic.exe:TvPlayerClassic
"UDP Query User{C91BFE53-AC7A-49F6-8A40-55AE795807D1}c:\\program files\\tvplayerclassic\\tvplayerclassic.exe"= TCP:c:\program files\tvplayerclassic\tvplayerclassic.exe:TvPlayerClassic
"TCP Query User{9C413FDE-3965-4897-B1CB-C00998F066C6}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{398409ED-3D82-4CEF-9C62-A55F5D243BD5}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{49BCB8AA-D2BA-4257-8B7B-6151876B7B24}c:\\program files\\valve\\hl.exe"= UDP:c:\program files\valve\hl.exe:Half-Life Launcher
"UDP Query User{0D9B10D5-ECB9-4254-ACB0-1074119C55BA}c:\\program files\\valve\\hl.exe"= TCP:c:\program files\valve\hl.exe:Half-Life Launcher
"TCP Query User{AC1B579D-B3D7-405F-8A57-2F33E6D7F3F3}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"UDP Query User{653917D2-4AD3-4262-A361-7876A938C17C}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"TCP Query User{42ACF605-B591-4252-AE4D-F21768463387}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{7E0DA85F-F743-4EB6-AC0A-FBD5833379A3}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{39AAE2F8-89EE-4AC9-BF8A-EF772FEA9E90}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{280D376B-0CAF-4679-B336-B37EAAE7E3C3}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"{989DFF56-535B-448C-965F-D4635956B2F8}"= UDP:c:\program files\Zaklínač\System\witcher.exe:witcher
"{DBF498E5-87FD-41C6-A00E-B785B7EC6D91}"= TCP:c:\program files\Zaklínač\System\witcher.exe:witcher
"TCP Query User{825F5BF7-D1FB-4C6D-A63F-5F6AD69E2F9B}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{26CAD9ED-2D0F-46DC-80B3-82EB6C6929CD}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{BC637FC8-5B61-41B0-AD8F-2F20138D8A97}c:\\downloads\\sro_new_full-client_downloader.exe"= UDP:c:\downloads\sro_new_full-client_downloader.exe:Full-Client Downloader
"UDP Query User{30B26735-4684-45BB-B34C-516947981E16}c:\\downloads\\sro_new_full-client_downloader.exe"= TCP:c:\downloads\sro_new_full-client_downloader.exe:Full-Client Downloader
"TCP Query User{65E7A147-E3E9-4A4E-A235-5687582D3C33}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{E598D3D7-A93C-49C3-B026-A783989F86B1}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"{338201BD-37D8-47C8-82DB-31CB4CF6067D}"= UDP:c:\program files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:The Battle for Middle-earth(tm) II
"{B4F7E00F-65A4-4AEF-B2DC-6DD4BAB66EB6}"= TCP:c:\program files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:The Battle for Middle-earth(tm) II
"{5AAE0FAE-5A87-44A4-B919-8F878277E1BE}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{965D5B0A-3413-49F2-85EB-5C86A2315D59}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{3FD9FB9F-EF10-41AF-B9E4-B38FFDF8BD7D}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{E20C7414-7647-4942-85DE-0731882ADEDE}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CB6CADA3-46FD-46BA-A2F6-F34FE4D6F50E}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{0F3CE649-300A-4C5B-A243-AFFAEFB57778}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{CB0D813E-68D5-4FB0-8794-576E37A52F69}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{7D1E7768-0C25-476C-8B19-6B08B8F59008}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{D406CDC0-7E17-4F97-9491-F6BD262020ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{15DA2DAA-14DA-46E3-A261-F6AB48E1287D}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{5F0B6F96-E09F-425E-A0B0-B48681826582}c:\\program files\\valusoft\\18 wheels of steel - across america\\prism3d.exe"= UDP:c:\program files\valusoft\18 wheels of steel - across america\prism3d.exe:prism3d
"UDP Query User{6A545B89-A228-4AFA-8B3D-B6D5FA4B378D}c:\\program files\\valusoft\\18 wheels of steel - across america\\prism3d.exe"= TCP:c:\program files\valusoft\18 wheels of steel - across america\prism3d.exe:prism3d
"TCP Query User{84B50B8C-AB39-42AD-8550-F20E6AB81A9C}c:\\program files\\common files\\uusee\\uuseemediacenter.exe"= UDP:c:\program files\common files\uusee\uuseemediacenter.exe:MediaCenter
"UDP Query User{F144B471-C30F-408E-8D9B-F0DF0D4E153C}c:\\program files\\common files\\uusee\\uuseemediacenter.exe"= TCP:c:\program files\common files\uusee\uuseemediacenter.exe:MediaCenter
"{B897C00A-6AAC-4CC9-8B5D-07E5127B27EC}"= Disabled:UDP:c:\users\jarousek\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{384BB080-3105-4BF5-AF4D-C9023EC5BADD}"= Disabled:TCP:c:\users\jarousek\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"TCP Query User{52E24701-D3F8-49B2-A5AD-BF76C3CED646}c:\\program files\\speedball2 demo\\speedball2.exe"= UDP:c:\program files\speedball2 demo\speedball2.exe:Speedball2
"UDP Query User{B8801674-F02B-412E-A443-99E2143CC4EC}c:\\program files\\speedball2 demo\\speedball2.exe"= TCP:c:\program files\speedball2 demo\speedball2.exe:Speedball2
"TCP Query User{3120E6C5-CCD3-49EA-AC46-A4AEFFBB555A}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{3D88BC21-A1E2-481A-B9C0-DE1858370EDB}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{FD082FF5-3C0A-4A72-8179-6DC0DD1A460C}c:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= UDP:c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"UDP Query User{57339B54-FD00-4EE1-95FA-4CE8B3AD974A}c:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= TCP:c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"TCP Query User{C091DD06-5AC9-43A5-BB34-36A27DFD935E}c:\\program files\\tvkoo\\tvkoo_071222_by_myp2p.eu.exe"= UDP:c:\program files\tvkoo\tvkoo_071222_by_myp2p.eu.exe:ViViMediaPlay
"UDP Query User{371BD28B-7298-4943-BF7A-88C5BDA486E2}c:\\program files\\tvkoo\\tvkoo_071222_by_myp2p.eu.exe"= TCP:c:\program files\tvkoo\tvkoo_071222_by_myp2p.eu.exe:ViViMediaPlay
"{E02C5303-72D2-49B2-A446-21C6A3F695D6}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{7C6A5B59-63FA-4AD7-9484-1684B1A260B2}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{376DA260-CD9F-4EB1-A74F-56B75C0D3FC4}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= UDP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{7C024BFD-CF60-42F5-BB1C-0FE1F19ACDA6}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= TCP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{4C330118-7936-4454-9D2E-4680E3B51025}"= UDP:c:\games\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{F974B09F-7ACA-4E21-B92A-40931A0D3407}"= TCP:c:\games\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{97FC1C23-0B8C-4E41-A1FB-168FDA916B11}"= UDP:c:\program files\Capcom\MotoGP 08\Launcher.exe:MotoGP 08
"{A03AB22A-136B-41FD-9225-E307EE35C578}"= TCP:c:\program files\Capcom\MotoGP 08\Launcher.exe:MotoGP 08
"{1F3018D3-AB19-447E-BEFD-4CFAE0983A29}"= UDP:c:\program files\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe:Quantum of Solace
"{9E26E0BE-1220-4D18-AF70-3515660B34B5}"= TCP:c:\program files\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe:Quantum of Solace
"{69006797-D7E0-48C9-9CBC-5CC8684BEB40}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{B7D89E1E-35E1-4C86-99B1-C8635890CFF9}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{9515AB48-0FFA-4F6D-84CB-856DBFAFB3AD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{00CD37D1-D087-4EF5-A608-C263B3343A93}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{B9D8BE9F-E8F2-47A2-BB99-5DE2F1A456A3}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{53CFFC9C-02B0-4B38-AB4D-A3F6376BE47D}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{18B3EB01-945C-4E2C-9BC5-73F7C7B80A55}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{78210EE4-4760-4F70-8498-F11476538331}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\\\WINDOWS\\\\svchost/czvhost.exe"= c:\windows\svchost/czvhost.exe:*:Enabled:svchost
"c:\\Program Files\\PPMate\\ppmate.exe"= c:\program files\PPMate\ppmate.exe:*:Enabled:PPMate
"c:\\Program Files\\PPMate\\ppamnet.exe"= c:\program files\PPMate\ppamnet.exe:*:Enabled:PPMate
"c:\\Program Files\\PPStream\\PPStream.exe"= c:\program files\PPStream\PPStream.exe:*:Enabled:PPSÍřÂçµçĘÓ
"c:\\Program Files\\PPStream\\PPSAP.exe"= c:\program files\PPStream\PPSAP.exe:*:Enabled:PPS ÍřÂçĽÓËŮĆ÷
"c:\\Program Files\\uusee\\UUSeePlayer.exe"= c:\program files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer
R1 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\pacer.sys [2008-07-08 72192]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-11-21 141312]
R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2008-09-24 3976192]
S1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [2007-07-11 114496]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
\shell\AutoRun\command - N:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e10731b-ea6f-11db-935b-00138fe1fb09}]
\shell\AutoRun\command - J:\Launch.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52b23437-864b-11dd-a602-00138fe1fb09}]
\shell\AutoRun\command - I:\starter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6edfb87-1e80-11dc-953e-00138fe1fb09}]
\shell\AutoRun\command - I:\autorun.exe
\shell\setup\command - I:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b50fb5e9-39d9-11dd-80c3-00138fe1fb09}]
\shell\AutoRun\command - I:\Menu.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca14a774-e9ea-11db-9a3c-00138fe1fb09}]
\shell\AutoRun\command - I:\Autorun.exe
*Newly Created Service* - PROCEXP90
.
Obsah adresáře 'Naplánované úlohy'
2008-10-16 c:\windows\Tasks\ErrorSmart Scheduled Scan.job
- c:\program files\ErrorSmart\ErrorSmart.exe [2008-08-27 05:39]
2008-10-16 c:\windows\Tasks\ErrorSmart Scheduled Scan.job
- c:\program files\ErrorSmart [2008-08-27 19:51]
2008-11-21 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-21 11:19]
2008-11-21 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
2008-11-21 c:\windows\Tasks\User_Feed_Synchronization-{5226FD64-F83E-447D-B6F5-E15B23E3601D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{86A44EF7-78FC-4e18-A564-B18F806F7F56} - (no file)
WebBrowser-{07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Free Download Manager - c:\program files\Free Download Manager\fdm.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-zzz_ImInstaller_IncrediMail - c:\users\jarousek\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install.exe
.
------- Doplňkový sken -------
.
FireFox -: Profile - c:\users\jarousek\AppData\Roaming\Mozilla\Firefox\Profiles\grmwtajf.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF -: plugin - c:\program files\Opera\program\plugins\npdivx32.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF -: plugin - c:\users\jarousek\AppData\Local\Google\Update\1.2.131.27\npGoogleOneClick6.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-21 19:50:36
Windows 6.0.6001 Service Pack 1 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2008-11-21 19:57:07
ComboFix-quarantined-files.txt 2008-11-21 18:57:00
Před spuštěním: Volných bajtů: 27 076 571 136
Po spuštění: Volných bajtů: 26,987,806,720
389 --- E O F --- 2008-11-19 11:35:13
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1250.1.1029.18.91 [GMT 1:00]
Spuštěný z: c:\users\jarousek\Desktop\ComboFix.exe
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\struct~.ini
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-21 do 2008-11-21 )))))))))))))))))))))))))))))))
.
2008-11-21 16:45 . 2008-11-21 16:45 <DIR> d-------- c:\program files\Trend Micro
2008-11-21 14:27 . 2008-11-21 15:20 <DIR> d-------- c:\program files\WinClamAVShield
2008-11-21 14:21 . 2008-11-21 19:28 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 15:19 <DIR> d-------- c:\users\All Users\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 15:19 <DIR> d-------- c:\programdata\Spyware Terminator
2008-11-21 14:21 . 2008-11-21 14:21 141,312 --a------ c:\windows\System32\drivers\sp_rsdrv2.sys
2008-11-21 14:20 . 2008-11-21 19:28 <DIR> d-------- c:\program files\Spyware Terminator
2008-11-21 14:17 . 2008-11-21 14:19 15,083,520 --a------ c:\users\jarousek\spybotsd160.exe
2008-11-21 10:32 . 2008-11-21 10:32 55,832,640 --a------ c:\windows\MEMORY.DMP
2008-11-19 22:21 . 2008-11-19 22:22 <DIR> d-------- c:\program files\FlashGet
2008-11-17 16:05 . 2008-11-17 16:05 <DIR> d-------- c:\users\All Users\Aspyr
2008-11-17 16:05 . 2008-11-17 16:05 <DIR> d-------- c:\programdata\Aspyr
2008-11-17 15:43 . 2008-11-17 15:43 <DIR> d-------- c:\program files\Aspyr
2008-11-17 09:47 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-17 09:47 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-17 09:47 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-17 09:47 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-17 09:47 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-17 09:47 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-17 09:47 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-17 09:46 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-17 09:46 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-13 17:10 . 2008-11-13 17:10 <DIR> d-------- c:\users\All Users\MumboJumbo
2008-11-13 17:10 . 2008-11-13 17:10 <DIR> d-------- c:\programdata\MumboJumbo
2008-11-13 17:05 . 2008-11-13 17:05 <DIR> d-------- c:\program files\Games
2008-11-11 19:37 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-11 19:37 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-11 19:37 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-11 19:28 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\System32\D3DX9_40.dll
2008-11-11 19:28 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\System32\D3DCompiler_40.dll
2008-11-11 19:28 . 2008-10-10 04:52 452,440 --a------ c:\windows\System32\d3dx10_40.dll
2008-11-11 19:27 . 2008-10-27 10:04 514,384 --a------ c:\windows\System32\XAudio2_3.dll
2008-11-11 19:27 . 2008-10-27 10:04 235,856 --a------ c:\windows\System32\xactengine3_3.dll
2008-11-11 19:27 . 2008-10-27 10:04 70,992 --a------ c:\windows\System32\XAPOFX1_2.dll
2008-11-11 19:27 . 2008-10-27 10:04 23,376 --a------ c:\windows\System32\X3DAudio1_5.dll
2008-11-11 19:25 . 2008-11-11 19:26 <DIR> d--h----- c:\windows\msdownld.tmp
2008-11-11 17:50 . 2008-11-11 17:50 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-11-11 17:50 . 2008-09-16 01:14 3,596,288 --a------ c:\windows\System32\qt-dx331.dll
2008-11-11 17:50 . 2008-09-24 19:41 839,680 --a------ c:\windows\System32\lameACM.acm
2008-11-11 17:50 . 2008-09-16 01:11 683,520 --a------ c:\windows\System32\divx.dll
2008-11-11 17:50 . 2004-01-25 17:18 217,088 --a------ c:\windows\System32\yv12vfw.dll
2008-11-11 17:50 . 2007-09-21 01:52 118,784 --a------ c:\windows\System32\ac3acm.acm
2008-11-11 17:50 . 2008-09-16 01:12 81,920 --a------ c:\windows\System32\dpl100.dll
2008-11-11 17:50 . 2007-07-10 17:10 547 --a------ c:\windows\System32\ff_vfw.dll.manifest
2008-11-11 17:50 . 2008-10-03 13:30 414 --a------ c:\windows\System32\lame_acm.xml
2008-11-11 15:56 . 2008-11-11 15:57 <DIR> d-------- c:\program files\VistaCodecPack
2008-11-11 15:44 . 2008-11-11 15:44 <DIR> d-------- c:\users\All Users\VistaCodecs
2008-11-11 15:44 . 2008-11-11 15:44 <DIR> d-------- c:\programdata\VistaCodecs
2008-11-10 22:29 . 2008-05-16 11:48 446,464 --a------ c:\windows\System32\NVUNINST.EXE
2008-11-10 21:36 . 2008-11-10 21:36 <DIR> d-------- c:\users\All Users\ATI
2008-11-10 21:36 . 2008-11-10 21:36 <DIR> d-------- c:\programdata\ATI
2008-11-10 20:11 . 2008-11-10 20:11 <DIR> d-------- c:\program files\JoWooD
2008-11-10 18:22 . 2008-11-10 18:22 <DIR> d-------- c:\program files\Activision
2008-11-10 15:13 . 2008-11-10 15:13 22,328 --a------ c:\windows\System32\drivers\PnkBstrK.sys
2008-11-10 15:13 . 2008-11-10 15:13 22,328 --a------ c:\users\jarousek\AppData\Roaming\PnkBstrK.sys
2008-11-10 15:12 . 2008-11-10 15:12 682,280 --a------ c:\windows\System32\pbsvc.exe
2008-11-10 15:12 . 2008-11-10 15:12 107,832 --a------ c:\windows\System32\PnkBstrB.exe
2008-11-10 15:12 . 2008-11-10 15:12 66,872 --a------ c:\windows\System32\PnkBstrA.exe
2008-11-08 11:03 . 2008-11-08 11:03 <DIR> d-------- c:\program files\Pro Evolution Soccer 2009
2008-11-04 18:03 . 2008-11-04 18:03 <DIR> d-------- c:\program files\Footy Live Updater
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Activision
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\users\All Users\Activision
2008-11-02 14:57 . 2008-11-02 14:57 <DIR> d-------- c:\programdata\Activision
2008-11-02 14:46 . 2008-11-02 14:46 <DIR> d-------- c:\windows\System32\xlive
2008-10-31 22:49 . 2008-10-31 22:49 <DIR> d-------- c:\program files\Alcohol Soft
2008-10-29 13:39 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll
2008-10-29 13:39 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll
2008-10-29 13:39 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll
2008-10-28 13:08 . 2008-10-28 13:08 <DIR> d-------- c:\users\jarousek\AppData\Roaming\Capcom
2008-10-27 23:04 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\System32\D3DX9_38.dll
2008-10-27 23:04 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\System32\D3DCompiler_38.dll
2008-10-27 23:04 . 2008-05-30 14:19 507,400 --a------ c:\windows\System32\XAudio2_1.dll
2008-10-27 23:04 . 2008-05-30 14:11 467,984 --a------ c:\windows\System32\d3dx10_38.dll
2008-10-27 23:04 . 2008-05-30 14:18 238,088 --a------ c:\windows\System32\xactengine3_1.dll
2008-10-27 23:04 . 2008-05-30 14:17 65,032 --a------ c:\windows\System32\XAPOFX1_0.dll
2008-10-27 23:04 . 2008-05-30 14:17 25,608 --a------ c:\windows\System32\X3DAudio1_4.dll
2008-10-27 13:13 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2008-10-27 13:13 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2008-10-27 13:13 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2008-10-27 13:13 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2008-10-27 13:13 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2008-10-27 13:13 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2008-10-27 09:24 . 2008-10-27 09:24 <DIR> d-------- c:\users\jarousek\Tekken3
2008-10-24 15:45 . 2008-10-24 15:45 <DIR> d-------- c:\users\jarousek\AppData\Roaming\2K Sports
2008-10-22 06:47 . 2008-10-22 06:47 995,328 --a------ c:\windows\System32\VSFilter.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-21 18:21 --------- d-----w c:\program files\DAEMON Tools Toolbar
2008-11-21 18:15 --------- d-----w c:\program files\ICQToolbar
2008-11-21 18:13 --------- d-----w c:\program files\Yahoo!
2008-11-19 21:33 --------- d-----w c:\users\jarousek\AppData\Roaming\uTorrent
2008-11-11 13:54 --------- d-----w c:\program files\ATI
2008-11-10 20:27 --------- d-----w c:\program files\ATI Technologies
2008-11-10 14:12 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-05 17:47 --------- d-----w c:\program files\Opera
2008-10-27 11:41 --------- d-----w c:\users\jarousek\AppData\Roaming\dvdcss
2008-10-24 19:10 --------- d-----w c:\program files\EA SPORTS
2008-10-19 14:52 --------- d-----w c:\programdata\Urban FreeStyle Soccer
2008-10-19 13:30 --------- d-----w c:\program files\Common Files\SWF Studio
2008-10-16 14:54 --------- d-----w c:\programdata\KONAMI
2008-10-14 18:51 --------- d-----w c:\program files\Windows Mail
2008-10-14 13:14 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2008-10-13 18:57 --------- d-----w c:\program files\PowerISO
2008-10-08 12:38 --------- d-----w c:\program files\SystemRequirementsLab
2008-10-01 16:59 --------- d-----w c:\users\jarousek\AppData\Roaming\Skype
2008-10-01 14:44 --------- d-----w c:\users\jarousek\AppData\Roaming\skypePM
2008-09-30 19:43 --------- d-----w c:\users\jarousek\AppData\Roaming\ATI
2008-09-30 19:01 --------- d-----w c:\program files\uTorrent
2008-09-30 18:11 --------- d-----w c:\program files\GameSpy
2008-09-30 16:55 --------- d-----w c:\program files\Longman
2008-09-28 15:55 --------- d-----w c:\program files\Croteam
2008-09-28 15:51 --------- d-----w c:\users\jarousek\AppData\Roaming\Canneverbe_Limited
2008-09-28 10:15 114,496 ----a-w c:\windows\system32\drivers\prodrv04.sys
2008-09-27 17:16 --------- d-----w c:\program files\Microsoft Games
2008-09-25 17:00 --------- d-----w c:\program files\TVKoo
2008-09-24 18:01 --------- d---a-w c:\programdata\TEMP
2008-09-24 03:09 3,976,192 ----a-w c:\windows\system32\drivers\atikmdag.sys
2008-09-24 01:10 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2008-08-27 18:42 674,138 ----a-w c:\windows\unins000.exe
2008-06-10 14:23 174 --sha-w c:\program files\desktop.ini
2008-03-17 16:42 32 ----a-w c:\users\All Users\ezsid.dat
2008-03-17 16:42 32 ----a-w c:\programdata\ezsid.dat
2008-02-01 12:06 0 ---h--w c:\users\All Users\PKP_DLds.DAT
2008-02-01 12:06 0 ---h--w c:\programdata\PKP_DLds.DAT
2008-01-27 06:32 20 ---h--w c:\users\All Users\PKP_DLec.DAT
2008-01-27 06:32 20 ---h--w c:\programdata\PKP_DLec.DAT
2007-08-28 11:58 87,608 ----a-w c:\users\jarousek\AppData\Roaming\ezpinst.exe
2007-08-28 11:58 47,360 ----a-w c:\users\jarousek\AppData\Roaming\pcouffin.sys
2007-03-06 23:33 1,222,656 ----a-w c:\users\jarousek\AppData\Roaming\Taskm.exe
2007-09-01 11:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-09-01 11:28 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-09-01 11:28 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{AD55C869-668E-457C-B270-0CFB2F61116F}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024]
[HKEY_CLASSES_ROOT\clsid\{ad55c869-668e-457c-b270-0cfb2f61116f}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ad55c869-668e-457c-b270-0cfb2f61116f}]
2008-07-10 13:04 1600024 --a------ c:\program files\livetvbar\tblive.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ad55c869-668e-457c-b270-0cfb2f61116f}"= "c:\program files\livetvbar\tblive.dll" [2008-07-10 1600024]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe" [2008-09-21 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-07-06 949376]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2007-09-27 122880]
"Flashget"="c:\program files\FlashGet\FlashGet.exe" [2007-09-25 2007088]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-11-21 1783808]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ir32"= c:\windows\system32\ir32_32.dll
"vidc.ir31"= c:\windows\system32\ir32_32.dll
"msacm.divxa32"= divxa32.acm
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MioSync.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MioSync.lnk
backup=c:\windows\pss\MioSync.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-24 16:02 490952 c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ErrorSmart]
--a------ 2008-08-27 05:39 16094456 c:\program files\ErrorSmart\ErrorSmart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
--a------ 2007-09-25 09:10 2007088 c:\program files\FlashGet\flashget.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-07-28 21:54 98304 c:\windows\System32\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2008-02-01 17:22 21898024 c:\program files\Skype\Phone\Skype.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{1A6B820B-B361-44C4-86FD-8580861B6E5D}c:\\program files\\chroma clash\\chromaclash.exe"= UDP:c:\program files\chroma clash\chromaclash.exe:ChromaClash
"UDP Query User{EDEA461D-C262-4418-A32F-80AEFE58DC0B}c:\\program files\\chroma clash\\chromaclash.exe"= TCP:c:\program files\chroma clash\chromaclash.exe:ChromaClash
"TCP Query User{580DA7B9-1AF5-44E9-8C6B-05675DDF0F28}c:\\program files\\culinatix\\sql anywhere 7\\win32\\rteng7.exe"= UDP:c:\program files\culinatix\sql anywhere 7\win32\rteng7.exe:Adaptive Server Anywhere Database Engine
"UDP Query User{EA5F6566-8AED-480F-AA19-2622EEEC1787}c:\\program files\\culinatix\\sql anywhere 7\\win32\\rteng7.exe"= TCP:c:\program files\culinatix\sql anywhere 7\win32\rteng7.exe:Adaptive Server Anywhere Database Engine
"TCP Query User{EFA2FD24-A4B8-4EC6-B954-382792596F5C}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{F493ADD5-429F-4ADD-88F9-74CA1DB058B5}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{D86772C6-1A55-4AE2-808F-E9CCC655101A}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{DAC4B32F-BDBA-4DA7-B073-1D16C6EF92E3}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{DDA82FA8-337E-47E4-B976-761AEAD51BA9}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{E999119A-90B6-43D3-B59F-5D7D44F2A3D2}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{80F0A9F6-9B97-455C-8DCD-71E04F5D1C7E}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{C8DB7B3D-C230-40A3-9C58-B64CAD9F7F66}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{218C9DCC-90DE-49A7-B13C-94378D0E16D3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7D97EA4B-2D43-4C3F-AF31-5E856C6227C5}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{0F7E1736-3535-4107-AB3C-16A9416EA80B}"= UDP:9522:BitComet 9522 TCP
"{E477C5A1-6FE6-44D4-8335-D19F6EBBE121}"= TCP:9522:BitComet 9522 UDP
"TCP Query User{6DED12DB-AAF5-4F16-B939-4AB05E914AD6}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{D50F35BC-C53F-418B-A548-F2F7F34AA671}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{F2844420-77BA-478E-95EF-213D4842C095}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{053215C3-127A-4D9A-9593-031FC056B188}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{2769BD30-1F92-408B-8B26-57393CFF7A7C}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= UDP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"UDP Query User{F035C6B7-51F4-41A4-AD5A-7469A96F4C75}c:\\program files\\nero\\nero 7\\nero showtime\\showtime.exe"= TCP:c:\program files\nero\nero 7\nero showtime\showtime.exe:Nero ShowTime
"TCP Query User{E458765D-9B96-4D54-9F96-A11E0341752D}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{A5C60D2F-421F-4243-948D-4B31970B4258}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"TCP Query User{C49DBEBD-4ED5-43E1-B59A-B92AAFF19CC5}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{B60A8385-ECF4-462C-BC18-575A17B481D4}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{9B8FDC0E-0DD3-4F99-ABD8-1C90959D59C0}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{9EDDF0DD-D4C3-4F69-88F9-DF35851B4B82}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{E1716D8D-C8AB-447A-9463-9DCB7E9817B2}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= UDP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"UDP Query User{155E3644-E2FC-41F2-A566-346C39FFCF72}c:\\program files\\nero\\nero 7\\nero home\\nerohome.exe"= TCP:c:\program files\nero\nero 7\nero home\nerohome.exe:Nero Home
"{67B283AC-8D1C-427E-9D50-00525F04F059}"= UDP:c:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:Zoo Tycoon 2 Executable
"{8609AAFA-18C3-462D-A232-41191423BC4B}"= TCP:c:\program files\Microsoft Games\Zoo Tycoon 2\zt.exe:Zoo Tycoon 2 Executable
"TCP Query User{D73CC057-2174-4B4D-93BA-A8BE3FF2BDE2}c:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:c:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"UDP Query User{052D7D26-DB66-47A5-B496-5CE01C487326}c:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:c:\program files\konami\pro evolution soccer 6\pes6.exe:pes6.exe
"TCP Query User{265FADE7-7B11-49EA-B105-B0EC2CDBE7D3}c:\\games\\paintball2\\paintball2.exe"= UDP:c:\games\paintball2\paintball2.exe:paintball2
"UDP Query User{130DE5D2-F1BB-46FB-B03C-54F4933EB90C}c:\\games\\paintball2\\paintball2.exe"= TCP:c:\games\paintball2\paintball2.exe:paintball2
"TCP Query User{D71AA27C-A33C-40B9-A27C-38A4E1717901}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= UDP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"UDP Query User{B253A665-F738-4B61-9EF0-73CCE426D7D8}c:\\users\\jarousek\\appdata\\roaming\\sopcast\\adv\\sopadver.exe"= TCP:c:\users\jarousek\appdata\roaming\sopcast\adv\sopadver.exe:sopadver.exe
"TCP Query User{E2206894-8FF3-4522-B097-987B0A5C5B0A}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{C12F6AE0-7CD9-4E43-B2D4-81CA4875543F}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"TCP Query User{921A3CB0-C18E-46E6-AB87-AE9A3FD86579}c:\\program files\\xfire\\ua_lsp_inst.exe"= UDP:c:\program files\xfire\ua_lsp_inst.exe:ua_lsp_inst
"UDP Query User{CCE2C3C8-604E-444A-95EF-3E155A1FC1E6}c:\\program files\\xfire\\ua_lsp_inst.exe"= TCP:c:\program files\xfire\ua_lsp_inst.exe:ua_lsp_inst
"TCP Query User{FBC0C9F2-9073-428F-90D7-01B56B0DDCC9}c:\\program files\\ea games\\medal of honor pacific assault(tm)\\mohpa.exe"= UDP:c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe:Medal of Honor Pacific Assault(tm)
"UDP Query User{485D27AB-94DB-4D05-926D-B56E7040BD54}c:\\program files\\ea games\\medal of honor pacific assault(tm)\\mohpa.exe"= TCP:c:\program files\ea games\medal of honor pacific assault(tm)\mohpa.exe:Medal of Honor Pacific Assault(tm)
"TCP Query User{0077AAF9-9219-4FC6-BC80-BDC64152265D}c:\\program files\\ea sports\\nhl08\\nhl2008.exe"= UDP:c:\program files\ea sports\nhl08\nhl2008.exe:nhl2008
"UDP Query User{AF0C3140-B756-411D-B974-2094720C1BAE}c:\\program files\\ea sports\\nhl08\\nhl2008.exe"= TCP:c:\program files\ea sports\nhl08\nhl2008.exe:nhl2008
"{BF9E6353-6C9F-4F73-B1C5-039ABE0DE941}"= UDP:c:\program files\DAP\DAP.exe:Download Accelerator Plus (DAP)
"{CB50C12F-DCA1-4F64-A88D-02276B767C32}"= TCP:c:\program files\DAP\DAP.exe:Download Accelerator Plus (DAP)
"TCP Query User{EDF06CD0-A76A-4551-ACEF-233F5C361AA4}c:\\program files\\thq\\dawn of war\\w40k.exe"= UDP:c:\program files\thq\dawn of war\w40k.exe:W40K
"UDP Query User{1BEF4F7D-2DB7-4CEE-B6F8-2F8768E95006}c:\\program files\\thq\\dawn of war\\w40k.exe"= TCP:c:\program files\thq\dawn of war\w40k.exe:W40K
"TCP Query User{1BDFA3E1-D658-4A66-A4D5-CD393CFDC8A9}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{CBEF3571-54E7-4BF9-89E2-650E3F349DB9}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{4BB96250-E214-4539-95E1-09E0EACE49A1}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{73A0E253-A60E-42A5-B1F8-01265231ABDC}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{DBDB5484-B5A0-443C-894A-811417E4EDB7}c:\\program files\\tvplayerclassic\\tvplayerclassic.exe"= UDP:c:\program files\tvplayerclassic\tvplayerclassic.exe:TvPlayerClassic
"UDP Query User{C91BFE53-AC7A-49F6-8A40-55AE795807D1}c:\\program files\\tvplayerclassic\\tvplayerclassic.exe"= TCP:c:\program files\tvplayerclassic\tvplayerclassic.exe:TvPlayerClassic
"TCP Query User{9C413FDE-3965-4897-B1CB-C00998F066C6}c:\\program files\\flashget\\flashget.exe"= UDP:c:\program files\flashget\flashget.exe:FlashGet
"UDP Query User{398409ED-3D82-4CEF-9C62-A55F5D243BD5}c:\\program files\\flashget\\flashget.exe"= TCP:c:\program files\flashget\flashget.exe:FlashGet
"TCP Query User{49BCB8AA-D2BA-4257-8B7B-6151876B7B24}c:\\program files\\valve\\hl.exe"= UDP:c:\program files\valve\hl.exe:Half-Life Launcher
"UDP Query User{0D9B10D5-ECB9-4254-ACB0-1074119C55BA}c:\\program files\\valve\\hl.exe"= TCP:c:\program files\valve\hl.exe:Half-Life Launcher
"TCP Query User{AC1B579D-B3D7-405F-8A57-2F33E6D7F3F3}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= UDP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"UDP Query User{653917D2-4AD3-4262-A361-7876A938C17C}c:\\program files\\teamspeak2_rc2\\server_windows.exe"= TCP:c:\program files\teamspeak2_rc2\server_windows.exe:Server
"TCP Query User{42ACF605-B591-4252-AE4D-F21768463387}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{7E0DA85F-F743-4EB6-AC0A-FBD5833379A3}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{39AAE2F8-89EE-4AC9-BF8A-EF772FEA9E90}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{280D376B-0CAF-4679-B336-B37EAAE7E3C3}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"{989DFF56-535B-448C-965F-D4635956B2F8}"= UDP:c:\program files\Zaklínač\System\witcher.exe:witcher
"{DBF498E5-87FD-41C6-A00E-B785B7EC6D91}"= TCP:c:\program files\Zaklínač\System\witcher.exe:witcher
"TCP Query User{825F5BF7-D1FB-4C6D-A63F-5F6AD69E2F9B}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{26CAD9ED-2D0F-46DC-80B3-82EB6C6929CD}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{BC637FC8-5B61-41B0-AD8F-2F20138D8A97}c:\\downloads\\sro_new_full-client_downloader.exe"= UDP:c:\downloads\sro_new_full-client_downloader.exe:Full-Client Downloader
"UDP Query User{30B26735-4684-45BB-B34C-516947981E16}c:\\downloads\\sro_new_full-client_downloader.exe"= TCP:c:\downloads\sro_new_full-client_downloader.exe:Full-Client Downloader
"TCP Query User{65E7A147-E3E9-4A4E-A235-5687582D3C33}c:\\program files\\sega\\iron man\\ironman.exe"= UDP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"UDP Query User{E598D3D7-A93C-49C3-B026-A783989F86B1}c:\\program files\\sega\\iron man\\ironman.exe"= TCP:c:\program files\sega\iron man\ironman.exe:A2M Game Engine
"{338201BD-37D8-47C8-82DB-31CB4CF6067D}"= UDP:c:\program files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:The Battle for Middle-earth(tm) II
"{B4F7E00F-65A4-4AEF-B2DC-6DD4BAB66EB6}"= TCP:c:\program files\Electronic Arts\The Battle for Middle-earth (tm) II\game.dat:The Battle for Middle-earth(tm) II
"{5AAE0FAE-5A87-44A4-B919-8F878277E1BE}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{965D5B0A-3413-49F2-85EB-5C86A2315D59}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{3FD9FB9F-EF10-41AF-B9E4-B38FFDF8BD7D}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{E20C7414-7647-4942-85DE-0731882ADEDE}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CB6CADA3-46FD-46BA-A2F6-F34FE4D6F50E}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{0F3CE649-300A-4C5B-A243-AFFAEFB57778}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{CB0D813E-68D5-4FB0-8794-576E37A52F69}"= Disabled:UDP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"{7D1E7768-0C25-476C-8B19-6B08B8F59008}"= Disabled:TCP:c:\program files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008
"TCP Query User{D406CDC0-7E17-4F97-9491-F6BD262020ED}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{15DA2DAA-14DA-46E3-A261-F6AB48E1287D}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{5F0B6F96-E09F-425E-A0B0-B48681826582}c:\\program files\\valusoft\\18 wheels of steel - across america\\prism3d.exe"= UDP:c:\program files\valusoft\18 wheels of steel - across america\prism3d.exe:prism3d
"UDP Query User{6A545B89-A228-4AFA-8B3D-B6D5FA4B378D}c:\\program files\\valusoft\\18 wheels of steel - across america\\prism3d.exe"= TCP:c:\program files\valusoft\18 wheels of steel - across america\prism3d.exe:prism3d
"TCP Query User{84B50B8C-AB39-42AD-8550-F20E6AB81A9C}c:\\program files\\common files\\uusee\\uuseemediacenter.exe"= UDP:c:\program files\common files\uusee\uuseemediacenter.exe:MediaCenter
"UDP Query User{F144B471-C30F-408E-8D9B-F0DF0D4E153C}c:\\program files\\common files\\uusee\\uuseemediacenter.exe"= TCP:c:\program files\common files\uusee\uuseemediacenter.exe:MediaCenter
"{B897C00A-6AAC-4CC9-8B5D-07E5127B27EC}"= Disabled:UDP:c:\users\jarousek\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"{384BB080-3105-4BF5-AF4D-C9023EC5BADD}"= Disabled:TCP:c:\users\jarousek\AppData\Local\Temp\ImInstaller\incredimail_installer.exe:IncrediMail Installer
"TCP Query User{52E24701-D3F8-49B2-A5AD-BF76C3CED646}c:\\program files\\speedball2 demo\\speedball2.exe"= UDP:c:\program files\speedball2 demo\speedball2.exe:Speedball2
"UDP Query User{B8801674-F02B-412E-A443-99E2143CC4EC}c:\\program files\\speedball2 demo\\speedball2.exe"= TCP:c:\program files\speedball2 demo\speedball2.exe:Speedball2
"TCP Query User{3120E6C5-CCD3-49EA-AC46-A4AEFFBB555A}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{3D88BC21-A1E2-481A-B9C0-DE1858370EDB}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{FD082FF5-3C0A-4A72-8179-6DC0DD1A460C}c:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= UDP:c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"UDP Query User{57339B54-FD00-4EE1-95FA-4CE8B3AD974A}c:\\program files\\ubisoft\\crytek\\far cry\\bin32\\farcry.exe"= TCP:c:\program files\ubisoft\crytek\far cry\bin32\farcry.exe:Far Cry
"TCP Query User{C091DD06-5AC9-43A5-BB34-36A27DFD935E}c:\\program files\\tvkoo\\tvkoo_071222_by_myp2p.eu.exe"= UDP:c:\program files\tvkoo\tvkoo_071222_by_myp2p.eu.exe:ViViMediaPlay
"UDP Query User{371BD28B-7298-4943-BF7A-88C5BDA486E2}c:\\program files\\tvkoo\\tvkoo_071222_by_myp2p.eu.exe"= TCP:c:\program files\tvkoo\tvkoo_071222_by_myp2p.eu.exe:ViViMediaPlay
"{E02C5303-72D2-49B2-A446-21C6A3F695D6}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{7C6A5B59-63FA-4AD7-9484-1684B1A260B2}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{376DA260-CD9F-4EB1-A74F-56B75C0D3FC4}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= UDP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"UDP Query User{7C024BFD-CF60-42F5-BB1C-0FE1F19ACDA6}c:\\program files\\konami\\pro evolution soccer 2009\\pes2009.exe"= TCP:c:\program files\konami\pro evolution soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{4C330118-7936-4454-9D2E-4680E3B51025}"= UDP:c:\games\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{F974B09F-7ACA-4E21-B92A-40931A0D3407}"= TCP:c:\games\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:Pro Evolution Soccer 2009
"{97FC1C23-0B8C-4E41-A1FB-168FDA916B11}"= UDP:c:\program files\Capcom\MotoGP 08\Launcher.exe:MotoGP 08
"{A03AB22A-136B-41FD-9225-E307EE35C578}"= TCP:c:\program files\Capcom\MotoGP 08\Launcher.exe:MotoGP 08
"{1F3018D3-AB19-447E-BEFD-4CFAE0983A29}"= UDP:c:\program files\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe:Quantum of Solace
"{9E26E0BE-1220-4D18-AF70-3515660B34B5}"= TCP:c:\program files\Activision\Quantum of Solace(TM)\JB_LiveEngine_s.exe:Quantum of Solace
"{69006797-D7E0-48C9-9CBC-5CC8684BEB40}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{B7D89E1E-35E1-4C86-99B1-C8635890CFF9}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA
"{9515AB48-0FFA-4F6D-84CB-856DBFAFB3AD}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{00CD37D1-D087-4EF5-A608-C263B3343A93}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB
"{B9D8BE9F-E8F2-47A2-BB99-5DE2F1A456A3}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{53CFFC9C-02B0-4B38-AB4D-A3F6376BE47D}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaWmp.exe:Call of Duty(R) - World at War(TM)
"{18B3EB01-945C-4E2C-9BC5-73F7C7B80A55}"= UDP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
"{78210EE4-4760-4F70-8498-F11476538331}"= TCP:c:\program files\Activision\Call of Duty - World at War\CoDWaW.exe:Call of Duty(R) - World at War(TM)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\\\WINDOWS\\\\svchost/czvhost.exe"= c:\windows\svchost/czvhost.exe:*:Enabled:svchost
"c:\\Program Files\\PPMate\\ppmate.exe"= c:\program files\PPMate\ppmate.exe:*:Enabled:PPMate
"c:\\Program Files\\PPMate\\ppamnet.exe"= c:\program files\PPMate\ppamnet.exe:*:Enabled:PPMate
"c:\\Program Files\\PPStream\\PPStream.exe"= c:\program files\PPStream\PPStream.exe:*:Enabled:PPSÍřÂçµçĘÓ
"c:\\Program Files\\PPStream\\PPSAP.exe"= c:\program files\PPStream\PPSAP.exe:*:Enabled:PPS ÍřÂçĽÓËŮĆ÷
"c:\\Program Files\\uusee\\UUSeePlayer.exe"= c:\program files\uusee\UUSeePlayer.exe:*:Enabled:UUPlayer
R1 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\pacer.sys [2008-07-08 72192]
R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\c:\windows\system32\drivers\sp_rsdrv2.sys [2008-11-21 141312]
R3 atikmdag;atikmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2008-09-24 3976192]
S1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [2007-07-11 114496]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
\shell\AutoRun\command - N:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e10731b-ea6f-11db-935b-00138fe1fb09}]
\shell\AutoRun\command - J:\Launch.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52b23437-864b-11dd-a602-00138fe1fb09}]
\shell\AutoRun\command - I:\starter.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6edfb87-1e80-11dc-953e-00138fe1fb09}]
\shell\AutoRun\command - I:\autorun.exe
\shell\setup\command - I:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b50fb5e9-39d9-11dd-80c3-00138fe1fb09}]
\shell\AutoRun\command - I:\Menu.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca14a774-e9ea-11db-9a3c-00138fe1fb09}]
\shell\AutoRun\command - I:\Autorun.exe
*Newly Created Service* - PROCEXP90
.
Obsah adresáře 'Naplánované úlohy'
2008-10-16 c:\windows\Tasks\ErrorSmart Scheduled Scan.job
- c:\program files\ErrorSmart\ErrorSmart.exe [2008-08-27 05:39]
2008-10-16 c:\windows\Tasks\ErrorSmart Scheduled Scan.job
- c:\program files\ErrorSmart [2008-08-27 19:51]
2008-11-21 c:\windows\Tasks\GoogleUpdateTaskUser.job
- c:\users\jarousek\AppData\Local\Google\Update\GoogleUpdate.exe [2008-09-21 11:19]
2008-11-21 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []
2008-11-21 c:\windows\Tasks\User_Feed_Synchronization-{5226FD64-F83E-447D-B6F5-E15B23E3601D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{86A44EF7-78FC-4e18-A564-B18F806F7F56} - (no file)
WebBrowser-{07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
MSConfigStartUp-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Free Download Manager - c:\program files\Free Download Manager\fdm.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
MSConfigStartUp-zzz_ImInstaller_IncrediMail - c:\users\jarousek\AppData\Local\Temp\ImInstaller\IncrediMail\incredimail_install.exe
.
------- Doplňkový sken -------
.
FireFox -: Profile - c:\users\jarousek\AppData\Roaming\Mozilla\Firefox\Profiles\grmwtajf.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
FF -: plugin - c:\program files\Microsoft Silverlight\2.0.30523.8\npctrl.dll
FF -: plugin - c:\program files\Opera\program\plugins\npdivx32.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF -: plugin - c:\users\jarousek\AppData\Local\Google\Update\1.2.131.27\npGoogleOneClick6.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-21 19:50:36
Windows 6.0.6001 Service Pack 1 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2008-11-21 19:57:07
ComboFix-quarantined-files.txt 2008-11-21 18:57:00
Před spuštěním: Volných bajtů: 27 076 571 136
Po spuštění: Volných bajtů: 26,987,806,720
389 --- E O F --- 2008-11-19 11:35:13
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43292
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů