Tak flash zdá se čistá, ještě logy:
ComboFix 09-04-04.01 - Petr 2009-04-08 18:12:36.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1023.627 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petr\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated)
FW: ESET personal firewall *enabled*
* Vytvořen nový Bod Obnovení
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
FILE ::
c:\windows\Internet Logs\rDB80.tmp
c:\windows\Internet Logs\rDB81.tmp
c:\windows\Internet Logs\rDB82.tmp
c:\windows\Internet Logs\rDB83.tmp
c:\windows\system32\391854444D.sys
c:\windows\system32\A55CC628CE.sys
c:\windows\system32\cufkaafd.dll
c:\windows\system32\ffhqmuyb.dll
c:\windows\system32\flvDX.dll
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\rcwdxokc.dll
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Internet Logs\rDB80.tmp
c:\windows\Internet Logs\rDB81.tmp
c:\windows\Internet Logs\rDB82.tmp
c:\windows\Internet Logs\rDB83.tmp
c:\windows\system32\391854444D.sys
c:\windows\system32\A55CC628CE.sys
c:\windows\system32\cufkaafd.dll
c:\windows\system32\flvDX.dll
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\rcwdxokc.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-08 do 2009-04-08 )))))))))))))))))))))))))))))))
.
7258-10-09 07:05 . 2001-08-17 20:13 27,165 --a------ c:\windows\system32\drivers\fetnd5.sys
7258-10-09 07:05 . 2001-08-17 20:13 27,165 --a--c--- c:\windows\system32\dllcache\fetnd5.sys
2009-04-08 00:20 . 2009-04-08 00:20 <DIR> d-------- c:\windows\system32\Adobe
2009-04-08 00:14 . 2009-04-08 00:14 <DIR> d-------- c:\windows\Sun
2009-04-08 00:12 . 2009-04-08 00:12 <DIR> d-------- c:\documents and settings\Bohuslav.PETR-WO94E1KAOP\Data aplikací\ESET
2009-04-07 23:58 . 2009-04-07 23:58 <DIR> d-------- c:\program files\MSXML 4.0
2009-04-07 23:58 . 2002-12-12 01:34 208,896 --a------ c:\windows\system32\wmpns.dll
2009-04-07 23:52 . 2008-10-16 03:03 667,136 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-04-07 23:52 . 2008-06-14 19:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-04-07 23:51 . 2008-10-16 03:03 1,499,648 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-04-07 23:51 . 2008-10-16 03:03 619,008 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-04-07 23:50 . 2008-08-14 15:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-07 23:50 . 2008-08-14 15:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-07 23:50 . 2008-08-14 15:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-04-07 23:50 . 2008-08-14 15:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-07 23:49 . 2008-12-12 19:03 3,088,896 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-04-07 23:48 . 2008-05-08 16:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-04-07 23:47 . 2008-04-11 21:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-04-07 23:47 . 2008-10-24 13:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-04-07 23:47 . 2008-12-11 12:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-04-07 23:47 . 2008-05-01 16:37 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-04-07 23:45 . 2008-09-04 19:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-04-07 23:45 . 2008-10-15 18:38 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-04-07 23:41 . 2009-04-08 00:07 <DIR> d--h----- c:\windows\$hf_mig$
2009-04-07 23:41 . 2009-04-08 00:07 1,355 --a------ c:\windows\imsins.BAK
2009-04-07 22:42 . 2009-04-07 22:42 45 --a------ c:\windows\system32\initdebug.nfo
2009-04-07 21:53 . 2009-04-07 21:53 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\ESET
2009-04-07 21:51 . 2009-04-07 21:51 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ESET
2009-04-07 18:59 . 2009-04-07 18:59 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Malwarebytes
2009-04-07 18:59 . 2009-04-06 15:32 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-07 18:59 . 2009-04-06 15:32 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-04-07 18:58 . 2009-04-07 18:58 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-04-07 18:56 . 2009-04-07 18:56 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-07 18:56 . 2009-04-07 18:56 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-07 18:55 . 2009-04-07 18:55 <DIR> d-------- c:\program files\Java
2009-04-07 18:08 . 2009-04-07 18:08 <DIR> d-------- c:\documents and settings\Petr\Pavark
2009-04-03 19:00 . 2009-04-03 19:00 <DIR> d-------- c:\program files\Common Files\ParallelGraphics
2009-04-03 18:12 . 2009-04-03 19:01 2,516 --a------ c:\windows\mozver.dat
2009-04-03 12:13 . 2009-04-03 12:13 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Motive
2009-04-01 21:42 . 2009-04-01 21:42 0 --a------ c:\windows\nsreg.dat
2009-03-30 18:24 . 2009-03-30 18:24 <DIR> d-------- c:\program files\CosmoSoftware
2009-03-30 16:31 . 2009-04-08 00:08 <DIR> d-------- c:\program files\Room Arranger
2009-03-24 20:04 . 2008-04-14 08:43 31,744 --a------ c:\windows\system32\drivers\wceusbsh.sys
2009-03-24 20:04 . 2008-04-14 08:43 31,744 --a--c--- c:\windows\system32\dllcache\wceusbsh.sys
2009-03-23 23:19 . 2009-03-23 23:19 <DIR> d-------- c:\program files\IrfanView
2009-03-19 11:45 . 2009-03-19 11:45 131,976 --a------ c:\windows\system32\drivers\epfw.sys
2009-03-19 11:45 . 2009-03-19 11:45 55,768 --a------ c:\windows\system32\drivers\epfwtdi.sys
2009-03-19 11:45 . 2009-03-19 11:45 33,096 --a------ c:\windows\system32\drivers\epfwndis.sys
2009-03-19 11:44 . 2009-03-19 11:44 107,256 --a------ c:\windows\system32\drivers\ehdrv.sys
2009-03-19 11:41 . 2009-03-19 11:41 113,960 --a------ c:\windows\system32\drivers\eamon.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 18:44 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-07 17:13 --------- d-----w c:\documents and settings\All Users\Data aplikací\Symantec
2009-04-07 16:00 --------- d-----w c:\program files\Trend Micro
2009-04-06 17:04 --------- d-----w c:\program files\Mystik Media
2009-04-04 11:29 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-25 16:01 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-03-06 17:36 --------- d-----w c:\program files\phenomedia
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2003-12-06 16:03 49,144 ----a-w c:\documents and settings\Petr\Data aplikací\GDIPFONTCACHEV1.DAT
2001-08-27 23:25 5,029,136 ----a-w c:\windows\inf\mp8.exe
2001-08-27 10:00 229,376 ----a-w c:\windows\inf\unregmp2.exe.tmp
1998-11-18 12:10 10,000 ----a-w c:\windows\inf\unregpn.exe
2007-09-16 06:48 66,408 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2007-09-16 06:48 54,112 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2007-09-16 06:48 34,688 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2007-09-16 06:48 46,456 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2007-09-16 06:48 171,880 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-04-07_21.05.40,06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:25:38 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:02 759,160 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:02 391,032 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-04-11 22:23:36 691,712 ----a-w c:\windows\$hf_mig$\KB951066\SP3QFE\inetcomm.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB951066\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB951066\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB951066\update\spcustom.dll
+ 2007-12-03 15:25:20 759,160 ----a-w c:\windows\$hf_mig$\KB951066\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB951066\update\updspapi.dll
+ 2008-05-07 05:05:01 1,290,752 ----a-w c:\windows\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB951698\update\updspapi.dll
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2008-05-09 10:51:58 512,000 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\jscript.dll
+ 2008-05-09 10:51:58 180,224 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrobj.dll
+ 2008-05-09 10:51:58 172,032 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\scrrun.dll
+ 2008-05-09 10:51:58 430,080 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\vbscript.dll
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2008-05-09 10:51:58 90,112 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wshext.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB951978\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB951978\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB951978\update\spcustom.dll
+ 2007-11-30 12:39:02 759,160 ----a-w c:\windows\$hf_mig$\KB951978\update\update.exe
+ 2007-11-30 12:39:02 391,032 ----a-w c:\windows\$hf_mig$\KB951978\update\updspapi.dll
+ 2008-06-24 16:54:26 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:09 18,296 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:09 233,848 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:09 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-12-05 07:00:41 144,896 ----a-w c:\windows\$hf_mig$\KB960225\SP3QFE\schannel.dll
+ 2007-11-30 11:18:25 18,296 ----a-w c:\windows\$hf_mig$\KB960225\spmsg.dll
+ 2007-11-30 11:18:25 233,848 ----a-w c:\windows\$hf_mig$\KB960225\spuninst.exe
+ 2007-11-30 11:18:25 26,488 ----a-w c:\windows\$hf_mig$\KB960225\update\spcustom.dll
+ 2007-11-30 12:39:09 759,160 ----a-w c:\windows\$hf_mig$\KB960225\update\update.exe
+ 2007-11-30 12:39:10 391,032 ----a-w c:\windows\$hf_mig$\KB960225\update\updspapi.dll
+ 2008-06-17 19:04:42 8,465,920 ----a-w c:\windows\$hf_mig$\KB967715\SP3QFE\shell32.dll
+ 2008-07-09 07:36:00 18,296 ----a-w c:\windows\$hf_mig$\KB967715\spmsg.dll
+ 2008-07-09 07:36:01 233,848 ----a-w c:\windows\$hf_mig$\KB967715\spuninst.exe
+ 2008-07-09 07:36:00 26,488 ----a-w c:\windows\$hf_mig$\KB967715\update\spcustom.dll
+ 2008-07-09 07:36:04 759,160 ----a-w c:\windows\$hf_mig$\KB967715\update\update.exe
+ 2008-07-09 07:36:11 391,032 ----a-w c:\windows\$hf_mig$\KB967715\update\updspapi.dll
- 2006-05-26 15:24:23 1,257,472 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-04-07 22:02:57 1,265,664 ----a-w c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
- 2006-05-26 15:24:27 1,224,704 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-04-07 22:02:57 1,232,896 ----a-w c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2009-04-07 22:04:03 118,784 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_038878c5\CustomMarshalers.dll
+ 2009-04-07 22:03:14 61,440 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b185b2f8\CustomMarshalers.dll
+ 2009-04-07 22:03:52 3,391,488 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a48cb987\mscorlib.dll
+ 2009-04-07 22:04:29 8,908,800 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c8ee543a\mscorlib.dll
+ 2009-04-07 22:04:21 3,395,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4225391f\System.Design.dll
+ 2009-04-07 22:03:45 1,470,464 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_fa953d3e\System.Design.dll
+ 2009-04-07 22:04:04 192,512 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_93fa4c14\System.Drawing.Design.dll
+ 2009-04-07 22:03:17 90,112 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_d1ddc905\System.Drawing.Design.dll
+ 2009-04-07 22:03:48 835,584 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_58a188c4\System.Drawing.dll
+ 2009-04-07 22:04:23 2,244,608 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_91551ffc\System.Drawing.dll
+ 2009-04-07 22:04:10 7,884,800 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_75288c0a\System.Windows.Forms.dll
+ 2009-04-07 22:03:26 3,018,752 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_b54a0f2a\System.Windows.Forms.dll
+ 2009-04-07 22:04:16 5,513,216 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_40910b82\System.Xml.dll
+ 2009-04-07 22:03:37 2,088,960 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_b5ab5641\System.Xml.dll
+ 2009-04-07 22:03:12 1,966,080 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_82ce0e1c\System.dll
+ 2009-04-07 22:04:02 4,788,224 ----a-w c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ae465dfb\System.dll
+ 2006-05-26 15:24:45 1,953,792 ------w c:\windows\assembly\temp\FKOSW049DH\System.dll
+ 2006-05-26 15:24:23 1,257,472 ------w c:\windows\assembly\temp\HNRVZ38CGK\System.Web.dll
+ 2006-05-26 15:28:04 3,379,200 ------w c:\windows\assembly\temp\KPTX26AEIM\mscorlib.dll
+ 2006-05-26 15:25:02 3,014,656 ------w c:\windows\assembly\temp\MRVZ48CGKO\System.Windows.Forms.dll
+ 2006-05-26 15:24:27 1,224,704 ------w c:\windows\assembly\temp\NTX159DHLQ\System.dll
+ 2006-05-26 15:27:13 2,088,960 ------w c:\windows\assembly\temp\QW048CGKOT\System.Xml.dll
+ 2006-05-26 15:27:56 835,584 ------w c:\windows\assembly\temp\SX159DHLQU\System.Drawing.dll
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-14 13:26:30 2,147,328 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:26:42 2,068,224 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:26:27 2,025,984 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:26:30 2,191,360 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-04-07 21:58:45 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-04-07 19:52:58 10,134 ----a-r c:\windows\Installer\{CD1A2DA0-9B7F-45BB-8154-B7CFD2F28FB9}\callmsi.exe
+ 2009-04-07 19:52:58 97,360 ----a-r c:\windows\Installer\{CD1A2DA0-9B7F-45BB-8154-B7CFD2F28FB9}\egui.exe
- 2004-07-14 23:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2007-04-13 19:30:52 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-14 23:49:22 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2007-04-13 19:30:52 32,768 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2004-07-14 22:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2007-04-13 18:57:52 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 19:09:14 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2007-04-13 18:57:58 86,016 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 22:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2007-04-13 18:56:30 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2004-07-14 22:33:04 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2007-04-13 18:58:00 102,400 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-15 12:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2007-04-13 18:50:46 2,142,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2003-02-20 19:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2007-04-13 18:58:02 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2004-07-14 22:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2007-04-13 18:57:00 2,523,136 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2004-07-14 22:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2007-04-13 18:57:28 2,514,944 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2004-08-10 14:20:00 106,496 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2007-01-15 14:11:26 73,728 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-14 23:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_aspnet_isapi.dll
+ 2004-07-14 22:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_CORPerfMonExt.dll
+ 2004-07-14 22:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_fusion.dll
+ 2004-07-14 22:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_mscorjit.dll
+ 2004-07-15 12:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_mscorlib.dll
+ 2003-02-20 19:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_mscorsn.dll
+ 2004-07-14 22:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_mscorsvr.dll
+ 2004-07-14 22:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_mscorwks.dll
+ 2003-02-21 04:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_msvcr71.dll
+ 2004-07-14 22:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2828\_PerfCounter.dll
- 2004-07-15 12:31:16 1,224,704 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2007-04-13 19:35:38 1,232,896 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2004-07-15 12:29:00 1,257,472 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2007-04-13 19:35:46 1,265,664 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2009-03-19 15:45:16 131,072 ----a-w c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2009-03-19 15:55:40 202,168 ----a-w c:\windows\system32\Adobe\Director\SwDir.dll
+ 2009-03-19 15:45:56 614,400 ----a-w c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2009-03-19 15:24:48 1,798,144 ----a-w c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2009-03-19 15:45:58 9,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2009-03-19 15:15:38 704,000 ----a-w c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2009-03-19 15:15:40 1,145,896 ----a-w c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2009-03-19 15:15:38 52,288 ----a-w c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2009-03-19 15:20:58 1,011,712 ----a-w c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2009-03-19 15:44:24 376,832 ----a-w c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2009-03-19 15:46:20 442,368 ----a-w c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2009-03-19 15:55:14 460,216 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwHelper_1150595.exe
+ 2009-03-19 15:43:36 114,688 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2009-03-19 15:43:34 94,208 ----a-w c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2009-03-19 15:15:38 58,736 ----a-w c:\windows\system32\Adobe\Shockwave 11\SYMCCHECKER.DLL
+ 2009-04-07 22:20:07 78,482 ----a-w c:\windows\system32\Adobe\uninstaller.exe
- 2008-04-14 06:51:38 66,560 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 12:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2008-04-14 06:52:18 139,264 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
+ 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-10-16 12:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-05-07 09:07:23 135,168 -c----w c:\windows\system32\dllcache\cscript.exe
+ 2008-06-20 17:49:25 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-07-07 20:29:06 253,952 -c----w c:\windows\system32\dllcache\es.dll
+ 2008-10-23 12:42:52 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-05-09 10:56:13 512,000 -c----w c:\windows\system32\dllcache\jscript.dll
- 2004-08-11 00:45:04 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-10 07:17:42 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-24 16:44:28 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
+ 2008-06-20 17:49:25 247,296 -c----w c:\windows\system32\dllcache\mswsock.dll
- 2008-04-14 06:51:50 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-05-07 05:12:00 1,290,752 -c----w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-09 10:56:13 180,224 -c----w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:56:13 172,032 -c----w c:\windows\system32\dllcache\scrrun.dll
+ 2008-06-17 19:02:56 8,465,408 -c----w c:\windows\system32\dllcache\shell32.dll
+ 2008-12-05 06:57:54 144,896 -c----w c:\windows\system32\dllcache\schannel.dll
- 2008-04-14 06:52:04 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:04:44 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-05-09 10:56:13 430,080 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2009-02-09 14:07:41 1,846,784 -c----w c:\windows\system32\dllcache\win32k.sys
- 2004-08-11 00:45:04 229,376 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2007-10-20 04:01:32 227,328 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2004-08-11 00:45:04 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2008-06-10 09:37:02 1,026,048 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2004-08-11 00:45:06 2,362,104 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-10 09:57:40 2,364,472 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-05-08 11:24:44 155,648 -c----w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:56:14 90,112 -c----w c:\windows\system32\dllcache\wshext.dll
+ 2008-10-16 12:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 12:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 12:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 12:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 12:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 12:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2008-04-14 06:51:40 147,968 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:49:25 147,968 ----a-w c:\windows\system32\dnsapi.dll
- 2008-04-13 22:49:24 138,112 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
- 2008-04-14 05:45:10 272,896 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\system32\drivers\bthport.sys
- 2008-04-13 22:47:02 456,576 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2008-04-13 22:25:10 202,624 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2008-04-13 22:45:12 334,848 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-04-13 22:50:18 361,344 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2008-04-13 22:30:04 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2008-04-14 06:51:42 246,272 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:29:06 253,952 ----a-w c:\windows\system32\es.dll
- 2009-02-11 15:51:09 835,040 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-04-07 22:09:47 835,040 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 06:51:42 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:42:52 286,720 ----a-w c:\windows\system32\gdi32.dll
+ 1996-04-03 19:33:26 5,248 ----a-w c:\windows\system32\giveio.sys
- 2008-04-14 06:51:44 691,712 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:06:23 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2008-04-14 06:51:46 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:56:13 512,000 ----a-w c:\windows\system32\jscript.dll
- 2004-08-11 00:45:04 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-10 07:17:42 96,768 ----a-w c:\windows\system32\logagent.exe
- 2009-02-02 16:15:00 3,771,296 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2009-02-03 02:15:28 3,771,296 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-02-02 16:15:00 240,544 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-02-03 02:15:30 240,544 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-04-08 13:41:01 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-02-25 10:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe
- 2008-04-14 06:51:48 73,728 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:44:28 74,240 ----a-w c:\windows\system32\mscms.dll
- 2004-07-14 22:24:50 155,648 ----a-w c:\windows\system32\mscoree.dll
+ 2006-12-22 10:28:14 271,360 ----a-w c:\windows\system32\mscoree.dll
- 2008-04-14 06:51:50 3,066,880 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:03:20 3,088,896 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-14 06:51:50 247,296 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:49:25 247,296 ----a-w c:\windows\system32\mswsock.dll
- 2008-04-14 06:51:50 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:17:12 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2003-04-18 17:46:22 1,233,920 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 14:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-04-14 06:51:50 1,306,624 ------w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 ------w c:\windows\system32\msxml6.dll
+ 2006-12-22 11:02:36 6,144 ----a-w c:\windows\system32\mui\
0409\mscorees.dll
- 2008-04-14 06:51:52 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:38:26 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2008-04-14 06:06:34 2,067,968 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:26:42 2,068,224 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 06:07:10 2,191,104 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:26:30 2,191,360 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-04-14 06:51:56 1,290,752 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:00 1,290,752 ----a-w c:\windows\system32\quartz.dll
- 2008-04-14 06:51:56 180,224 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:56:13 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2008-04-14 06:51:56 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:56:13 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2008-04-14 06:51:56 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-10-16 01:03:18 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-04-14 06:51:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
- 2008-04-14 06:51:56 144,384 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:57:54 144,896 ----a-w c:\windows\system32\schannel.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2006-09-24 13:28:46 5,248 ----a-w c:\windows\system32\speedfan.sys
- 2007-08-10 18:43:48 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:18:25 18,296 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 06:52:04 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:04:44 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 06:52:52 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-04-14 06:52:06 620,032 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 01:03:18 619,008 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-14 06:52:06 434,176 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:56:13 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2008-04-14 06:52:06 667,136 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 01:03:18 667,136 ----a-w c:\windows\system32\wininet.dll
- 2004-08-11 00:45:04 229,376 ----a-w c:\windows\system32\wmasf.dll
+ 2007-10-20 04:01:32 227,328 ----a-w c:\windows\system32\wmasf.dll
- 2004-08-11 00:45:04 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-10 09:37:02 1,026,048 ----a-w c:\windows\system32\WMNetmgr.dll
- 2004-08-10 22:41:20 5,550,080 ----a-w c:\windows\system32\wmp.dll
+ 2007-04-30 06:20:24 5,537,792 ----a-w c:\windows\system32\wmp.dll
- 2004-08-11 00:45:06 2,362,104 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-10 09:57:40 2,364,472 ----a-w c:\windows\system32\WMVCore.dll
- 2008-04-14 06:52:56 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2008-04-14 06:52:08 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:56:14 90,112 ----a-w c:\windows\system32\wshext.dll
- 2008-04-14 06:52:08 431,104 ------w c:\windows\system32\wuapi.dll
+ 2008-10-16 12:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-04-14 06:52:56 111,104 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 12:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-04-14 06:52:10 1,135,616 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 12:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-04-14 06:52:10 112,640 ------w c:\windows\system32\wucltui.dll
+ 2008-10-16 12:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2008-04-14 06:52:10 32,256 ------w c:\windows\system32\wups.dll
+ 2008-10-16 12:08:58 34,328 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 12:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-04-14 06:52:10 120,320 ------w c:\windows\system32\wuweb.dll
+ 2008-10-16 12:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-04-08 16:01:58 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_340.dat
+ 2008-09-30 14:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 14:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:51:49 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CursorXP"="c:\program files\CursorXP\CursorXP.exe" [2003-03-01 125440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"wcmdmgr"="c:\windows\wt\wcmdmgrl.exe" [2000-09-15 20480]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-11-09 128920]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-07 148888]
"egui"="h:\program files\ESET\ESET Smart Security\egui.exe" [2009-03-19 2029640]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"vidc.iv31"= c:\windows\System32\ir32_32.dll
"vidc.iv32"= c:\windows\System32\ir32_32.dll
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"vidc.ir41"= c:\windows\System32\ir41_32.ax
"VIDC.VDOM"= vdowave.drv
"VIDC.JPEG"= jpegCode.dll
"VIDC.MJPG"= jpegCode.dll
"vidc.I263"= i263_32.drv
"vidc.xvid"= xvid.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\EA SPORTS\\F1 2002\\f1_2002.exe"=
"c:\\Program Files\\Casino\\Diamond Club Casino\\crypt\\ssr.exe"=
"h:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-03-19 107256]
R2 ekrn;ESET Service;h:\program files\ESET\ESET Smart Security\ekrn.exe [2009-03-19 731840]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2002-08-29 69120]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S2 gvkbhopp;Monitor Helper;c:\windows\system32\svchost.exe -k netsvcs [2001-10-25 14336]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
gvkbhopp
.
Obsah adresáře 'Naplánované úlohy'
2009-02-20 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe []
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\hgzgo47m.default\
FF - prefs.js: browser.startup.homepage -
www.seznam.cz---- NASTAVENÍ FIREFOXU ----
h:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-04-08 18:16:42
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\gvkbhopp]
"ServiceDll"="c:\windows\system32\ffhqmuyb.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-2052111302-484763869-1343024091-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\*@]
"DisplayName"="\10"
"DeviceDesc"="\10"
"ProviderName"="????"
"MFG"="\\CurrentControlSet\\Services\\ati2mtag\\Device0"
"ReinstallString"="c:\\WINDOWS\\System32\\ReinstallBackups\\?\\DriverFiles\\?\11??\
04.INF"
"DeviceInstanceIds"=multi:"\
0c\
00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1124)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-04-08 18:19:43
ComboFix-quarantined-files.txt 2009-04-08 16:18:49
ComboFix2.txt 2009-04-07 19:07:28
Před spuštěním: 1 140 113 408
Po spuštění: 1,127,178,240
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
509 --- E O F --- 2009-04-07 22:08:05
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:21:07, on 8.4.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
H:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\wt\wcmdmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
H:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
H:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "H:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - H:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - H:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
--
End of file - 6233 bytes
, použil jsem zatím Avast, ale raději prosím o kontrolu logu.
)