Vycházel jsem z těch výmazů v combofixu , pěkná sbírka:
c:\documents and settings\Počítač\Data aplikací\m\shared\[app.ita]Avast!.Professional.Edition.4.7.942.keygen.freddy.zip
c:\documents and settings\Počítač\Data aplikací\m\shared\Kaspersky.Security.For.Pda.v5.0.(Crack).zip
c:\documents and settings\Počítač\Data aplikací\m\shared\KFWhois 3.1.0 With Crack.zip
c:\documents and settings\Počítač\Data aplikací\m\shared\MemoryBoost Pro 2.6.15 (Cracked).zip
c:\documents and settings\Počítač\Data aplikací\m\shared\NOD32 v2.51.20 Italiano + crack.zip
c:\documents and settings\Počítač\Data aplikací\m\shared\Nod32.V2.70.9.Beta.+.NOD32.Fix.v2.7.0.Beta.zip
c:\documents and settings\Počítač\Data aplikací\m\shared\OfficeLetterHeads 3.1 (KeyGen).zip
c:\documents and settings\Počítač\Data aplikací\m\shared\Usa Capitol Screen Saver 1.0 [Cracked].zip
Add:to je script na dočištění , proveď.
Nefunguje mi zadny antivir :( Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nefunguje mi zadny antivir :(
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Nefunguje mi zadny antivir :(
ok zitra to udelam
Re: Nefunguje mi zadny antivir :(
Přikládám ty logy:
HJT:
Logfile of HijackThis v1.99.1
Scan saved at 13:37:20, on 25.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Počítač\Plocha\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak Inc - C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
Combofix:
ComboFix 09-03-22.01 - Počítač 2009-03-25 13:28:26.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.511.225 [GMT 1:00]
Spuštěný z: c:\documents and settings\Počítač\Plocha\VerTerm.exe
Použité ovládací přepínače :: c:\documents and settings\Počítač\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090324-0] *On-access scanning disabled* (Updated)
* Vytvořen nový Bod Obnovení
FILE ::
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\tmpD0.tmp
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\tmpD0.tmp
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-02-25 do 2009-03-25 )))))))))))))))))))))))))))))))
.
2009-03-25 13:26 . 2009-03-25 13:26 <DIR> d-------- c:\windows\LastGood
2009-03-23 21:13 . 2009-03-23 21:13 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-23 14:17 . 2008-10-16 02:03 1,499,648 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-03-23 14:17 . 2008-10-16 02:03 667,136 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-03-23 14:17 . 2008-10-16 02:03 619,008 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-03-23 14:17 . 2008-06-14 18:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-03-23 14:14 . 2008-08-14 14:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-23 14:13 . 2008-12-12 18:03 3,088,896 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-03-23 14:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-03-23 14:12 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-03-23 14:11 . 2008-04-11 20:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-03-23 14:11 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-03-23 14:11 . 2008-05-01 15:37 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-03-23 14:08 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-03-23 14:08 . 2008-10-15 17:38 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-03-23 14:05 . 2009-03-23 21:19 <DIR> d--h----- c:\windows\$hf_mig$
2009-03-23 13:44 . 2009-03-23 13:44 <DIR> d-------- c:\program files\ESET
2009-03-23 13:44 . 2009-03-23 13:44 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ESET
2009-03-23 13:04 . 2009-03-23 13:05 <DIR> d-------- c:\program files\trend micro
2009-03-23 13:01 . 2009-03-23 12:57 781,909 --a------ C:\RSIT.exe
2009-03-23 12:57 . 2009-03-23 12:57 <DIR> d-------- C:\rsit
2009-03-23 12:33 . 2009-03-23 12:33 <DIR> d-------- C:\avira
2009-03-22 19:02 . 2009-03-22 19:02 <DIR> d-------- c:\program files\BillP Studios
2009-03-22 19:02 . 2009-03-23 12:33 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\WinPatrol
2009-03-22 17:02 . 2009-03-22 17:02 <DIR> d-------- c:\program files\Alwil Software
2009-03-22 16:49 . 2009-03-23 13:25 <DIR> d--h----- c:\documents and settings\Počítač\Data aplikací\drivers
2009-03-22 16:00 . 2009-03-22 16:00 <DIR> d-------- c:\program files\eMule
2009-03-22 15:16 . 2009-03-23 21:10 <DIR> d-------- c:\program files\ZModeler
2009-03-22 11:10 . 2009-03-22 11:10 <DIR> d-------- c:\program files\WinSCP
2009-03-21 10:55 . 2009-03-22 08:57 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\skypePM
2009-03-21 10:55 . 2009-03-22 15:24 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Skype
2009-03-21 10:55 . 2009-03-21 10:55 32 --a------ c:\documents and settings\All Users\Data aplikací\ezsid.dat
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\program files\Skype
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Skype
2009-03-21 09:42 . 2009-03-21 09:42 <DIR> d-------- c:\program files\Sanny Builder 3
2009-03-18 17:17 . 2009-03-21 12:41 <DIR> d-------- c:\program files\Rockstar Games
2009-03-18 16:06 . 2009-03-18 16:06 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
2009-03-18 16:06 . 2009-03-18 16:06 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motccgp_01005.Wdf
2009-03-18 14:51 . 2009-03-18 14:51 0 --a------ c:\windows\system32\BSPRINT.INI
2009-03-18 14:50 . 2009-03-18 14:50 <DIR> d-------- c:\program files\IVT Corporation
2009-03-18 14:40 . 2009-03-18 14:51 32 --a------ c:\windows\0
2009-03-18 14:40 . 2009-03-18 14:40 0 --a------ c:\windows\system32\0
2009-03-18 14:13 . 2009-03-18 14:13 <DIR> d-------- c:\program files\MyPhoneExplorer
2009-03-18 14:13 . 2009-03-18 14:13 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\MyPhoneExplorer
2009-03-16 19:42 . 2009-03-16 19:42 <DIR> dr-h----- c:\documents and settings\Počítač\Data aplikací\SecuROM
2009-03-13 21:59 . 2009-03-19 17:06 <DIR> d-------- C:\Ke stažení
2009-03-13 21:18 . 2009-03-13 21:18 36 --a------ c:\windows\CONTEXT.INI
2009-03-13 13:37 . 2009-03-13 13:37 <DIR> d-------- c:\program files\OpenAL
2009-03-13 13:37 . 2009-03-13 13:37 409,600 --a------ c:\windows\system32\wrap_oal.dll
2009-03-13 13:37 . 2009-03-13 13:37 114,688 --a------ c:\windows\system32\OpenAL32.dll
2009-03-13 13:31 . 2009-03-13 13:31 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-13 13:29 . 2009-03-13 13:29 <DIR> d-------- c:\program files\Bohemia Interactive
2009-03-13 12:37 . 2009-03-13 12:37 <DIR> d-------- c:\program files\D-Tools
2009-03-13 12:37 . 2004-08-22 16:31 155,136 --a------ c:\windows\system32\drivers\d347bus.sys
2009-03-13 12:37 . 2004-08-22 16:31 5,248 --a------ c:\windows\system32\drivers\d347prt.sys
2009-03-13 12:36 . 2009-03-13 12:36 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-12 21:27 . 2009-03-12 21:27 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\InstallShield
2009-03-12 21:25 . 2009-03-12 21:27 <DIR> d-------- c:\program files\Avanquest update
2009-03-12 21:25 . 2008-04-14 00:15 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2009-03-12 21:25 . 2008-04-14 00:15 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2009-03-12 21:24 . 2009-03-18 15:00 <DIR> d-------- c:\program files\Motorola Phone Tools
2009-03-12 21:24 . 2009-03-12 21:29 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\BVRP Software
2009-03-12 21:24 . 2009-03-12 21:24 92,064 --a------ c:\documents and settings\Počítač\mqdmmdm.sys
2009-03-12 21:24 . 2009-03-12 21:24 92,064 --a------ c:\documents and settings\Počítač\mqdmmdm.sys
2009-03-12 21:24 . 2009-03-12 21:24 79,328 --a------ c:\documents and settings\Počítač\mqdmserd.sys
2009-03-12 21:24 . 2009-03-12 21:24 79,328 --a------ c:\documents and settings\Počítač\mqdmserd.sys
2009-03-12 21:24 . 2009-03-12 21:24 66,656 --a------ c:\documents and settings\Počítač\mqdmbus.sys
2009-03-12 21:24 . 2009-03-12 21:24 66,656 --a------ c:\documents and settings\Počítač\mqdmbus.sys
2009-03-12 21:24 . 2009-03-12 21:24 25,600 --a------ c:\documents and settings\Počítač\usbsermptxp.sys
2009-03-12 21:24 . 2009-03-12 21:24 25,600 --a------ c:\documents and settings\Počítač\usbsermptxp.sys
2009-03-12 21:24 . 2009-03-12 21:24 22,768 --a------ c:\documents and settings\Počítač\usbsermpt.sys
2009-03-12 21:24 . 2009-03-12 21:24 22,768 --a------ c:\documents and settings\Počítač\usbsermpt.sys
2009-03-12 21:24 . 2009-03-12 21:24 9,232 --a------ c:\documents and settings\Počítač\mqdmmdfl.sys
2009-03-12 21:24 . 2009-03-12 21:24 9,232 --a------ c:\documents and settings\Počítač\mqdmmdfl.sys
2009-03-12 21:24 . 2009-03-12 21:24 6,208 --a------ c:\documents and settings\Počítač\mqdmcmnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 6,208 --a------ c:\documents and settings\Počítač\mqdmcmnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 5,936 --a------ c:\documents and settings\Počítač\mqdmwhnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 5,936 --a------ c:\documents and settings\Počítač\mqdmwhnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 4,048 --a------ c:\documents and settings\Počítač\mqdmcr.sys
2009-03-12 21:24 . 2009-03-12 21:24 4,048 --a------ c:\documents and settings\Počítač\mqdmcr.sys
2009-03-12 19:35 . 2009-03-12 19:35 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-03-12 19:35 . 2009-03-12 19:35 22,328 --a------ c:\documents and settings\Počítač\Data aplikací\PnkBstrK.sys
2009-03-12 19:34 . 2009-03-12 19:34 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2009-03-12 19:34 . 2009-03-12 19:35 107,832 --a------ c:\windows\system32\PnkBstrB.exe
2009-03-12 19:34 . 2009-03-12 19:34 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-03-12 19:16 . 2009-03-12 19:16 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-12 19:16 . 2009-03-12 19:16 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-03-12 19:15 . 2009-03-12 19:15 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-12 19:15 . 2009-03-12 19:15 <DIR> d-------- c:\program files\Common Files\Motorola Shared
2009-03-12 19:15 . 2006-11-13 15:45 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2009-03-12 19:15 . 2007-10-10 17:41 42,112 --a------ c:\windows\system32\drivers\motodrv.sys
2009-03-12 19:15 . 2007-06-18 15:18 23,680 --a------ c:\windows\system32\drivers\motmodem.sys
2009-03-12 19:15 . 2008-08-21 18:49 18,688 --a------ c:\windows\system32\drivers\motccgp.sys
2009-03-12 19:15 . 2008-08-21 18:49 8,320 --a------ c:\windows\system32\drivers\motccgpfl.sys
2009-03-12 19:15 . 2007-11-02 15:51 6,400 --a------ c:\windows\system32\drivers\motswch.sys
2009-03-11 21:15 . 2009-03-11 21:15 <DIR> d-------- c:\program files\CREEO
2009-03-11 21:10 . 2009-03-11 21:10 <DIR> d-------- c:\program files\TV
2009-03-11 21:10 . 2009-03-11 21:10 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\HTML Executable
2009-03-11 21:10 . 2009-03-23 12:32 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Desktopicon
2009-03-11 21:09 . 2009-03-11 21:09 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\WebCompiler3
2009-03-11 20:36 . 2009-03-11 20:36 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\vsosdk
2009-03-11 19:52 . 2009-03-11 20:46 <DIR> d-------- c:\program files\DVDFab 5
2009-03-11 19:52 . 2009-03-22 21:50 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Vso
2009-03-11 19:52 . 2009-03-11 19:52 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2009-03-11 19:52 . 2009-03-11 19:52 47,360 --a------ c:\documents and settings\Počítač\Data aplikací\pcouffin.sys
2009-03-10 15:32 . 2009-03-10 16:04 2,330,880 --a------ c:\windows\system32\TUKernel.exe
2009-03-10 14:58 . 2009-03-10 14:58 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\TuneUp Software
2009-03-10 14:58 . 2009-03-10 14:58 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-10 14:58 . 2009-03-10 14:58 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-10 14:58 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-10 14:57 . 2009-03-10 14:58 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-10 14:57 . 2009-03-10 14:57 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-10 14:57 . 2009-03-10 14:57 <DIR> d--hs---- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 17:46 . 2009-03-07 17:46 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2009-03-07 12:51 . 2008-04-14 08:51 159,232 --a------ c:\windows\system32\ptpusd.dll
2009-03-07 12:51 . 2001-10-24 12:25 5,632 --a------ c:\windows\system32\ptpusb.dll
2009-03-06 15:23 . 2009-03-06 15:23 <DIR> d-------- c:\program files\Lavalys
2009-03-05 17:20 . 2009-03-05 17:20 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Corel
2009-03-05 17:19 . 2009-03-05 17:19 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\InstallShield
2009-03-05 17:17 . 2009-03-05 17:17 <DIR> d-------- c:\program files\Corel
2009-03-05 17:17 . 2009-03-05 17:17 <DIR> d-------- c:\program files\Common Files\Corel
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-01 17:15 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 13:24 93,336 ------w c:\windows\system32\drivers\epfwtdir.sys
2009-02-06 13:23 106,208 ------w c:\windows\system32\drivers\ehdrv.sys
2009-02-06 13:19 113,448 ------w c:\windows\system32\drivers\eamon.sys
2009-02-04 07:27 3,488,768 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-23_13.31.34.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-14 13:26:30 2,147,328 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:26:42 2,068,224 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:26:27 2,025,984 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:26:30 2,191,360 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-03-23 20:13:58 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-02-06 13:19:52 113,448 ----a-w c:\windows\LastGood\system32\DRIVERS\eamon.sys
+ 2009-02-06 13:23:18 106,208 ----a-w c:\windows\LastGood\system32\DRIVERS\ehdrv.sys
+ 2009-02-06 13:24:24 93,336 ----a-w c:\windows\LastGood\system32\DRIVERS\epfwtdir.sys
- 2008-11-12 16:57:30 1,235,696 ----a-w c:\windows\system32\aswBoot.exe
+ 2009-02-05 21:11:35 1,256,296 ----a-w c:\windows\system32\aswBoot.exe
- 2008-11-12 16:51:11 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2009-02-05 21:04:45 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-04-14 07:52:18 139,264 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
+ 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-05-07 09:07:23 135,168 -c----w c:\windows\system32\dllcache\cscript.exe
+ 2008-06-20 17:49:25 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-07-07 20:29:06 253,952 -c----w c:\windows\system32\dllcache\es.dll
+ 2008-10-23 12:42:52 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-05-09 10:56:13 512,000 -c----w c:\windows\system32\dllcache\jscript.dll
- 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 00:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-24 16:44:28 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
- 2006-10-18 20:47:16 414,208 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-12-04 15:21:50 414,720 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2008-06-20 17:49:25 247,296 -c----w c:\windows\system32\dllcache\mswsock.dll
- 2008-04-14 07:51:50 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-05-07 05:12:00 1,290,752 -c----w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-09 10:56:13 180,224 -c----w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:56:13 172,032 -c----w c:\windows\system32\dllcache\scrrun.dll
+ 2008-06-17 19:02:56 8,465,408 -c----w c:\windows\system32\dllcache\shell32.dll
+ 2008-12-05 06:57:54 144,896 -c----w c:\windows\system32\dllcache\schannel.dll
- 2008-04-14 07:52:04 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:04:44 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-05-09 10:56:13 430,080 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2009-02-09 14:07:41 1,846,784 -c----w c:\windows\system32\dllcache\win32k.sys
- 2006-10-18 20:47:18 222,208 -c--a-w c:\windows\system32\dllcache\WMASF.dll
+ 2007-10-25 08:28:30 222,720 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-05-08 11:24:44 155,648 -c----w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:56:14 90,112 -c----w c:\windows\system32\dllcache\wshext.dll
+ 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2008-04-14 07:51:40 147,968 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:49:25 147,968 ----a-w c:\windows\system32\dnsapi.dll
+ 2009-02-05 21:05:11 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-04-13 23:49:24 138,112 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2009-02-05 21:07:12 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
- 2008-11-12 16:54:27 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2009-02-05 21:08:19 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2009-02-05 21:08:10 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2009-02-05 21:06:10 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2009-02-05 21:07:23 114,768 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2009-02-05 21:06:20 51,376 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2008-04-14 06:45:10 272,896 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\system32\drivers\bthport.sys
- 2008-04-13 23:47:02 456,576 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2008-04-13 23:25:10 202,624 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2008-04-13 23:45:12 334,848 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-04-13 23:50:18 361,344 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2008-04-13 23:30:04 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2008-04-14 07:51:42 246,272 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:29:06 253,952 ----a-w c:\windows\system32\es.dll
- 2009-03-18 21:26:36 281,336 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-03-24 14:23:54 281,336 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 07:51:42 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:42:52 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2008-04-14 07:51:44 691,712 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:06:23 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2008-04-14 07:51:46 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:56:13 512,000 ----a-w c:\windows\system32\jscript.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-04-14 07:51:48 73,728 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:44:28 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-04-14 07:51:50 3,066,880 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:03:20 3,088,896 ----a-w c:\windows\system32\mshtml.dll
- 2006-10-18 20:47:16 414,208 ----a-w c:\windows\system32\msscp.dll
+ 2006-12-04 15:21:50 414,720 ----a-w c:\windows\system32\msscp.dll
- 2008-04-14 07:51:50 247,296 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:49:25 247,296 ----a-w c:\windows\system32\mswsock.dll
- 2008-04-14 07:51:50 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:17:12 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2002-02-04 01:52:54 1,230,336 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-04-14 07:51:50 1,306,624 ----a-w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 ----a-w c:\windows\system32\msxml6.dll
- 2008-04-14 07:51:52 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:38:26 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2008-04-14 07:06:34 2,067,968 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:26:42 2,068,224 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 07:07:10 2,191,104 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:26:30 2,191,360 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-04-14 07:51:56 1,290,752 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:00 1,290,752 ----a-w c:\windows\system32\quartz.dll
- 2008-04-14 07:51:56 180,224 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:56:13 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2008-04-14 07:51:56 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:56:13 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2008-04-14 07:51:56 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-10-16 01:03:18 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-04-14 07:51:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
- 2008-04-14 07:51:56 144,384 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:57:54 144,896 ----a-w c:\windows\system32\schannel.dll
- 2007-08-10 19:43:48 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:18:25 18,296 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 07:52:04 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:04:44 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 07:52:52 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-04-14 07:52:06 620,032 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 01:03:18 619,008 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-14 07:52:06 434,176 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:56:13 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2008-04-14 07:52:06 667,136 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 01:03:18 667,136 ----a-w c:\windows\system32\wininet.dll
- 2006-10-18 20:47:18 222,208 ----a-w c:\windows\system32\WMASF.dll
+ 2007-10-25 08:28:30 222,720 ----a-w c:\windows\system32\wmasf.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2008-04-14 07:52:56 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2008-04-14 07:52:08 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:56:14 90,112 ----a-w c:\windows\system32\wshext.dll
- 2008-04-14 07:52:10 32,256 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-04-14 07:52:10 120,320 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-03-25 12:13:42 16,384 ----atw c:\windows\temp\Perflib_Perfdata_6f8.dat
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:51:49 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2004-02-13 155648]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-03-18 337216]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\ICQ 6 nové\\ICQ6.5\\ICQ.exe"=
"e:\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"e:\\Hry\\Valve\\hl.exe"=
"e:\\Battlefield 2\\BF2.exe"=
"e:\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\PÁN PRSTENŮ\\The Lord of the Rings - Conquest™\\Conquest.exe"=
"c:\\Program Files\\CREEO\\IcyTV Trial\\IcyTV.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bohemia Interactive\\ArmA\\arma.exe"=
"e:\\Far Cry 2\\bin\\farcry2.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-23 114768]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-23 20560]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
R2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service;c:\program files\Systweak\Systweak CacheBoost\cbSrv.exe [2009-03-03 187120]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-10 603904]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-08-18 69120]
R4 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-03-12 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-03-12 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-03-12 42112]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2009-03-25 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
FF - ProfilePath - c:\documents and settings\Počítač\Data aplikací\Mozilla\Firefox\Profiles\hlcpyt3p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- NASTAVENÍ FIREFOXU ----
pref(dom.disable_open_during_load, true);c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 13:30:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-57989841-1563985344-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:fe,17,d8,80,fd,61,79,39,85,32,50,94,82,7d,a1,1d,46,6b,82,d5,3f,
55,7b,da,a5,57,43,d8,a2,61,a1,08,bb,99,5e,ad,e5,49,65,08,c1,ee,fa,82,af,45,\
"rkeysecu"=hex:3c,2e,79,e8,9b,ac,67,1c,3b,56,0e,7f,4f,a1,d9,5a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-03-25 13:31:53
ComboFix-quarantined-files.txt 2009-03-25 12:31:38
ComboFix2.txt 2009-03-23 12:34:05
Před spuštěním: Volných bajtů: 45 646 811 136
Po spuštění: Volných bajtů: 45,639,372,800
448 --- E O F --- 2009-03-23 20:20:00
HJT:
Logfile of HijackThis v1.99.1
Scan saved at 13:37:20, on 25.3.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Počítač\Plocha\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\MICROS~1\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/sho ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak Inc - C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\WINDOWS\system32\HPZipm12.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
Combofix:
ComboFix 09-03-22.01 - Počítač 2009-03-25 13:28:26.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.511.225 [GMT 1:00]
Spuštěný z: c:\documents and settings\Počítač\Plocha\VerTerm.exe
Použité ovládací přepínače :: c:\documents and settings\Počítač\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090324-0] *On-access scanning disabled* (Updated)
* Vytvořen nový Bod Obnovení
FILE ::
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\tmpD0.tmp
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\tmpD0.tmp
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-02-25 do 2009-03-25 )))))))))))))))))))))))))))))))
.
2009-03-25 13:26 . 2009-03-25 13:26 <DIR> d-------- c:\windows\LastGood
2009-03-23 21:13 . 2009-03-23 21:13 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-23 14:17 . 2008-10-16 02:03 1,499,648 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-03-23 14:17 . 2008-10-16 02:03 667,136 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-03-23 14:17 . 2008-10-16 02:03 619,008 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-03-23 14:17 . 2008-06-14 18:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-03-23 14:14 . 2008-08-14 14:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-03-23 14:14 . 2008-08-14 14:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-03-23 14:13 . 2008-12-12 18:03 3,088,896 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-03-23 14:12 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-03-23 14:12 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-03-23 14:11 . 2008-04-11 20:06 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-03-23 14:11 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-03-23 14:11 . 2008-05-01 15:37 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-03-23 14:08 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-03-23 14:08 . 2008-10-15 17:38 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-03-23 14:05 . 2009-03-23 21:19 <DIR> d--h----- c:\windows\$hf_mig$
2009-03-23 13:44 . 2009-03-23 13:44 <DIR> d-------- c:\program files\ESET
2009-03-23 13:44 . 2009-03-23 13:44 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\ESET
2009-03-23 13:04 . 2009-03-23 13:05 <DIR> d-------- c:\program files\trend micro
2009-03-23 13:01 . 2009-03-23 12:57 781,909 --a------ C:\RSIT.exe
2009-03-23 12:57 . 2009-03-23 12:57 <DIR> d-------- C:\rsit
2009-03-23 12:33 . 2009-03-23 12:33 <DIR> d-------- C:\avira
2009-03-22 19:02 . 2009-03-22 19:02 <DIR> d-------- c:\program files\BillP Studios
2009-03-22 19:02 . 2009-03-23 12:33 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\WinPatrol
2009-03-22 17:02 . 2009-03-22 17:02 <DIR> d-------- c:\program files\Alwil Software
2009-03-22 16:49 . 2009-03-23 13:25 <DIR> d--h----- c:\documents and settings\Počítač\Data aplikací\drivers
2009-03-22 16:00 . 2009-03-22 16:00 <DIR> d-------- c:\program files\eMule
2009-03-22 15:16 . 2009-03-23 21:10 <DIR> d-------- c:\program files\ZModeler
2009-03-22 11:10 . 2009-03-22 11:10 <DIR> d-------- c:\program files\WinSCP
2009-03-21 10:55 . 2009-03-22 08:57 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\skypePM
2009-03-21 10:55 . 2009-03-22 15:24 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Skype
2009-03-21 10:55 . 2009-03-21 10:55 32 --a------ c:\documents and settings\All Users\Data aplikací\ezsid.dat
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\program files\Skype
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\program files\Common Files\Skype
2009-03-21 10:54 . 2009-03-21 10:54 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Skype
2009-03-21 09:42 . 2009-03-21 09:42 <DIR> d-------- c:\program files\Sanny Builder 3
2009-03-18 17:17 . 2009-03-21 12:41 <DIR> d-------- c:\program files\Rockstar Games
2009-03-18 16:06 . 2009-03-18 16:06 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf
2009-03-18 16:06 . 2009-03-18 16:06 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motccgp_01005.Wdf
2009-03-18 14:51 . 2009-03-18 14:51 0 --a------ c:\windows\system32\BSPRINT.INI
2009-03-18 14:50 . 2009-03-18 14:50 <DIR> d-------- c:\program files\IVT Corporation
2009-03-18 14:40 . 2009-03-18 14:51 32 --a------ c:\windows\0
2009-03-18 14:40 . 2009-03-18 14:40 0 --a------ c:\windows\system32\0
2009-03-18 14:13 . 2009-03-18 14:13 <DIR> d-------- c:\program files\MyPhoneExplorer
2009-03-18 14:13 . 2009-03-18 14:13 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\MyPhoneExplorer
2009-03-16 19:42 . 2009-03-16 19:42 <DIR> dr-h----- c:\documents and settings\Počítač\Data aplikací\SecuROM
2009-03-13 21:59 . 2009-03-19 17:06 <DIR> d-------- C:\Ke stažení
2009-03-13 21:18 . 2009-03-13 21:18 36 --a------ c:\windows\CONTEXT.INI
2009-03-13 13:37 . 2009-03-13 13:37 <DIR> d-------- c:\program files\OpenAL
2009-03-13 13:37 . 2009-03-13 13:37 409,600 --a------ c:\windows\system32\wrap_oal.dll
2009-03-13 13:37 . 2009-03-13 13:37 114,688 --a------ c:\windows\system32\OpenAL32.dll
2009-03-13 13:31 . 2009-03-13 13:31 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-13 13:29 . 2009-03-13 13:29 <DIR> d-------- c:\program files\Bohemia Interactive
2009-03-13 12:37 . 2009-03-13 12:37 <DIR> d-------- c:\program files\D-Tools
2009-03-13 12:37 . 2004-08-22 16:31 155,136 --a------ c:\windows\system32\drivers\d347bus.sys
2009-03-13 12:37 . 2004-08-22 16:31 5,248 --a------ c:\windows\system32\drivers\d347prt.sys
2009-03-13 12:36 . 2009-03-13 12:36 <DIR> d-------- c:\windows\Downloaded Installations
2009-03-12 21:27 . 2009-03-12 21:27 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\InstallShield
2009-03-12 21:25 . 2009-03-12 21:27 <DIR> d-------- c:\program files\Avanquest update
2009-03-12 21:25 . 2008-04-14 00:15 26,112 --a------ c:\windows\system32\drivers\usbser.sys
2009-03-12 21:25 . 2008-04-14 00:15 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys
2009-03-12 21:24 . 2009-03-18 15:00 <DIR> d-------- c:\program files\Motorola Phone Tools
2009-03-12 21:24 . 2009-03-12 21:29 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\BVRP Software
2009-03-12 21:24 . 2009-03-12 21:24 92,064 --a------ c:\documents and settings\Počítač\mqdmmdm.sys
2009-03-12 21:24 . 2009-03-12 21:24 92,064 --a------ c:\documents and settings\Počítač\mqdmmdm.sys
2009-03-12 21:24 . 2009-03-12 21:24 79,328 --a------ c:\documents and settings\Počítač\mqdmserd.sys
2009-03-12 21:24 . 2009-03-12 21:24 79,328 --a------ c:\documents and settings\Počítač\mqdmserd.sys
2009-03-12 21:24 . 2009-03-12 21:24 66,656 --a------ c:\documents and settings\Počítač\mqdmbus.sys
2009-03-12 21:24 . 2009-03-12 21:24 66,656 --a------ c:\documents and settings\Počítač\mqdmbus.sys
2009-03-12 21:24 . 2009-03-12 21:24 25,600 --a------ c:\documents and settings\Počítač\usbsermptxp.sys
2009-03-12 21:24 . 2009-03-12 21:24 25,600 --a------ c:\documents and settings\Počítač\usbsermptxp.sys
2009-03-12 21:24 . 2009-03-12 21:24 22,768 --a------ c:\documents and settings\Počítač\usbsermpt.sys
2009-03-12 21:24 . 2009-03-12 21:24 22,768 --a------ c:\documents and settings\Počítač\usbsermpt.sys
2009-03-12 21:24 . 2009-03-12 21:24 9,232 --a------ c:\documents and settings\Počítač\mqdmmdfl.sys
2009-03-12 21:24 . 2009-03-12 21:24 9,232 --a------ c:\documents and settings\Počítač\mqdmmdfl.sys
2009-03-12 21:24 . 2009-03-12 21:24 6,208 --a------ c:\documents and settings\Počítač\mqdmcmnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 6,208 --a------ c:\documents and settings\Počítač\mqdmcmnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 5,936 --a------ c:\documents and settings\Počítač\mqdmwhnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 5,936 --a------ c:\documents and settings\Počítač\mqdmwhnt.sys
2009-03-12 21:24 . 2009-03-12 21:24 4,048 --a------ c:\documents and settings\Počítač\mqdmcr.sys
2009-03-12 21:24 . 2009-03-12 21:24 4,048 --a------ c:\documents and settings\Počítač\mqdmcr.sys
2009-03-12 19:35 . 2009-03-12 19:35 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-03-12 19:35 . 2009-03-12 19:35 22,328 --a------ c:\documents and settings\Počítač\Data aplikací\PnkBstrK.sys
2009-03-12 19:34 . 2009-03-12 19:34 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2009-03-12 19:34 . 2009-03-12 19:35 107,832 --a------ c:\windows\system32\PnkBstrB.exe
2009-03-12 19:34 . 2009-03-12 19:34 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2009-03-12 19:16 . 2009-03-12 19:16 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-03-12 19:16 . 2009-03-12 19:16 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_motmodem_01005.Wdf
2009-03-12 19:15 . 2009-03-12 19:15 <DIR> d----c--- c:\windows\system32\DRVSTORE
2009-03-12 19:15 . 2009-03-12 19:15 <DIR> d-------- c:\program files\Common Files\Motorola Shared
2009-03-12 19:15 . 2006-11-13 15:45 1,419,232 --a------ c:\windows\system32\wdfcoinstaller01005.dll
2009-03-12 19:15 . 2007-10-10 17:41 42,112 --a------ c:\windows\system32\drivers\motodrv.sys
2009-03-12 19:15 . 2007-06-18 15:18 23,680 --a------ c:\windows\system32\drivers\motmodem.sys
2009-03-12 19:15 . 2008-08-21 18:49 18,688 --a------ c:\windows\system32\drivers\motccgp.sys
2009-03-12 19:15 . 2008-08-21 18:49 8,320 --a------ c:\windows\system32\drivers\motccgpfl.sys
2009-03-12 19:15 . 2007-11-02 15:51 6,400 --a------ c:\windows\system32\drivers\motswch.sys
2009-03-11 21:15 . 2009-03-11 21:15 <DIR> d-------- c:\program files\CREEO
2009-03-11 21:10 . 2009-03-11 21:10 <DIR> d-------- c:\program files\TV
2009-03-11 21:10 . 2009-03-11 21:10 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\HTML Executable
2009-03-11 21:10 . 2009-03-23 12:32 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Desktopicon
2009-03-11 21:09 . 2009-03-11 21:09 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\WebCompiler3
2009-03-11 20:36 . 2009-03-11 20:36 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\vsosdk
2009-03-11 19:52 . 2009-03-11 20:46 <DIR> d-------- c:\program files\DVDFab 5
2009-03-11 19:52 . 2009-03-22 21:50 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Vso
2009-03-11 19:52 . 2009-03-11 19:52 47,360 --a------ c:\windows\system32\drivers\pcouffin.sys
2009-03-11 19:52 . 2009-03-11 19:52 47,360 --a------ c:\documents and settings\Počítač\Data aplikací\pcouffin.sys
2009-03-10 15:32 . 2009-03-10 16:04 2,330,880 --a------ c:\windows\system32\TUKernel.exe
2009-03-10 14:58 . 2009-03-10 14:58 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\TuneUp Software
2009-03-10 14:58 . 2009-03-10 14:58 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-03-10 14:58 . 2009-03-10 14:58 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-03-10 14:58 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-03-10 14:57 . 2009-03-10 14:58 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-03-10 14:57 . 2009-03-10 14:57 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-03-10 14:57 . 2009-03-10 14:57 <DIR> d--hs---- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-07 17:46 . 2009-03-07 17:46 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2009-03-07 12:51 . 2008-04-14 08:51 159,232 --a------ c:\windows\system32\ptpusd.dll
2009-03-07 12:51 . 2001-10-24 12:25 5,632 --a------ c:\windows\system32\ptpusb.dll
2009-03-06 15:23 . 2009-03-06 15:23 <DIR> d-------- c:\program files\Lavalys
2009-03-05 17:20 . 2009-03-05 17:20 <DIR> d-------- c:\documents and settings\Počítač\Data aplikací\Corel
2009-03-05 17:19 . 2009-03-05 17:19 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\InstallShield
2009-03-05 17:17 . 2009-03-05 17:17 <DIR> d-------- c:\program files\Corel
2009-03-05 17:17 . 2009-03-05 17:17 <DIR> d-------- c:\program files\Common Files\Corel
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-01 17:15 --------- d-----w c:\program files\microsoft frontpage
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-06 13:24 93,336 ------w c:\windows\system32\drivers\epfwtdir.sys
2009-02-06 13:23 106,208 ------w c:\windows\system32\drivers\ehdrv.sys
2009-02-06 13:19 113,448 ------w c:\windows\system32\drivers\eamon.sys
2009-02-04 07:27 3,488,768 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-02-04 05:57 11,702,272 ----a-w c:\windows\system32\atioglxx.dll
2009-02-04 05:03 290,816 ----a-w c:\windows\system32\atiok3x2.dll
2009-02-04 04:56 442,368 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-02-04 04:55 324,096 ----a-w c:\windows\system32\ati2dvag.dll
2009-02-04 04:44 196,608 ----a-w c:\windows\system32\atipdlxx.dll
2009-02-04 04:44 155,648 ----a-w c:\windows\system32\Oemdspif.dll
2009-02-04 04:43 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2009-02-04 04:43 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-02-04 04:43 155,648 ----a-w c:\windows\system32\ati2evxx.dll
2009-02-04 04:41 602,112 ----a-w c:\windows\system32\ati2evxx.exe
2009-02-04 04:40 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-02-04 04:30 3,884,768 ----a-w c:\windows\system32\ati3duag.dll
2009-02-04 04:14 2,645,504 ----a-w c:\windows\system32\ativvaxx.dll
2009-02-04 03:58 49,664 ----a-w c:\windows\system32\amdpcom32.dll
2009-02-04 03:54 471,040 ----a-w c:\windows\system32\atikvmag.dll
2009-02-04 03:53 122,880 ----a-w c:\windows\system32\atiadlxx.dll
2009-02-04 03:52 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2009-02-04 03:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2009-02-04 03:46 626,688 ----a-w c:\windows\system32\ati2cqag.dll
2009-02-04 03:44 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2009-02-04 02:43 45,056 ----a-w c:\windows\system32\aticalrt.dll
2009-02-04 02:42 45,056 ----a-w c:\windows\system32\aticalcl.dll
2009-02-04 02:40 3,244,032 ----a-w c:\windows\system32\aticaldd.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-23_13.31.34.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\Driver Cache\i386\bthport.sys
+ 2008-10-24 11:21:09 455,296 ------w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-14 13:26:30 2,147,328 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:26:42 2,068,224 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:26:27 2,025,984 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:26:30 2,191,360 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-03-23 20:13:58 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-02-06 13:19:52 113,448 ----a-w c:\windows\LastGood\system32\DRIVERS\eamon.sys
+ 2009-02-06 13:23:18 106,208 ----a-w c:\windows\LastGood\system32\DRIVERS\ehdrv.sys
+ 2009-02-06 13:24:24 93,336 ----a-w c:\windows\LastGood\system32\DRIVERS\epfwtdir.sys
- 2008-11-12 16:57:30 1,235,696 ----a-w c:\windows\system32\aswBoot.exe
+ 2009-02-05 21:11:35 1,256,296 ----a-w c:\windows\system32\aswBoot.exe
- 2008-11-12 16:51:11 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2009-02-05 21:04:45 97,480 ----a-w c:\windows\system32\AvastSS.scr
- 2008-04-14 07:52:18 139,264 ----a-w c:\windows\system32\cscript.exe
+ 2008-05-07 09:07:23 135,168 ----a-w c:\windows\system32\cscript.exe
+ 2008-08-14 10:04:36 138,496 -c----w c:\windows\system32\dllcache\afd.sys
+ 2008-05-07 09:07:23 135,168 -c----w c:\windows\system32\dllcache\cscript.exe
+ 2008-06-20 17:49:25 147,968 -c----w c:\windows\system32\dllcache\dnsapi.dll
+ 2008-07-07 20:29:06 253,952 -c----w c:\windows\system32\dllcache\es.dll
+ 2008-10-23 12:42:52 286,720 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-05-09 10:56:13 512,000 -c----w c:\windows\system32\dllcache\jscript.dll
- 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 00:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-24 16:44:28 74,240 -c----w c:\windows\system32\dllcache\mscms.dll
- 2006-10-18 20:47:16 414,208 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-12-04 15:21:50 414,720 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2008-06-20 17:49:25 247,296 -c----w c:\windows\system32\dllcache\mswsock.dll
- 2008-04-14 07:51:50 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll
+ 2008-05-07 05:12:00 1,290,752 -c----w c:\windows\system32\dllcache\quartz.dll
+ 2008-05-09 10:56:13 180,224 -c----w c:\windows\system32\dllcache\scrobj.dll
+ 2008-05-09 10:56:13 172,032 -c----w c:\windows\system32\dllcache\scrrun.dll
+ 2008-06-17 19:02:56 8,465,408 -c----w c:\windows\system32\dllcache\shell32.dll
+ 2008-12-05 06:57:54 144,896 -c----w c:\windows\system32\dllcache\schannel.dll
- 2008-04-14 07:52:04 246,814 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:04:44 247,326 -c--a-w c:\windows\system32\dllcache\strmdll.dll
+ 2008-06-20 11:51:12 361,600 -c----w c:\windows\system32\dllcache\tcpip.sys
+ 2008-06-20 11:08:27 225,856 -c----w c:\windows\system32\dllcache\tcpip6.sys
+ 2008-05-09 10:56:13 430,080 -c----w c:\windows\system32\dllcache\vbscript.dll
+ 2009-02-09 14:07:41 1,846,784 -c----w c:\windows\system32\dllcache\win32k.sys
- 2006-10-18 20:47:18 222,208 -c--a-w c:\windows\system32\dllcache\WMASF.dll
+ 2007-10-25 08:28:30 222,720 -c--a-w c:\windows\system32\dllcache\wmasf.dll
- 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
+ 2008-05-08 11:24:44 155,648 -c----w c:\windows\system32\dllcache\wscript.exe
+ 2008-05-09 10:56:14 90,112 -c----w c:\windows\system32\dllcache\wshext.dll
+ 2008-10-16 13:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 13:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 13:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2008-04-14 07:51:40 147,968 ----a-w c:\windows\system32\dnsapi.dll
+ 2008-06-20 17:49:25 147,968 ----a-w c:\windows\system32\dnsapi.dll
+ 2009-02-05 21:05:11 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-04-13 23:49:24 138,112 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 10:04:36 138,496 ----a-w c:\windows\system32\drivers\afd.sys
+ 2009-02-05 21:07:12 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
- 2008-11-12 16:54:27 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2009-02-05 21:08:19 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2009-02-05 21:08:10 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2009-02-05 21:06:10 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2009-02-05 21:07:23 114,768 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2009-02-05 21:06:20 51,376 ----a-w c:\windows\system32\drivers\aswTdi.sys
- 2008-04-14 06:45:10 272,896 ------w c:\windows\system32\drivers\bthport.sys
+ 2008-06-14 17:35:31 272,128 ------w c:\windows\system32\drivers\bthport.sys
- 2008-04-13 23:47:02 456,576 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:21:09 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2008-04-13 23:25:10 202,624 ----a-w c:\windows\system32\drivers\rmcast.sys
+ 2008-05-08 14:02:52 203,136 ----a-w c:\windows\system32\drivers\rmcast.sys
- 2008-04-13 23:45:12 334,848 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-12-11 10:57:09 333,952 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-04-13 23:50:18 361,344 ----a-w c:\windows\system32\drivers\tcpip.sys
+ 2008-06-20 11:51:12 361,600 ----a-w c:\windows\system32\drivers\tcpip.sys
- 2008-04-13 23:30:04 225,664 ----a-w c:\windows\system32\drivers\tcpip6.sys
+ 2008-06-20 11:08:27 225,856 ----a-w c:\windows\system32\drivers\tcpip6.sys
- 2008-04-14 07:51:42 246,272 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:29:06 253,952 ----a-w c:\windows\system32\es.dll
- 2009-03-18 21:26:36 281,336 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-03-24 14:23:54 281,336 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-14 07:51:42 285,184 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 12:42:52 286,720 ----a-w c:\windows\system32\gdi32.dll
- 2008-04-14 07:51:44 691,712 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 19:06:23 691,712 ----a-w c:\windows\system32\inetcomm.dll
- 2008-04-14 07:51:46 512,000 ----a-w c:\windows\system32\jscript.dll
+ 2008-05-09 10:56:13 512,000 ----a-w c:\windows\system32\jscript.dll
- 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 00:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
- 2008-04-14 07:51:48 73,728 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:44:28 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-04-14 07:51:50 3,066,880 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-12 17:03:20 3,088,896 ----a-w c:\windows\system32\mshtml.dll
- 2006-10-18 20:47:16 414,208 ----a-w c:\windows\system32\msscp.dll
+ 2006-12-04 15:21:50 414,720 ----a-w c:\windows\system32\msscp.dll
- 2008-04-14 07:51:50 247,296 ----a-w c:\windows\system32\mswsock.dll
+ 2008-06-20 17:49:25 247,296 ----a-w c:\windows\system32\mswsock.dll
- 2008-04-14 07:51:50 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 17:17:12 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2002-02-04 01:52:54 1,230,336 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 15:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-04-14 07:51:50 1,306,624 ----a-w c:\windows\system32\msxml6.dll
+ 2008-09-10 01:16:11 1,307,648 ----a-w c:\windows\system32\msxml6.dll
- 2008-04-14 07:51:52 337,408 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:38:26 337,408 ----a-w c:\windows\system32\netapi32.dll
- 2008-04-14 07:06:34 2,067,968 ----a-w c:\windows\system32\ntkrnlpa.exe
+ 2008-08-14 13:26:42 2,068,224 ----a-w c:\windows\system32\ntkrnlpa.exe
- 2008-04-14 07:07:10 2,191,104 ----a-w c:\windows\system32\ntoskrnl.exe
+ 2008-08-14 13:26:30 2,191,360 ----a-w c:\windows\system32\ntoskrnl.exe
- 2008-04-14 07:51:56 1,290,752 ----a-w c:\windows\system32\quartz.dll
+ 2008-05-07 05:12:00 1,290,752 ----a-w c:\windows\system32\quartz.dll
- 2008-04-14 07:51:56 180,224 ----a-w c:\windows\system32\scrobj.dll
+ 2008-05-09 10:56:13 180,224 ----a-w c:\windows\system32\scrobj.dll
- 2008-04-14 07:51:56 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-05-09 10:56:13 172,032 ----a-w c:\windows\system32\scrrun.dll
- 2008-04-14 07:51:56 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-10-16 01:03:18 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-04-14 07:51:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
+ 2008-06-17 19:02:56 8,465,408 ----a-w c:\windows\system32\shell32.dll
- 2008-04-14 07:51:56 144,384 ----a-w c:\windows\system32\schannel.dll
+ 2008-12-05 06:57:54 144,896 ----a-w c:\windows\system32\schannel.dll
- 2007-08-10 19:43:48 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:18:25 18,296 ------w c:\windows\system32\spmsg.dll
- 2008-04-14 07:52:04 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:04:44 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-04-14 07:52:52 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-04-14 07:52:06 620,032 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 01:03:18 619,008 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-14 07:52:06 434,176 ----a-w c:\windows\system32\vbscript.dll
+ 2008-05-09 10:56:13 430,080 ----a-w c:\windows\system32\vbscript.dll
- 2008-04-14 07:52:06 667,136 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 01:03:18 667,136 ----a-w c:\windows\system32\wininet.dll
- 2006-10-18 20:47:18 222,208 ----a-w c:\windows\system32\WMASF.dll
+ 2007-10-25 08:28:30 222,720 ----a-w c:\windows\system32\wmasf.dll
- 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
+ 2008-06-18 04:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 04:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2008-04-14 07:52:56 155,648 ----a-w c:\windows\system32\wscript.exe
+ 2008-05-08 11:24:44 155,648 ----a-w c:\windows\system32\wscript.exe
- 2008-04-14 07:52:08 90,112 ----a-w c:\windows\system32\wshext.dll
+ 2008-05-09 10:56:14 90,112 ----a-w c:\windows\system32\wshext.dll
- 2008-04-14 07:52:10 32,256 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 13:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-04-14 07:52:10 120,320 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 13:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
+ 2009-03-25 12:13:42 16,384 ----atw c:\windows\temp\Perflib_Perfdata_6f8.dat
+ 2008-09-30 15:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 15:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
+ 2008-04-15 17:51:49 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-03 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2004-02-13 155648]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2009-03-18 337216]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:\windows\soundman.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"e:\\ICQ 6 nové\\ICQ6.5\\ICQ.exe"=
"e:\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"e:\\Hry\\Valve\\hl.exe"=
"e:\\Battlefield 2\\BF2.exe"=
"e:\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"e:\\Microsoft Office\\Office12\\GROOVE.EXE"=
"e:\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\PÁN PRSTENŮ\\The Lord of the Rings - Conquest™\\Conquest.exe"=
"c:\\Program Files\\CREEO\\IcyTV Trial\\IcyTV.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bohemia Interactive\\ArmA\\arma.exe"=
"e:\\Far Cry 2\\bin\\farcry2.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-23 114768]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-02-06 106208]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-23 20560]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
R2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service;c:\program files\Systweak\Systweak CacheBoost\cbSrv.exe [2009-03-03 187120]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-03-10 603904]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2004-08-18 69120]
R4 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-02-06 93336]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-03-12 18688]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-03-12 8320]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-03-12 42112]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2009-03-25 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - e:\micros~1\Office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
FF - ProfilePath - c:\documents and settings\Počítač\Data aplikací\Mozilla\Firefox\Profiles\hlcpyt3p.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- NASTAVENÍ FIREFOXU ----
pref(dom.disable_open_during_load, true);c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-25 13:30:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-57989841-1563985344-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:fe,17,d8,80,fd,61,79,39,85,32,50,94,82,7d,a1,1d,46,6b,82,d5,3f,
55,7b,da,a5,57,43,d8,a2,61,a1,08,bb,99,5e,ad,e5,49,65,08,c1,ee,fa,82,af,45,\
"rkeysecu"=hex:3c,2e,79,e8,9b,ac,67,1c,3b,56,0e,7f,4f,a1,d9,5a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(864)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-03-25 13:31:53
ComboFix-quarantined-files.txt 2009-03-25 12:31:38
ComboFix2.txt 2009-03-23 12:34:05
Před spuštěním: Volných bajtů: 45 646 811 136
Po spuštění: Volných bajtů: 45,639,372,800
448 --- E O F --- 2009-03-23 20:20:00
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43293
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Nefunguje mi zadny antivir :(
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 5 hostů