V tomhle tématu mě odkázali sem (viewtopic.php?f=3&t=44777 )
Přikládám výpis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10:17, on 18.9.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\system32\mHotkey.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\All Users\Plocha\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Ahead\InCD\InCD .exe
C:\DOCUME~1\Michal\LOCALS~1\Temp\b .exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\ICQ6.5\ICQ.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Opera\opera.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Michal\paselhs.exe \s
O1 - Hosts: ::1 localhost
O1 - Hosts: 88.86.111.212 L2authd.Lineage2.com
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XML Class - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Lištička - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [wdnf] C:\WINDOWS\system32\wdnf.exe \u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent
O4 - HKCU\..\Run: [Monopod] C:\DOCUME~1\Michal\LOCALS~1\Temp\b .exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Documents and Settings\All Users\Plocha\Kodak EasyShare software\bin\EasyShare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Star Downloaderem - D:\Program Files\Star Downloader\sdie.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O21 - SSODL: LCgsCNsQdPGQOI - {A48E2A5D-0E24-80F7-7071-7A4A9BDD1800} - C:\WINDOWS\system32\tljrie.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
--
End of file - 8023 bytes
Výpis z HJT + problém s IE
Re: Výpis z HJT + problém s IE
Ahoj, mas tam bordel.
1) Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
2) Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.
1) Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.
Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!
2) Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Výpis z HJT + problém s IE
Takže výpis z DDS:
DDS (Ver_09-07-30.01) - NTFSx86
Run by Michal at 17:40:21,27 on pá 18.09.2009
Internet Explorer: 8.0.6001.18702
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.657 [GMT 2:00]
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
============== Running Processes ===============
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Ahead\InCD\InCD .exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Michal\Plocha\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.seznam.cz/
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
BHO: XTTBPos00 Class: {055fd26d-3a88-4e15-963d-dc8493744b1d} - c:\progra~1\icqtoo~1\toolbaru.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Lištička: {ea837f48-5ad1-443e-ae34-ffe03cbf3099} - c:\program files\seznam.cz\listicka.dll
BHO: : {fffffef0-5b30-21d4-945d-000000000000} - d:\progra~1\stardo~1\SDIEInt.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [Steam] c:\valve\steam\Steam.exe -silent
mRun: [SiSUSBRG] c:\windows\SiSUSBrg.exe
mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [CHotkey] mHotkey.exe
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\softwa~1.lnk - c:\documents and settings\all users\plocha\kodak easyshare software\bin\EasyShare.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Stáhnout Star Downloaderem - d:\program files\star downloader\sdie.htm
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\seznam.cz\listicka.dll
IE: {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - c:\program files\seznam.cz\listicka.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: imon.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: LCgsCNsQdPGQOI - {A48E2A5D-0E24-80F7-7071-7A4A9BDD1800} - c:\windows\system32\tljrie.dll
============= SERVICES / DRIVERS ===============
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2009-8-21 222968]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2009-8-21 495616]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2002-9-23 69120]
=============== Created Last 30 ================
2009-09-18 17:32 229,888 a------- c:\windows\PEV.exe
2009-09-18 17:32 161,792 a------- c:\windows\SWREG.exe
2009-09-18 17:32 98,816 a------- c:\windows\sed.exe
2009-09-18 17:31 <DIR> --d----- C:\ComboFix
2009-09-18 17:26 <DIR> --d-h--- c:\windows\PIF
2009-09-17 14:32 9,600 ac------ c:\windows\system32\dllcache\hidusb.sys
2009-09-17 14:32 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-09-15 14:57 <DIR> --dsh--- c:\documents and settings\michal\PrivacIE
2009-09-15 07:07 <DIR> --dsh--- c:\documents and settings\michal\IETldCache
2009-09-15 07:03 <DIR> --d----- c:\windows\ie8updates
2009-09-15 07:03 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-09-15 07:02 <DIR> -cd-h--- c:\windows\ie8
2009-09-15 07:02 <DIR> --d----- c:\windows\system32\cs-CZ
2009-09-15 06:52 100,352 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-09-15 06:51 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-15 06:51 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-09-15 06:51 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-09-15 06:51 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-09-15 06:51 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll
2009-09-09 20:58 3,428 a------- c:\windows\system32\wbem\Outlook_01ca317f8874b33c.mof
2009-09-07 06:38 <DIR> --d----- c:\windows\system32\LogFiles
2009-09-07 06:31 26,112 a------- c:\windows\system32\mhotkey.exe
2009-09-07 06:31 26,112 a------- c:\windows\system32\rundll32 cmicnfg.cpl,cmictrlwnd
2009-09-06 19:28 26,112 a------- c:\documents and settings\michal\mhotkey.exe
2009-09-06 18:53 <DIR> --d----- c:\documents and settings\michal\.ultramixer
2009-08-30 14:43 <DIR> --d----- C:\Valve
2009-08-26 12:53 43,520 a------- c:\windows\system32\CmdLineExt03.dll
2009-08-25 21:46 <DIR> --d----- c:\docume~1\michal\dataap~1\Skinux
2009-08-25 21:40 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\ArcSoft
2009-08-25 21:40 <DIR> --d----- c:\program files\Kodak
2009-08-25 21:39 <DIR> --d----- c:\program files\common files\Kodak
2009-08-25 21:38 <DIR> --d-h--- c:\windows\$hf_mig$
2009-08-25 21:38 464,384 -c------ c:\windows\system32\dllcache\imapi2fs.dll
2009-08-25 21:38 317,440 -c------ c:\windows\system32\dllcache\imapi2.dll
2009-08-25 21:38 62,592 -c------ c:\windows\system32\dllcache\cdrom.sys
2009-08-25 21:38 464,384 -------- c:\windows\system32\imapi2fs.dll
2009-08-25 21:38 317,440 -------- c:\windows\system32\imapi2.dll
2009-08-25 19:30 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\Kodak
2009-08-25 16:33 <DIR> --d----- c:\windows\PAC7311
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PXIINST64
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PXIINST
2009-08-25 16:33 <DIR> --d----- c:\program files\PC Camera
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PAC7311
2009-08-25 16:33 <DIR> --d----- c:\windows\Downloaded Installations
2009-08-23 22:34 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-23 22:34 73,728 a------- c:\windows\system32\javacpl.cpl
2009-08-23 14:29 0 a------- c:\windows\NFS
2009-08-23 14:22 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
2009-08-22 11:27 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-08-21 19:07 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\DAEMON Tools Lite
2009-08-21 19:07 <DIR> --d----- c:\program files\DAEMON Tools Toolbar
2009-08-21 18:19 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-08-21 18:19 <DIR> --d----- c:\docume~1\michal\dataap~1\DAEMON Tools Lite
2009-08-21 15:34 <DIR> --d----- c:\program files\ICQ6Toolbar
2009-08-21 15:34 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\ICQ
2009-08-21 15:20 <DIR> --d----- c:\docume~1\michal\dataap~1\ICQ Toolbar
2009-08-21 15:15 <DIR> --d----- c:\program files\ICQToolbar
2009-08-21 15:14 <DIR> --d----- c:\program files\ICQ6
2009-08-21 15:12 390 a------- c:\windows\ODBC.INI
2009-08-21 15:12 17,920 a------- c:\windows\system32\mdimon.dll
2009-08-21 15:10 <DIR> --d----- c:\windows\SHELLNEW
2009-08-21 15:04 <DIR> --d----- c:\program files\Seznam.cz
2009-08-21 14:55 502,208 a------- c:\windows\system32\drivers\amon.sys
2009-08-21 14:55 270,336 a------- c:\windows\system32\imon.dll
2009-08-21 14:55 <DIR> --d----- c:\program files\Eset
2009-08-21 14:51 <DIR> --d----- c:\program files\KYE
2009-08-21 14:49 491,008 a------- c:\windows\mHotkey.exe
2009-08-21 14:49 233,472 a------- c:\windows\InstIt.exe
2009-08-21 14:49 4,327 a------- c:\windows\98.reg
2009-08-21 14:49 4,315 a------- c:\windows\Me.reg
2009-08-21 14:49 4,303 a------- c:\windows\XP.reg
2009-08-21 14:49 4,280 a------- c:\windows\2K.reg
2009-08-21 14:49 491 a------- c:\windows\Instit.ini
2009-08-21 14:46 1,261,568 -------- c:\windows\NuNinst.exe
2009-08-21 14:46 46,484 -------- c:\windows\NuNinst.cfg
2009-08-21 14:45 87,872 -------- c:\windows\system32\drivers\incdfs.sys
2009-08-21 14:45 28,464 -------- c:\windows\system32\drivers\incdpass.sys
2009-08-21 14:45 5,264 -------- c:\windows\system32\drivers\incdrec.sys
2009-08-21 14:45 <DIR> --d----- c:\windows\InCD
2009-08-21 14:44 <DIR> --d----- c:\docume~1\michal\dataap~1\NeroVision
2009-08-21 14:44 89,802 -------- c:\windows\UNNeroVision.cfg
2009-08-21 14:44 1,302,528 -------- c:\windows\UNNeroVision.exe
2009-08-21 14:40 38,912 a----r-- c:\windows\system32\picn20.dll
2009-08-21 14:40 569,344 a----r-- c:\windows\system32\imagr5.dll
2009-08-21 14:40 544,768 a----r-- c:\windows\system32\imagx5.dll
2009-08-21 14:40 283,920 a----r-- c:\windows\system32\ImagXpr5.dll
2009-08-21 14:40 26,112 a------- c:\windows\system32\nerocheck.exe
2009-08-21 14:35 <DIR> --d----- C:\temp
2009-08-21 14:33 <DIR> --d----- c:\program files\ABBYY FineReader 6.0
2009-08-21 14:33 <DIR> --d----- c:\program files\ABBYY FineReader 5.0 Sprint
2009-08-21 14:33 <DIR> --d----- c:\program files\FaxTools
2009-08-21 14:32 <DIR> --d----- c:\program files\Lexmark 1200 Series
2009-08-21 14:31 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2009-08-21 14:31 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-08-21 14:08 <DIR> --d----- c:\windows\system32\wbem\AutoRecover
2009-08-21 14:01 <DIR> --d----- c:\windows\ServicePackFiles
2009-08-21 13:59 19,528 a------- c:\windows\002406_.tmp
2009-08-21 13:59 3,072 a------- c:\windows\system32\drivers\audstub.sys
2009-08-21 13:59 58,240 a------- c:\windows\system32\drivers\redbook.sys
2009-08-21 13:59 26,144 a------- c:\windows\system32\spupdsvc.exe
2009-08-21 13:58 <DIR> --d----- c:\program files\common files\ODBC
2009-08-21 13:58 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-08-21 13:57 19,456 ac------ c:\windows\system32\dllcache\agt041f.dll
2009-08-21 13:57 <DIR> --d-h--- c:\documents and settings\all users\Šablony
2009-08-21 13:57 <DIR> --d--r-- c:\documents and settings\all users\Nabídka Start
2009-08-21 13:57 <DIR> --d--r-- c:\documents and settings\all users\Dokumenty
2009-08-21 13:57 <DIR> --d----- c:\documents and settings\all users\Plocha
2009-08-21 13:57 <DIR> --d----- c:\documents and settings\all users\Oblíbené položky
2009-08-21 13:57 <DIR> --d-hr-- c:\documents and settings\all users\Data aplikací
2009-08-21 13:56 261 a------- c:\windows\system32\$winnt$.inf
2009-08-21 12:32 <DIR> --ds---- c:\documents and settings\michal\UserData
2009-08-21 12:18 <DIR> --d----- c:\program files\ATI Technologies
2009-08-21 12:16 <DIR> --d----- c:\program files\C-Media 3D Audio
2009-08-21 12:14 <DIR> --d----- c:\documents and settings\michal\WINDOWS
2009-08-21 12:11 <DIR> --d-hr-- c:\documents and settings\michal\Data aplikací
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Okolní tiskárny
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Okolní síť
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Šablony
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Oblíbené položky
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Nabídka Start
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Dokumenty
2009-08-21 12:11 <DIR> --d----- c:\documents and settings\michal\Plocha
2009-08-21 12:05 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-08-21 12:04 <DIR> --d----- c:\program files\common files\MSSoap
2009-08-21 12:03 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-08-21 12:03 <DIR> --d----- c:\program files\Online Services
2009-08-21 12:03 <DIR> --d----- c:\program files\Messenger
2009-08-21 12:02 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-08-21 12:02 <DIR> --d----- c:\program files\Windows NT
==================== Find3M ====================
2009-09-18 11:03 26,112 a------- c:\windows\sisusbrg.exe
2009-09-09 20:58 392,918 a------- c:\windows\system32\perfh005.dat
2009-09-09 20:58 69,926 a------- c:\windows\system32\perfc005.dat
2009-08-21 14:04 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-08-21 14:04 2,724 a------- c:\windows\pchealth\helpctr\packagestore\SkuStore.bin
2009-08-21 14:03 8,972 a------- c:\windows\pchealth\helpctr\config\Cntstore.bin
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\FBN5R9JT.DAT
2009-08-21 12:06 558,142 a------- c:\windows\java\packages\BZZLBZJV.ZIP
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\FDZXZD7B.DAT
2009-08-21 12:06 155,995 a------- c:\windows\java\packages\YPZZ13X7.ZIP
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\TBJJJFPN.DAT
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\MI8WJXB1.DAT
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\1JJF9JD3.DAT
2009-08-21 12:03 21,812 a------- c:\windows\system32\emptyregdb.dat
2009-07-03 18:59 915,456 -------- c:\windows\system32\wininet.dll
2001-11-23 06:08 712,704 a------- c:\windows\inf\other\AUDIO3D.DLL
============= FINISH: 17:40:31,38 ===============
2. Výpis z DDS:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 21.8.2009 12:09:37
System Uptime: 18.9.2009 11:01:58 (6 hours ago)
Motherboard: ECS | | M848A
Processor: AMD Sempron(tm) 2200+ | Slot-1 | 1499/166mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 9,842 GiB free.
D: is FIXED (NTFS) - 78 GiB total, 14,555 GiB free.
E: is FIXED (NTFS) - 135 GiB total, 92,58 GiB free.
F: is CDROM (UDF)
G: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID:
Description: USB Device
Device ID: USB\VID_093A&PID_2600\5&2EDBB793&0&2
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_093A&PID_2600\5&2EDBB793&0&2
Service:
==== System Restore Points ===================
RP1: 21.8.2009 12:11:53 - Kontrolní bod systému
RP2: 21.8.2009 12:19:34 - Nainstalováno Windows Installer KB893803v2.
RP3: 21.8.2009 12:22:48 - Ovladače rozhraní DirectX
RP4: 21.8.2009 13:59:24 - Nainstalováno Windows XP Service Pack 2.
RP5: 21.8.2009 14:33:34 - Instalováno ePhoneTools
RP6: 21.8.2009 14:33:40 - Je nainstalován ovladač tiskárny CAPTURE FAX BVRP
RP7: 21.8.2009 14:42:15 - Installed Windows Media Format 9 Series Runtime Setup
RP8: 21.8.2009 15:09:41 - Nainstalováno: Microsoft Office Professional Edition 2003
RP9: 21.8.2009 15:46:27 - Nainstalováno: Opera 9.64
RP10: 21.8.2009 17:30:52 - Installed Windows Media Format Runtime
RP11: 21.8.2009 18:19:08 - SPTD setup V1.58
RP12: 21.8.2009 19:12:06 - Installed Stubbs The Zombie
RP13: 23.8.2009 22:33:38 - Installed Stubbs The Zombie
RP14: 23.8.2009 14:21:54 - Nainstalováno rozhraní DirectX
RP15: 23.8.2009 22:33:40 - Installed Java(TM) 6 Update 15
RP16: 25.8.2009 16:33:53 - Instalováno PC VGA Camera
RP17: 25.8.2009 21:38:46 - Installed Windows XP WIC.
RP18: 25.8.2009 21:38:59 - Nainstalováno Windows XP KB932716-v2.
RP19: 25.8.2009 21:40:15 - Installed Print Creations
RP20: 25.8.2009 21:41:44 - Installed Connect Service
RP21: 27.8.2009 18:03:12 - Kontrolní bod systému
RP22: 29.8.2009 11:40:47 - Kontrolní bod systému
RP23: 31.8.2009 13:42:49 - Kontrolní bod systému
RP24: 1.9.2009 14:38:02 - Kontrolní bod systému
RP25: 2.9.2009 15:26:39 - Kontrolní bod systému
RP26: 3.9.2009 21:08:36 - Kontrolní bod systému
RP27: 5.9.2009 9:25:58 - Kontrolní bod systému
RP28: 6.9.2009 18:26:05 - Kontrolní bod systému
RP29: 7.9.2009 18:42:38 - Kontrolní bod systému
RP30: 8.9.2009 19:15:00 - Kontrolní bod systému
RP31: 9.9.2009 19:17:27 - Kontrolní bod systému
RP32: 10.9.2009 19:29:25 - Kontrolní bod systému
RP33: 12.9.2009 18:49:15 - Kontrolní bod systému
RP34: 14.9.2009 17:14:37 - Kontrolní bod systému
RP35: 15.9.2009 6:56:48 - Software Distribution Service 3.0
RP36: 15.9.2009 7:02:42 - Byla nainstalována aplikace Windows Internet Explorer 8.
RP37: 15.9.2009 7:03:15 - Software Distribution Service 3.0
RP38: 16.9.2009 8:15:56 - Kontrolní bod systému
RP39: 17.9.2009 11:20:23 - Kontrolní bod systému
RP40: 18.9.2009 12:07:54 - Kontrolní bod systému
==== Installed Programs ======================
7-Zip 4.65
ABBYY FineReader 5.0 Sprint
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Ahead InCD
Aktualizace systému Windows Internet Explorer 8 (KB973874)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)
Antivirový systém NOD32
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ATI Display Driver
ATI HYDRAVISION
C-Media 3D Audio
CCScore
Counter-Strike: Condition Zero
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
FaxTools
Google Chrome
HijackThis 2.0.2
ICQ Toolbar
ICQ6.5
Java(TM) 6 Update 15
Lexmark 1200 Series
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Multimedia keyboard driver Ver1.07
Need for Speed™ Carbon
Nero OEM
NeroVision Express
netbrdg
NOD32 FiX v1.5
OfotoXMI
Opera 9.64
Oprava Hotfix systému Windows XP (KB932716-v2)
PC VGA Camera
Picasa 3
Seznam Lištička 2 (Všichni uživatelé tohoto počítače.)
SFR
SHASTA
skin0001
SKINXSDK
Softarová utilita ATI - Odinstalovat
Software Kodak EasyShare
Star Downloader Free
staticcr
Steam
Total Commander (Remove or Repair)
VLC media player 1.0.1
VPRINTOL
WebFldrs XP
Winamp
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Service Pack 2
WIRELESS
==== End Of File ===========================
a combofix:
ComboFix 09-09-17.04 - Michal 18.09.2009 17:33.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.661 [GMT 2:00]
Spuštěný z: c:\documents and settings\Michal\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1297331203-1626801470-3567549963-1000
c:\docume~1\Michal\LOCALS~1\Temp\install_flash_player.exe
c:\documents and settings\Michal\mhotkey .exe
c:\documents and settings\Michal\paselhs.exe
c:\documents and settings\Michal\rundll32 cmicnfg .exe
c:\windows\Installer\22ae1.msi
c:\windows\msa.exe
c:\windows\sisusbrg .exe
c:\windows\system32\ctfmon .exe
c:\windows\system32\kr_done1
c:\windows\system32\mhotkey .exe
c:\windows\system32\msxml71.dll
c:\windows\system32\nerocheck .exe
c:\windows\system32\rundll32 cmicnfg .exe
c:\windows\system32\wdnf.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-18 do 2009-09-18 )))))))))))))))))))))))))))))))
.
2009-09-18 15:26 . 2009-09-18 15:26 -------- d--h--w- c:\windows\PIF
2009-09-17 12:32 . 2001-08-17 20:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-09-17 12:32 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-09-15 12:57 . 2009-09-15 12:57 -------- d-sh--w- c:\documents and settings\Michal\PrivacIE
2009-09-15 05:07 . 2009-09-15 05:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-15 05:07 . 2009-09-15 05:07 -------- d-sh--w- c:\documents and settings\Michal\IETldCache
2009-09-15 05:03 . 2009-09-15 05:03 -------- d-----w- c:\windows\ie8updates
2009-09-15 05:03 . 2009-09-15 05:03 -------- d--h--w- c:\windows\msdownld.tmp
2009-09-15 05:02 . 2009-09-15 05:03 -------- dc-h--w- c:\windows\ie8
2009-09-15 05:02 . 2009-09-15 05:02 -------- d-----w- c:\windows\system32\cs-CZ
2009-09-15 04:52 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-09-15 04:51 . 2009-07-03 16:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-15 04:51 . 2009-07-03 16:59 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-15 04:51 . 2009-07-03 16:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-09-15 04:51 . 2009-07-03 16:59 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-15 04:51 . 2009-07-03 16:59 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-07 04:38 . 2009-09-07 04:38 -------- d-----w- c:\windows\system32\LogFiles
2009-09-07 04:31 . 2009-09-15 05:07 26112 ----a-w- c:\windows\system32\mhotkey.exe
2009-09-06 17:28 . 2009-09-18 09:03 26112 ----a-w- c:\documents and settings\Michal\mhotkey.exe
2009-09-06 16:53 . 2009-09-06 16:53 -------- d-----w- c:\documents and settings\Michal\.ultramixer
2009-08-30 12:43 . 2009-08-30 12:43 -------- d-----w- C:\Valve
2009-08-28 13:34 . 2009-08-28 13:34 -------- d-----w- c:\program files\Google
2009-08-26 10:53 . 2009-08-26 10:53 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\ArcSoft
2009-08-25 19:40 . 2009-08-25 19:40 -------- dc----w- c:\windows\system32\DRVSTORE
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\Kodak
2009-08-25 19:39 . 2009-08-25 19:39 -------- d-----w- c:\program files\Common Files\Kodak
2009-08-25 19:38 . 2009-09-15 05:03 -------- d--h--w- c:\windows\$hf_mig$
2009-08-25 19:38 . 2008-05-02 13:32 464384 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2009-08-25 19:38 . 2008-05-02 13:32 464384 ------w- c:\windows\system32\imapi2fs.dll
2009-08-25 19:38 . 2008-05-02 13:32 317440 -c----w- c:\windows\system32\dllcache\imapi2.dll
2009-08-25 19:38 . 2008-05-02 13:32 317440 ------w- c:\windows\system32\imapi2.dll
2009-08-25 19:38 . 2008-05-02 09:05 62592 -c----w- c:\windows\system32\dllcache\cdrom.sys
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\windows\PAC7311
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PXIINST64
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PXIINST
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PAC7311
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\PC Camera
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\windows\Downloaded Installations
2009-08-23 21:14 . 2009-08-23 21:14 -------- d-----w- c:\windows\Sun
2009-08-23 20:34 . 2009-08-23 20:33 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-23 20:33 . 2009-08-23 20:33 -------- d-----w- c:\program files\Java
2009-08-23 12:22 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-08-22 09:27 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-08-21 17:07 . 2009-08-21 17:07 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-21 16:19 . 2009-08-21 16:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-21 13:46 . 2009-08-21 13:46 -------- d-----w- c:\program files\Opera
2009-08-21 13:34 . 2009-08-21 13:34 -------- d-----w- c:\program files\ICQ6Toolbar
2009-08-21 13:15 . 2009-08-21 13:20 -------- d-----w- c:\program files\ICQToolbar
2009-08-21 13:14 . 2009-08-21 13:33 -------- d-----w- c:\program files\ICQ6
2009-08-21 13:12 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-08-21 13:10 . 2009-08-21 13:10 -------- d-----w- c:\program files\Microsoft Works
2009-08-21 13:10 . 2009-08-21 13:11 -------- d-----w- c:\windows\SHELLNEW
2009-08-21 13:09 . 2009-08-21 13:09 -------- d-----w- c:\program files\Microsoft.NET
2009-08-21 13:04 . 2009-09-15 05:06 -------- d-----w- c:\program files\Seznam.cz
2009-08-21 12:55 . 2009-08-21 12:56 -------- d-----w- c:\program files\Eset
2009-08-21 12:55 . 2009-08-21 12:54 270336 ----a-w- c:\windows\system32\imon.dll
2009-08-21 12:55 . 2009-08-21 12:54 502208 ----a-w- c:\windows\system32\drivers\amon.sys
2009-08-21 12:51 . 2009-08-21 12:51 -------- d-----w- C:\totalcmd
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\UC.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\RAR.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKZIP.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\LHA.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\ARJ.PIF
2009-08-21 12:51 . 2009-08-21 12:51 -------- d-----w- c:\program files\KYE
2009-08-21 12:51 . 2002-11-06 13:14 4282 ----a-w- c:\windows\NT4_98.reg
2009-08-21 12:51 . 2002-11-06 08:15 4264 ----a-w- c:\windows\MeXP.reg
2009-08-21 12:51 . 2001-07-02 18:36 24576 ----a-w- c:\windows\HKNTDLL.dll
2009-08-21 12:49 . 2002-11-06 15:51 4303 ----a-w- c:\windows\XP.reg
2009-08-21 12:49 . 2002-11-06 15:50 4315 ----a-w- c:\windows\Me.reg
2009-08-21 12:49 . 2002-11-06 15:50 4327 ----a-w- c:\windows\98.reg
2009-08-21 12:49 . 2002-11-06 08:15 4280 ----a-w- c:\windows\2K.reg
2009-08-21 12:49 . 2002-07-05 14:37 491008 ----a-w- c:\windows\mHotkey.exe
2009-08-21 12:49 . 2001-09-06 18:45 233472 ----a-w- c:\windows\InstIt.exe
2009-08-21 12:46 . 2003-07-10 08:27 1261568 ------w- c:\windows\NuNinst.exe
2009-08-21 12:45 . 2003-08-07 07:36 5264 ------w- c:\windows\system32\drivers\incdrec.sys
2009-08-21 12:45 . 2003-08-07 07:28 28464 ------w- c:\windows\system32\drivers\incdpass.sys
2009-08-21 12:45 . 2003-08-07 07:26 87872 ------w- c:\windows\system32\drivers\incdfs.sys
2009-08-21 12:45 . 2009-08-21 12:45 -------- d-----w- c:\windows\InCD
2009-08-21 12:44 . 2003-10-13 09:56 1302528 ------w- c:\windows\UNNeroVision.exe
2009-08-21 12:40 . 2001-06-26 06:15 38912 ----a-r- c:\windows\system32\picn20.dll
2009-08-21 12:40 . 2001-07-06 12:41 569344 ----a-r- c:\windows\system32\imagr5.dll
2009-08-21 12:40 . 2001-07-06 10:44 544768 ----a-r- c:\windows\system32\imagx5.dll
2009-08-21 12:40 . 2001-07-06 16:24 283920 ----a-r- c:\windows\system32\ImagXpr5.dll
2009-08-21 12:40 . 2009-09-18 09:03 26112 ----a-w- c:\windows\system32\nerocheck.exe
2009-08-21 12:40 . 2009-08-21 12:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-08-21 12:40 . 2009-08-21 12:45 -------- d-----w- c:\program files\Ahead
2009-08-21 12:35 . 2009-09-03 20:04 -------- d-----w- C:\temp
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\ABBYY FineReader 5.0 Sprint
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\ABBYY FineReader 6.0
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\FaxTools
2009-08-21 12:31 . 2004-08-03 21:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-08-21 12:31 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-08-21 12:08 . 2009-08-21 12:08 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2009-08-21 12:08 . 2009-08-23 20:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-08-21 12:01 . 2009-08-21 12:01 -------- d-----w- c:\windows\ServicePackFiles
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-18 09:03 . 2009-08-21 10:15 26112 ----a-w- c:\windows\sisusbrg.exe
2009-09-09 18:58 . 2002-09-23 12:00 69926 ----a-w- c:\windows\system32\perfc005.dat
2009-09-09 18:58 . 2002-09-23 12:00 392918 ----a-w- c:\windows\system32\perfh005.dat
2009-08-25 19:41 . 2009-08-21 10:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-21 12:32 . 2009-08-21 12:32 -------- d-----w- c:\program files\Lexmark 1200 Series
2009-08-21 10:19 . 2009-08-21 10:18 -------- d-----w- c:\program files\ATI Technologies
2009-08-21 10:18 . 2009-08-21 10:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-21 10:16 . 2009-08-21 10:16 -------- d-----w- c:\program files\C-Media 3D Audio
2009-08-21 10:06 . 2009-08-21 10:06 -------- d-----w- c:\program files\microsoft frontpage
2009-08-21 10:03 . 2009-08-21 10:03 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-03 16:59 . 2002-09-23 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
.
------- Sigcheck -------
[7] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 14848 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2002-09-23 . 32F7074BAC9A5F899CCA9C046C9FA6EB . 11776 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 110592 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
[-] 2002-09-23 . F4D2C4AF666E0224E961AA744A1B47E3 . 101376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe
[7] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 58880 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
[-] 2002-09-23 . FBD651B9CF8F5297F86961843D6F1BAB . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 17408 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2002-09-23 . 329945887A0C684C38A4845330BC9100 . 12800 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2002-09-23 . FF8857D1AF59071F172C0FAD0FD33E87 . 516608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2004-08-17 . B24BC42C5C026FD20D6AB4B9757EE4C5 . 1035264 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Steam"="c:\valve\Steam\Steam.exe" [2003-11-11 1081344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2009-09-18 26112]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2009-09-18 26112]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2009-09-18 26112]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-08-21 917504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-23 149280]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-09-18 26112]
"CHotkey"="mHotkey.exe" - c:\windows\system32\mhotkey.exe [2009-09-15 26112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Software Kodak EasyShare.lnk - c:\documents and settings\All Users\Plocha\Kodak EasyShare software\bin\EasyShare.exe [2009-7-10 323584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"LCgsCNsQdPGQOI"= {A48E2A5D-0E24-80F7-7071-7A4A9BDD1800} - c:\windows\system32\tljrie.dll [2004-08-17 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Documents and Settings\\All Users\\Plocha\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"d:\\Valve\\Condition Zero\\czero.exe"=
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [21.8.2009 15:34 222968]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout Star Downloaderem - d:\program files\Star Downloader\sdie.htm
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
LSP: imon.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-wdnf - c:\windows\system32\wdnf.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-18 17:38
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(536)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(604)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2009-09-18 17:39
ComboFix-quarantined-files.txt 2009-09-18 15:39
Před spuštěním: 8 152 547 328
Po spuštění: Volných bajtů: 10 547 826 688
234
DDS (Ver_09-07-30.01) - NTFSx86
Run by Michal at 17:40:21,27 on pá 18.09.2009
Internet Explorer: 8.0.6001.18702
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.657 [GMT 2:00]
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
============== Running Processes ===============
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
D:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Ahead\InCD\InCD .exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Michal\Plocha\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.seznam.cz/
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
BHO: XTTBPos00 Class: {055fd26d-3a88-4e15-963d-dc8493744b1d} - c:\progra~1\icqtoo~1\toolbaru.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Lištička: {ea837f48-5ad1-443e-ae34-ffe03cbf3099} - c:\program files\seznam.cz\listicka.dll
BHO: : {fffffef0-5b30-21d4-945d-000000000000} - d:\progra~1\stardo~1\SDIEInt.dll
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [Steam] c:\valve\steam\Steam.exe -silent
mRun: [SiSUSBRG] c:\windows\SiSUSBrg.exe
mRun: [Lexmark 1200 Series] "c:\program files\lexmark 1200 series\lxczbmgr.exe"
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [InCD] c:\program files\ahead\incd\InCD.exe
mRun: [CHotkey] mHotkey.exe
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\softwa~1.lnk - c:\documents and settings\all users\plocha\kodak easyshare software\bin\EasyShare.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Stáhnout Star Downloaderem - d:\program files\star downloader\sdie.htm
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\seznam.cz\listicka.dll
IE: {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - c:\program files\seznam.cz\listicka.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: imon.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: LCgsCNsQdPGQOI - {A48E2A5D-0E24-80F7-7071-7A4A9BDD1800} - c:\windows\system32\tljrie.dll
============= SERVICES / DRIVERS ===============
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2009-8-21 222968]
R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2009-8-21 495616]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2002-9-23 69120]
=============== Created Last 30 ================
2009-09-18 17:32 229,888 a------- c:\windows\PEV.exe
2009-09-18 17:32 161,792 a------- c:\windows\SWREG.exe
2009-09-18 17:32 98,816 a------- c:\windows\sed.exe
2009-09-18 17:31 <DIR> --d----- C:\ComboFix
2009-09-18 17:26 <DIR> --d-h--- c:\windows\PIF
2009-09-17 14:32 9,600 ac------ c:\windows\system32\dllcache\hidusb.sys
2009-09-17 14:32 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-09-15 14:57 <DIR> --dsh--- c:\documents and settings\michal\PrivacIE
2009-09-15 07:07 <DIR> --dsh--- c:\documents and settings\michal\IETldCache
2009-09-15 07:03 <DIR> --d----- c:\windows\ie8updates
2009-09-15 07:03 <DIR> --d-h--- c:\windows\msdownld.tmp
2009-09-15 07:02 <DIR> -cd-h--- c:\windows\ie8
2009-09-15 07:02 <DIR> --d----- c:\windows\system32\cs-CZ
2009-09-15 06:52 100,352 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-09-15 06:51 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-15 06:51 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-09-15 06:51 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-09-15 06:51 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-09-15 06:51 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll
2009-09-09 20:58 3,428 a------- c:\windows\system32\wbem\Outlook_01ca317f8874b33c.mof
2009-09-07 06:38 <DIR> --d----- c:\windows\system32\LogFiles
2009-09-07 06:31 26,112 a------- c:\windows\system32\mhotkey.exe
2009-09-07 06:31 26,112 a------- c:\windows\system32\rundll32 cmicnfg.cpl,cmictrlwnd
2009-09-06 19:28 26,112 a------- c:\documents and settings\michal\mhotkey.exe
2009-09-06 18:53 <DIR> --d----- c:\documents and settings\michal\.ultramixer
2009-08-30 14:43 <DIR> --d----- C:\Valve
2009-08-26 12:53 43,520 a------- c:\windows\system32\CmdLineExt03.dll
2009-08-25 21:46 <DIR> --d----- c:\docume~1\michal\dataap~1\Skinux
2009-08-25 21:40 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\ArcSoft
2009-08-25 21:40 <DIR> --d----- c:\program files\Kodak
2009-08-25 21:39 <DIR> --d----- c:\program files\common files\Kodak
2009-08-25 21:38 <DIR> --d-h--- c:\windows\$hf_mig$
2009-08-25 21:38 464,384 -c------ c:\windows\system32\dllcache\imapi2fs.dll
2009-08-25 21:38 317,440 -c------ c:\windows\system32\dllcache\imapi2.dll
2009-08-25 21:38 62,592 -c------ c:\windows\system32\dllcache\cdrom.sys
2009-08-25 21:38 464,384 -------- c:\windows\system32\imapi2fs.dll
2009-08-25 21:38 317,440 -------- c:\windows\system32\imapi2.dll
2009-08-25 19:30 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\Kodak
2009-08-25 16:33 <DIR> --d----- c:\windows\PAC7311
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PXIINST64
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PXIINST
2009-08-25 16:33 <DIR> --d----- c:\program files\PC Camera
2009-08-25 16:33 <DIR> --d----- c:\program files\common files\PAC7311
2009-08-25 16:33 <DIR> --d----- c:\windows\Downloaded Installations
2009-08-23 22:34 411,368 a------- c:\windows\system32\deploytk.dll
2009-08-23 22:34 73,728 a------- c:\windows\system32\javacpl.cpl
2009-08-23 14:29 0 a------- c:\windows\NFS
2009-08-23 14:22 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
2009-08-22 11:27 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys
2009-08-21 19:07 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\DAEMON Tools Lite
2009-08-21 19:07 <DIR> --d----- c:\program files\DAEMON Tools Toolbar
2009-08-21 18:19 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-08-21 18:19 <DIR> --d----- c:\docume~1\michal\dataap~1\DAEMON Tools Lite
2009-08-21 15:34 <DIR> --d----- c:\program files\ICQ6Toolbar
2009-08-21 15:34 <DIR> --d----- c:\docume~1\alluse~1\dataap~1\ICQ
2009-08-21 15:20 <DIR> --d----- c:\docume~1\michal\dataap~1\ICQ Toolbar
2009-08-21 15:15 <DIR> --d----- c:\program files\ICQToolbar
2009-08-21 15:14 <DIR> --d----- c:\program files\ICQ6
2009-08-21 15:12 390 a------- c:\windows\ODBC.INI
2009-08-21 15:12 17,920 a------- c:\windows\system32\mdimon.dll
2009-08-21 15:10 <DIR> --d----- c:\windows\SHELLNEW
2009-08-21 15:04 <DIR> --d----- c:\program files\Seznam.cz
2009-08-21 14:55 502,208 a------- c:\windows\system32\drivers\amon.sys
2009-08-21 14:55 270,336 a------- c:\windows\system32\imon.dll
2009-08-21 14:55 <DIR> --d----- c:\program files\Eset
2009-08-21 14:51 <DIR> --d----- c:\program files\KYE
2009-08-21 14:49 491,008 a------- c:\windows\mHotkey.exe
2009-08-21 14:49 233,472 a------- c:\windows\InstIt.exe
2009-08-21 14:49 4,327 a------- c:\windows\98.reg
2009-08-21 14:49 4,315 a------- c:\windows\Me.reg
2009-08-21 14:49 4,303 a------- c:\windows\XP.reg
2009-08-21 14:49 4,280 a------- c:\windows\2K.reg
2009-08-21 14:49 491 a------- c:\windows\Instit.ini
2009-08-21 14:46 1,261,568 -------- c:\windows\NuNinst.exe
2009-08-21 14:46 46,484 -------- c:\windows\NuNinst.cfg
2009-08-21 14:45 87,872 -------- c:\windows\system32\drivers\incdfs.sys
2009-08-21 14:45 28,464 -------- c:\windows\system32\drivers\incdpass.sys
2009-08-21 14:45 5,264 -------- c:\windows\system32\drivers\incdrec.sys
2009-08-21 14:45 <DIR> --d----- c:\windows\InCD
2009-08-21 14:44 <DIR> --d----- c:\docume~1\michal\dataap~1\NeroVision
2009-08-21 14:44 89,802 -------- c:\windows\UNNeroVision.cfg
2009-08-21 14:44 1,302,528 -------- c:\windows\UNNeroVision.exe
2009-08-21 14:40 38,912 a----r-- c:\windows\system32\picn20.dll
2009-08-21 14:40 569,344 a----r-- c:\windows\system32\imagr5.dll
2009-08-21 14:40 544,768 a----r-- c:\windows\system32\imagx5.dll
2009-08-21 14:40 283,920 a----r-- c:\windows\system32\ImagXpr5.dll
2009-08-21 14:40 26,112 a------- c:\windows\system32\nerocheck.exe
2009-08-21 14:35 <DIR> --d----- C:\temp
2009-08-21 14:33 <DIR> --d----- c:\program files\ABBYY FineReader 6.0
2009-08-21 14:33 <DIR> --d----- c:\program files\ABBYY FineReader 5.0 Sprint
2009-08-21 14:33 <DIR> --d----- c:\program files\FaxTools
2009-08-21 14:32 <DIR> --d----- c:\program files\Lexmark 1200 Series
2009-08-21 14:31 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys
2009-08-21 14:31 25,856 a------- c:\windows\system32\drivers\usbprint.sys
2009-08-21 14:08 <DIR> --d----- c:\windows\system32\wbem\AutoRecover
2009-08-21 14:01 <DIR> --d----- c:\windows\ServicePackFiles
2009-08-21 13:59 19,528 a------- c:\windows\002406_.tmp
2009-08-21 13:59 3,072 a------- c:\windows\system32\drivers\audstub.sys
2009-08-21 13:59 58,240 a------- c:\windows\system32\drivers\redbook.sys
2009-08-21 13:59 26,144 a------- c:\windows\system32\spupdsvc.exe
2009-08-21 13:58 <DIR> --d----- c:\program files\common files\ODBC
2009-08-21 13:58 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-08-21 13:57 19,456 ac------ c:\windows\system32\dllcache\agt041f.dll
2009-08-21 13:57 <DIR> --d-h--- c:\documents and settings\all users\Šablony
2009-08-21 13:57 <DIR> --d--r-- c:\documents and settings\all users\Nabídka Start
2009-08-21 13:57 <DIR> --d--r-- c:\documents and settings\all users\Dokumenty
2009-08-21 13:57 <DIR> --d----- c:\documents and settings\all users\Plocha
2009-08-21 13:57 <DIR> --d----- c:\documents and settings\all users\Oblíbené položky
2009-08-21 13:57 <DIR> --d-hr-- c:\documents and settings\all users\Data aplikací
2009-08-21 13:56 261 a------- c:\windows\system32\$winnt$.inf
2009-08-21 12:32 <DIR> --ds---- c:\documents and settings\michal\UserData
2009-08-21 12:18 <DIR> --d----- c:\program files\ATI Technologies
2009-08-21 12:16 <DIR> --d----- c:\program files\C-Media 3D Audio
2009-08-21 12:14 <DIR> --d----- c:\documents and settings\michal\WINDOWS
2009-08-21 12:11 <DIR> --d-hr-- c:\documents and settings\michal\Data aplikací
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Okolní tiskárny
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Okolní síť
2009-08-21 12:11 <DIR> --d-h--- c:\documents and settings\michal\Šablony
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Oblíbené položky
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Nabídka Start
2009-08-21 12:11 <DIR> --d--r-- c:\documents and settings\michal\Dokumenty
2009-08-21 12:11 <DIR> --d----- c:\documents and settings\michal\Plocha
2009-08-21 12:05 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-08-21 12:04 <DIR> --d----- c:\program files\common files\MSSoap
2009-08-21 12:03 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-08-21 12:03 <DIR> --d----- c:\program files\Online Services
2009-08-21 12:03 <DIR> --d----- c:\program files\Messenger
2009-08-21 12:02 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-08-21 12:02 <DIR> --d----- c:\program files\Windows NT
==================== Find3M ====================
2009-09-18 11:03 26,112 a------- c:\windows\sisusbrg.exe
2009-09-09 20:58 392,918 a------- c:\windows\system32\perfh005.dat
2009-09-09 20:58 69,926 a------- c:\windows\system32\perfc005.dat
2009-08-21 14:04 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-08-21 14:04 2,724 a------- c:\windows\pchealth\helpctr\packagestore\SkuStore.bin
2009-08-21 14:03 8,972 a------- c:\windows\pchealth\helpctr\config\Cntstore.bin
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\FBN5R9JT.DAT
2009-08-21 12:06 558,142 a------- c:\windows\java\packages\BZZLBZJV.ZIP
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\FDZXZD7B.DAT
2009-08-21 12:06 155,995 a------- c:\windows\java\packages\YPZZ13X7.ZIP
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\TBJJJFPN.DAT
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\MI8WJXB1.DAT
2009-08-21 12:06 2,678 a------- c:\windows\java\packages\data\1JJF9JD3.DAT
2009-08-21 12:03 21,812 a------- c:\windows\system32\emptyregdb.dat
2009-07-03 18:59 915,456 -------- c:\windows\system32\wininet.dll
2001-11-23 06:08 712,704 a------- c:\windows\inf\other\AUDIO3D.DLL
============= FINISH: 17:40:31,38 ===============
2. Výpis z DDS:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Systém Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 21.8.2009 12:09:37
System Uptime: 18.9.2009 11:01:58 (6 hours ago)
Motherboard: ECS | | M848A
Processor: AMD Sempron(tm) 2200+ | Slot-1 | 1499/166mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 9,842 GiB free.
D: is FIXED (NTFS) - 78 GiB total, 14,555 GiB free.
E: is FIXED (NTFS) - 135 GiB total, 92,58 GiB free.
F: is CDROM (UDF)
G: is CDROM ()
==== Disabled Device Manager Items =============
Class GUID:
Description: USB Device
Device ID: USB\VID_093A&PID_2600\5&2EDBB793&0&2
Manufacturer:
Name: USB Device
PNP Device ID: USB\VID_093A&PID_2600\5&2EDBB793&0&2
Service:
==== System Restore Points ===================
RP1: 21.8.2009 12:11:53 - Kontrolní bod systému
RP2: 21.8.2009 12:19:34 - Nainstalováno Windows Installer KB893803v2.
RP3: 21.8.2009 12:22:48 - Ovladače rozhraní DirectX
RP4: 21.8.2009 13:59:24 - Nainstalováno Windows XP Service Pack 2.
RP5: 21.8.2009 14:33:34 - Instalováno ePhoneTools
RP6: 21.8.2009 14:33:40 - Je nainstalován ovladač tiskárny CAPTURE FAX BVRP
RP7: 21.8.2009 14:42:15 - Installed Windows Media Format 9 Series Runtime Setup
RP8: 21.8.2009 15:09:41 - Nainstalováno: Microsoft Office Professional Edition 2003
RP9: 21.8.2009 15:46:27 - Nainstalováno: Opera 9.64
RP10: 21.8.2009 17:30:52 - Installed Windows Media Format Runtime
RP11: 21.8.2009 18:19:08 - SPTD setup V1.58
RP12: 21.8.2009 19:12:06 - Installed Stubbs The Zombie
RP13: 23.8.2009 22:33:38 - Installed Stubbs The Zombie
RP14: 23.8.2009 14:21:54 - Nainstalováno rozhraní DirectX
RP15: 23.8.2009 22:33:40 - Installed Java(TM) 6 Update 15
RP16: 25.8.2009 16:33:53 - Instalováno PC VGA Camera
RP17: 25.8.2009 21:38:46 - Installed Windows XP WIC.
RP18: 25.8.2009 21:38:59 - Nainstalováno Windows XP KB932716-v2.
RP19: 25.8.2009 21:40:15 - Installed Print Creations
RP20: 25.8.2009 21:41:44 - Installed Connect Service
RP21: 27.8.2009 18:03:12 - Kontrolní bod systému
RP22: 29.8.2009 11:40:47 - Kontrolní bod systému
RP23: 31.8.2009 13:42:49 - Kontrolní bod systému
RP24: 1.9.2009 14:38:02 - Kontrolní bod systému
RP25: 2.9.2009 15:26:39 - Kontrolní bod systému
RP26: 3.9.2009 21:08:36 - Kontrolní bod systému
RP27: 5.9.2009 9:25:58 - Kontrolní bod systému
RP28: 6.9.2009 18:26:05 - Kontrolní bod systému
RP29: 7.9.2009 18:42:38 - Kontrolní bod systému
RP30: 8.9.2009 19:15:00 - Kontrolní bod systému
RP31: 9.9.2009 19:17:27 - Kontrolní bod systému
RP32: 10.9.2009 19:29:25 - Kontrolní bod systému
RP33: 12.9.2009 18:49:15 - Kontrolní bod systému
RP34: 14.9.2009 17:14:37 - Kontrolní bod systému
RP35: 15.9.2009 6:56:48 - Software Distribution Service 3.0
RP36: 15.9.2009 7:02:42 - Byla nainstalována aplikace Windows Internet Explorer 8.
RP37: 15.9.2009 7:03:15 - Software Distribution Service 3.0
RP38: 16.9.2009 8:15:56 - Kontrolní bod systému
RP39: 17.9.2009 11:20:23 - Kontrolní bod systému
RP40: 18.9.2009 12:07:54 - Kontrolní bod systému
==== Installed Programs ======================
7-Zip 4.65
ABBYY FineReader 5.0 Sprint
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Ahead InCD
Aktualizace systému Windows Internet Explorer 8 (KB973874)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)
Antivirový systém NOD32
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ATI Display Driver
ATI HYDRAVISION
C-Media 3D Audio
CCScore
Counter-Strike: Condition Zero
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
FaxTools
Google Chrome
HijackThis 2.0.2
ICQ Toolbar
ICQ6.5
Java(TM) 6 Update 15
Lexmark 1200 Series
Microsoft .NET Framework 2.0
Microsoft Office Professional Edition 2003
Multimedia keyboard driver Ver1.07
Need for Speed™ Carbon
Nero OEM
NeroVision Express
netbrdg
NOD32 FiX v1.5
OfotoXMI
Opera 9.64
Oprava Hotfix systému Windows XP (KB932716-v2)
PC VGA Camera
Picasa 3
Seznam Lištička 2 (Všichni uživatelé tohoto počítače.)
SFR
SHASTA
skin0001
SKINXSDK
Softarová utilita ATI - Odinstalovat
Software Kodak EasyShare
Star Downloader Free
staticcr
Steam
Total Commander (Remove or Repair)
VLC media player 1.0.1
VPRINTOL
WebFldrs XP
Winamp
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Media Format Runtime
Windows XP Service Pack 2
WIRELESS
==== End Of File ===========================
a combofix:
ComboFix 09-09-17.04 - Michal 18.09.2009 17:33.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.661 [GMT 2:00]
Spuštěný z: c:\documents and settings\Michal\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1297331203-1626801470-3567549963-1000
c:\docume~1\Michal\LOCALS~1\Temp\install_flash_player.exe
c:\documents and settings\Michal\mhotkey .exe
c:\documents and settings\Michal\paselhs.exe
c:\documents and settings\Michal\rundll32 cmicnfg .exe
c:\windows\Installer\22ae1.msi
c:\windows\msa.exe
c:\windows\sisusbrg .exe
c:\windows\system32\ctfmon .exe
c:\windows\system32\kr_done1
c:\windows\system32\mhotkey .exe
c:\windows\system32\msxml71.dll
c:\windows\system32\nerocheck .exe
c:\windows\system32\rundll32 cmicnfg .exe
c:\windows\system32\wdnf.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-18 do 2009-09-18 )))))))))))))))))))))))))))))))
.
2009-09-18 15:26 . 2009-09-18 15:26 -------- d--h--w- c:\windows\PIF
2009-09-17 12:32 . 2001-08-17 20:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-09-17 12:32 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-09-15 12:57 . 2009-09-15 12:57 -------- d-sh--w- c:\documents and settings\Michal\PrivacIE
2009-09-15 05:07 . 2009-09-15 05:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2009-09-15 05:07 . 2009-09-15 05:07 -------- d-sh--w- c:\documents and settings\Michal\IETldCache
2009-09-15 05:03 . 2009-09-15 05:03 -------- d-----w- c:\windows\ie8updates
2009-09-15 05:03 . 2009-09-15 05:03 -------- d--h--w- c:\windows\msdownld.tmp
2009-09-15 05:02 . 2009-09-15 05:03 -------- dc-h--w- c:\windows\ie8
2009-09-15 05:02 . 2009-09-15 05:02 -------- d-----w- c:\windows\system32\cs-CZ
2009-09-15 04:52 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-09-15 04:51 . 2009-07-03 16:59 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-15 04:51 . 2009-07-03 16:59 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-15 04:51 . 2009-07-03 16:59 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-09-15 04:51 . 2009-07-03 16:59 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-15 04:51 . 2009-07-03 16:59 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-07 04:38 . 2009-09-07 04:38 -------- d-----w- c:\windows\system32\LogFiles
2009-09-07 04:31 . 2009-09-15 05:07 26112 ----a-w- c:\windows\system32\mhotkey.exe
2009-09-06 17:28 . 2009-09-18 09:03 26112 ----a-w- c:\documents and settings\Michal\mhotkey.exe
2009-09-06 16:53 . 2009-09-06 16:53 -------- d-----w- c:\documents and settings\Michal\.ultramixer
2009-08-30 12:43 . 2009-08-30 12:43 -------- d-----w- C:\Valve
2009-08-28 13:34 . 2009-08-28 13:34 -------- d-----w- c:\program files\Google
2009-08-26 10:53 . 2009-08-26 10:53 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\ArcSoft
2009-08-25 19:40 . 2009-08-25 19:40 -------- dc----w- c:\windows\system32\DRVSTORE
2009-08-25 19:40 . 2009-08-25 19:40 -------- d-----w- c:\program files\Kodak
2009-08-25 19:39 . 2009-08-25 19:39 -------- d-----w- c:\program files\Common Files\Kodak
2009-08-25 19:38 . 2009-09-15 05:03 -------- d--h--w- c:\windows\$hf_mig$
2009-08-25 19:38 . 2008-05-02 13:32 464384 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2009-08-25 19:38 . 2008-05-02 13:32 464384 ------w- c:\windows\system32\imapi2fs.dll
2009-08-25 19:38 . 2008-05-02 13:32 317440 -c----w- c:\windows\system32\dllcache\imapi2.dll
2009-08-25 19:38 . 2008-05-02 13:32 317440 ------w- c:\windows\system32\imapi2.dll
2009-08-25 19:38 . 2008-05-02 09:05 62592 -c----w- c:\windows\system32\dllcache\cdrom.sys
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\windows\PAC7311
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PXIINST64
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PXIINST
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\Common Files\PAC7311
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\program files\PC Camera
2009-08-25 14:33 . 2009-08-25 14:33 -------- d-----w- c:\windows\Downloaded Installations
2009-08-23 21:14 . 2009-08-23 21:14 -------- d-----w- c:\windows\Sun
2009-08-23 20:34 . 2009-08-23 20:33 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-23 20:33 . 2009-08-23 20:33 -------- d-----w- c:\program files\Java
2009-08-23 12:22 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-08-22 09:27 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-08-21 17:07 . 2009-08-21 17:07 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-21 16:19 . 2009-08-21 16:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-21 13:46 . 2009-08-21 13:46 -------- d-----w- c:\program files\Opera
2009-08-21 13:34 . 2009-08-21 13:34 -------- d-----w- c:\program files\ICQ6Toolbar
2009-08-21 13:15 . 2009-08-21 13:20 -------- d-----w- c:\program files\ICQToolbar
2009-08-21 13:14 . 2009-08-21 13:33 -------- d-----w- c:\program files\ICQ6
2009-08-21 13:12 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2009-08-21 13:10 . 2009-08-21 13:10 -------- d-----w- c:\program files\Microsoft Works
2009-08-21 13:10 . 2009-08-21 13:11 -------- d-----w- c:\windows\SHELLNEW
2009-08-21 13:09 . 2009-08-21 13:09 -------- d-----w- c:\program files\Microsoft.NET
2009-08-21 13:04 . 2009-09-15 05:06 -------- d-----w- c:\program files\Seznam.cz
2009-08-21 12:55 . 2009-08-21 12:56 -------- d-----w- c:\program files\Eset
2009-08-21 12:55 . 2009-08-21 12:54 270336 ----a-w- c:\windows\system32\imon.dll
2009-08-21 12:55 . 2009-08-21 12:54 502208 ----a-w- c:\windows\system32\drivers\amon.sys
2009-08-21 12:51 . 2009-08-21 12:51 -------- d-----w- C:\totalcmd
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\UC.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\RAR.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKZIP.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\LHA.PIF
2009-08-21 12:51 . 2008-08-08 05:04 545 ----a-w- c:\windows\ARJ.PIF
2009-08-21 12:51 . 2009-08-21 12:51 -------- d-----w- c:\program files\KYE
2009-08-21 12:51 . 2002-11-06 13:14 4282 ----a-w- c:\windows\NT4_98.reg
2009-08-21 12:51 . 2002-11-06 08:15 4264 ----a-w- c:\windows\MeXP.reg
2009-08-21 12:51 . 2001-07-02 18:36 24576 ----a-w- c:\windows\HKNTDLL.dll
2009-08-21 12:49 . 2002-11-06 15:51 4303 ----a-w- c:\windows\XP.reg
2009-08-21 12:49 . 2002-11-06 15:50 4315 ----a-w- c:\windows\Me.reg
2009-08-21 12:49 . 2002-11-06 15:50 4327 ----a-w- c:\windows\98.reg
2009-08-21 12:49 . 2002-11-06 08:15 4280 ----a-w- c:\windows\2K.reg
2009-08-21 12:49 . 2002-07-05 14:37 491008 ----a-w- c:\windows\mHotkey.exe
2009-08-21 12:49 . 2001-09-06 18:45 233472 ----a-w- c:\windows\InstIt.exe
2009-08-21 12:46 . 2003-07-10 08:27 1261568 ------w- c:\windows\NuNinst.exe
2009-08-21 12:45 . 2003-08-07 07:36 5264 ------w- c:\windows\system32\drivers\incdrec.sys
2009-08-21 12:45 . 2003-08-07 07:28 28464 ------w- c:\windows\system32\drivers\incdpass.sys
2009-08-21 12:45 . 2003-08-07 07:26 87872 ------w- c:\windows\system32\drivers\incdfs.sys
2009-08-21 12:45 . 2009-08-21 12:45 -------- d-----w- c:\windows\InCD
2009-08-21 12:44 . 2003-10-13 09:56 1302528 ------w- c:\windows\UNNeroVision.exe
2009-08-21 12:40 . 2001-06-26 06:15 38912 ----a-r- c:\windows\system32\picn20.dll
2009-08-21 12:40 . 2001-07-06 12:41 569344 ----a-r- c:\windows\system32\imagr5.dll
2009-08-21 12:40 . 2001-07-06 10:44 544768 ----a-r- c:\windows\system32\imagx5.dll
2009-08-21 12:40 . 2001-07-06 16:24 283920 ----a-r- c:\windows\system32\ImagXpr5.dll
2009-08-21 12:40 . 2009-09-18 09:03 26112 ----a-w- c:\windows\system32\nerocheck.exe
2009-08-21 12:40 . 2009-08-21 12:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-08-21 12:40 . 2009-08-21 12:45 -------- d-----w- c:\program files\Ahead
2009-08-21 12:35 . 2009-09-03 20:04 -------- d-----w- C:\temp
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\ABBYY FineReader 5.0 Sprint
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\ABBYY FineReader 6.0
2009-08-21 12:33 . 2009-08-21 12:33 -------- d-----w- c:\program files\FaxTools
2009-08-21 12:31 . 2004-08-03 21:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-08-21 12:31 . 2004-08-03 21:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-08-21 12:08 . 2009-08-21 12:08 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2009-08-21 12:08 . 2009-08-23 20:38 -------- d-----w- c:\windows\system32\wbem\AutoRecover
2009-08-21 12:01 . 2009-08-21 12:01 -------- d-----w- c:\windows\ServicePackFiles
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-18 09:03 . 2009-08-21 10:15 26112 ----a-w- c:\windows\sisusbrg.exe
2009-09-09 18:58 . 2002-09-23 12:00 69926 ----a-w- c:\windows\system32\perfc005.dat
2009-09-09 18:58 . 2002-09-23 12:00 392918 ----a-w- c:\windows\system32\perfh005.dat
2009-08-25 19:41 . 2009-08-21 10:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-21 12:32 . 2009-08-21 12:32 -------- d-----w- c:\program files\Lexmark 1200 Series
2009-08-21 10:19 . 2009-08-21 10:18 -------- d-----w- c:\program files\ATI Technologies
2009-08-21 10:18 . 2009-08-21 10:14 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-21 10:16 . 2009-08-21 10:16 -------- d-----w- c:\program files\C-Media 3D Audio
2009-08-21 10:06 . 2009-08-21 10:06 -------- d-----w- c:\program files\microsoft frontpage
2009-08-21 10:03 . 2009-08-21 10:03 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-03 16:59 . 2002-09-23 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
.
------- Sigcheck -------
[7] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 14848 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2002-09-23 . 32F7074BAC9A5F899CCA9C046C9FA6EB . 11776 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\lsass.exe
[7] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 110592 . . [5.1.2600.2180] . . c:\windows\system32\services.exe
[-] 2002-09-23 . F4D2C4AF666E0224E961AA744A1B47E3 . 101376 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\services.exe
[7] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 58880 . . [5.1.2600.2180] . . c:\windows\system32\spoolsv.exe
[-] 2002-09-23 . FBD651B9CF8F5297F86961843D6F1BAB . 51200 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[7] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 17408 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2002-09-23 . 329945887A0C684C38A4845330BC9100 . 12800 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\svchost.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2004-08-17 . D41D8CD98F00B204E9800998ECF8427E . 506368 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2002-09-23 . FF8857D1AF59071F172C0FAD0FD33E87 . 516608 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2004-08-17 . B24BC42C5C026FD20D6AB4B9757EE4C5 . 1035264 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Steam"="c:\valve\Steam\Steam.exe" [2003-11-11 1081344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2009-09-18 26112]
"Lexmark 1200 Series"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2006-07-13 57344]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2009-09-18 26112]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2009-09-18 26112]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-08-21 917504]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-23 149280]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-09-18 26112]
"CHotkey"="mHotkey.exe" - c:\windows\system32\mhotkey.exe [2009-09-15 26112]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Software Kodak EasyShare.lnk - c:\documents and settings\All Users\Plocha\Kodak EasyShare software\bin\EasyShare.exe [2009-7-10 323584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"LCgsCNsQdPGQOI"= {A48E2A5D-0E24-80F7-7071-7A4A9BDD1800} - c:\windows\system32\tljrie.dll [2004-08-17 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Documents and Settings\\All Users\\Plocha\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"d:\\Valve\\Condition Zero\\czero.exe"=
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [21.8.2009 15:34 222968]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout Star Downloaderem - d:\program files\Star Downloader\sdie.htm
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
LSP: imon.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-wdnf - c:\windows\system32\wdnf.exe
HKLM-Run-Cmaudio - cmicnfg.cpl
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-18 17:38
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(536)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(604)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2009-09-18 17:39
ComboFix-quarantined-files.txt 2009-09-18 15:39
Před spuštěním: 8 152 547 328
Po spuštění: Volných bajtů: 10 547 826 688
234
Re: Výpis z HJT + problém s IE
Co mas s tym Nodom, ved ho nedrzia ziadne drivers? 
Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Výpis z HJT + problém s IE
Ehm cože ho nedrží?..
Re: Výpis z HJT + problém s IE
Drivery, ovladace...aspon podla logu.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Re: Výpis z HJT + problém s IE
Malwarebytes' Anti-Malware 1.41
Verze databáze: 2775
Windows 5.1.2600 Service Pack 2
18.9.2009 18:34:57
mbam-log-2009-09-18 (18-34-57).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 207049
Uplynulý čas: 40 minute(s), 58 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 7
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 245
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{a48e2a5d-0e24-80f7-7071-7a4a9bdd1800} (Trojan.Downloader) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sisusbrg (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\NeroCheck.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nerocheck (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\incd (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\arcsoft connection service (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\steam (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lcgscnsqdpgqoi (Trojan.Downloader) -> Quarantined and deleted successfully.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\sisusbrg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NeroCheck.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Ahead\InCD\incd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\acdaemon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michal\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michal\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\mhotkey .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\paselhs.exe.vir (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\rundll32 cmicnfg .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\msa.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\mhotkey .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\rundll32 cmicnfg .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wdnf.exe.vir (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007143.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007145.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007178.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007179.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007180.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007181.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007182.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007188.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007189.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007190.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007191.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007192.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007210.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007211.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007212.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007215.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007216.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007217.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007287.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007244.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007245.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007246.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007247.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007248.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007249.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007263.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007264.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007265.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007266.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007267.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007268.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007273.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007274.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007275.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007276.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007277.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007278.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007290.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007291.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007292.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007293.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007294.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007318.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007314.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007317.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007319.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007320.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007321.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007329.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007330.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007331.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007332.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007333.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007334.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007387.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007360.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007361.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007362.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007363.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007366.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007371.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007373.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007375.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007376.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007389.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007391.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007392.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007408.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007411.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007412.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007413.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007422.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007423.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007424.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007425.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007426.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007427.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007444.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007445.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010448.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010449.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010450.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010454.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010455.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010460.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010461.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010466.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010467.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011460.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011461.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011464.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011465.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011474.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011475.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011478.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011480.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011481.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011486.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011491.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011492.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011493.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010451.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011476.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012486.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012489.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012490.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012491.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012542.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012543.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012544.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012545.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012548.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012549.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012728.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012731.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012732.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012737.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012742.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012745.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012746.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012748.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012755.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012756.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012757.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012759.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012779.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012761.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012776.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012777.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012778.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012782.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013776.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013777.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013778.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013779.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013780.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013807.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013808.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013809.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013810.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013811.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013817.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013818.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013821.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013822.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013823.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013843.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013844.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013845.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013846.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013847.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013862.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013863.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013864.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013865.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013866.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013879.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013880.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013881.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013882.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013883.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014102.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014103.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014104.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014105.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014106.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014119.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014120.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014123.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014124.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014134.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014135.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014136.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014139.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014133.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014193.exe (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014182.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014183.exe (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014184.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014186.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014189.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014192.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Valve\Steam\steam .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Valve\Steam\steam.exe -silent (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tljrie.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Antiviry\Crack.Ultra.Mixer.Professional.2.2.1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Antiviry\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Antiviry\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
Verze databáze: 2775
Windows 5.1.2600 Service Pack 2
18.9.2009 18:34:57
mbam-log-2009-09-18 (18-34-57).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 207049
Uplynulý čas: 40 minute(s), 58 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 7
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 245
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{a48e2a5d-0e24-80f7-7071-7a4a9bdd1800} (Trojan.Downloader) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sisusbrg (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\NeroCheck.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nerocheck (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\incd (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\arcsoft connection service (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\steam (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\lcgscnsqdpgqoi (Trojan.Downloader) -> Quarantined and deleted successfully.
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\sisusbrg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\NeroCheck.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Ahead\InCD\incd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\acdaemon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michal\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Michal\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\mhotkey .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\paselhs.exe.vir (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\Documents and Settings\Michal\rundll32 cmicnfg .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\msa.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\mhotkey .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\rundll32 cmicnfg .exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\wdnf.exe.vir (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007143.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007144.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007145.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007178.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007179.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007180.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007181.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007182.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007188.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007189.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007190.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007191.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007192.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007210.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007211.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007212.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007215.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007216.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP28\A0007217.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007287.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007244.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007245.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007246.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007247.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007248.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007249.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007263.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007264.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007265.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007266.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007267.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007268.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007273.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007274.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007275.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007276.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007277.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007278.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007290.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007291.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007292.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007293.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP29\A0007294.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007318.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007314.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007317.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007319.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007320.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007321.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007329.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007330.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007331.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007332.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007333.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP30\A0007334.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007387.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007360.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007361.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007362.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007363.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007366.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007371.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007373.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007375.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007376.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007377.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007389.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007391.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP31\A0007392.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007408.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007411.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007412.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007413.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007414.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007415.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007422.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007423.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007424.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007425.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007426.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007427.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007444.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0007445.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0008440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP32\A0009440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010438.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010439.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010440.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010441.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010442.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010443.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010448.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010449.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010450.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010454.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010455.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010460.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010461.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010466.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010467.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011460.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011461.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011462.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011463.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011464.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011465.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011474.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011475.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011478.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011480.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011481.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011486.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011491.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011492.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011493.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0010451.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0011476.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012486.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012487.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012488.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012489.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012490.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP33\A0012491.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012542.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012543.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012544.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012545.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012548.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP34\A0012549.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012728.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012731.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012732.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012737.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012742.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012745.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012746.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012748.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012755.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012756.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012757.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012759.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012779.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012761.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012776.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012777.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012778.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP37\A0012782.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013776.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013777.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013778.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013779.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013780.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013807.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013808.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013809.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013810.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013811.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013817.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013818.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013821.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013822.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP38\A0013823.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013843.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013844.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013845.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013846.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013847.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013862.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013863.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013864.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013865.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013866.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013879.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013880.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013881.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013882.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0013883.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014102.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014103.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014104.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014105.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014106.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014119.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014120.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014123.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014124.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014134.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014135.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014136.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014139.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP39\A0014133.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014193.exe (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014182.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014183.exe (Trojan.Spy.Zbot) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014184.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014186.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014189.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0DD75CA3-6BA9-406B-A5F3-50B3C06F043D}\RP40\A0014192.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Valve\Steam\steam .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Valve\Steam\steam.exe -silent (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tljrie.dll (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\system32\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Antiviry\Crack.Ultra.Mixer.Professional.2.2.1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Antiviry\mhotkey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
D:\Antiviry\rundll32 cmicnfg.cpl,cmictrlwnd (Trojan.Downloader) -> Quarantined and deleted successfully.
Re: Výpis z HJT + problém s IE
Nasiel by sa novy log z ComboFixu?
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 67 hostů