Rootkit agent DI

[menyluk]

ComboFix 10-01-21.08 - SONY 2010-01-22 15:32:17.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1582 [GMT 1:00]
Spuštěný z: c:\documents and settings\SONY\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\SONY\Plocha\CFScript.txt
AV: AVG Anti-Virus *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\docume~1\SONY\LOCALS~1\Temp\VG.exe"
"c:\documents and settings\SONY\Data aplikací\Mozilla\Firefox\Profiles\0q6nxs00.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\SONY\Data aplikací\Mozilla\Firefox\Profiles\0q6nxs00.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe

Nakažená kopie c:\windows\system32\drivers\ndis.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\drivers\ndis(2).sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_VG
-------\Service_VG


((((((((((((((((((((((((( Soubory vytvořené od 2009-12-22 do 2010-01-22 )))))))))))))))))))))))))))))))
.

2010-01-20 16:40 . 2010-01-20 16:40 390144 ----a-w- c:\windows\system32\CF23828.exe
2010-01-20 16:38 . 2010-01-20 16:38 390144 ----a-w- c:\windows\system32\CF23511.exe
2010-01-17 20:59 . 2010-01-17 20:59 -------- d-----w- c:\program files\TrendMicro
2010-01-15 00:17 . 2010-01-15 00:17 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2010-01-14 22:21 . 2010-01-14 22:21 390144 ----a-w- c:\windows\system32\CF3479.exe
2010-01-14 22:09 . 2010-01-14 22:08 390144 ----a-w- c:\windows\system32\CF1020.exe
2010-01-14 20:40 . 2010-01-14 20:42 -------- d-----w- c:\windows\system32\NtmsData
2010-01-14 20:30 . 2010-01-14 20:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-01-14 12:01 . 2010-01-14 12:01 -------- d-----w- c:\program files\Zoner
2010-01-09 17:37 . 2010-01-09 17:37 -------- d-----w- c:\program files\Common Files\Stardock
2010-01-06 22:41 . 2010-01-06 23:31 -------- d-----w- c:\documents and settings\SONY\dwhelper
2010-01-06 21:13 . 2010-01-06 21:13 -------- d-----w- c:\program files\DsNET Corp
2010-01-03 15:02 . 2010-01-03 15:02 -------- d-----w- c:\program files\Western Digital
2009-12-26 04:29 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2009-12-26 03:32 . 2009-12-26 03:32 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-26 03:32 . 2009-12-26 03:45 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-26 03:31 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-12-26 03:31 . 2009-12-26 03:31 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-26 03:31 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-12-26 03:31 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-12-26 03:31 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-12-26 03:31 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-12-26 03:31 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-12-26 03:31 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-12-26 01:55 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-26 01:55 . 2010-01-18 13:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-26 01:55 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-25 23:21 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-25 23:21 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-25 23:21 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-25 23:21 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-25 23:20 . 2009-12-25 23:23 -------- d-----w- c:\program files\O2 Mobilni internet

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 04:01 . 2008-12-14 12:04 -------- d-----w- c:\program files\Google
2010-01-14 20:30 . 2009-12-19 03:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-09 17:38 . 2009-01-14 17:27 -------- d-----w- c:\program files\AlienGUIse
2010-01-07 02:58 . 2008-12-24 20:09 -------- d-----w- c:\program files\Nokia
2010-01-06 23:56 . 2009-01-03 01:13 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-05 09:58 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-26 04:29 . 2009-12-26 04:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-26 04:29 . 2009-12-26 04:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-26 01:47 . 2008-04-14 12:00 90924 ----a-w- c:\windows\system32\perfc005.dat
2009-12-26 01:47 . 2008-04-14 12:00 458882 ----a-w- c:\windows\system32\perfh005.dat
2009-12-19 09:58 . 2009-12-19 09:58 -------- d-----w- c:\program files\Western Digital Corp
2009-12-19 09:32 . 2009-12-19 09:32 -------- d-----w- c:\program files\Western Digital Corporation
2009-12-19 02:55 . 2009-12-19 02:55 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-19 01:37 . 2009-12-19 01:37 -------- d-----w- c:\program files\Roxio
2009-12-19 01:37 . 2009-12-19 01:37 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-12-11 15:01 . 2009-12-11 15:01 -------- d-----w- c:\program files\FreeTime
2009-11-28 11:52 . 2009-08-05 05:35 -------- d-----w- c:\program files\QuickTime
2009-11-28 11:51 . 2009-11-28 11:51 -------- d-----w- c:\program files\Common Files\Apple
2009-11-28 11:51 . 2009-08-05 05:35 -------- d-----w- c:\program files\Apple Software Update
2009-11-21 16:03 . 2008-04-14 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 12:50 . 2008-12-14 11:58 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-11-18 12:50 . 2008-12-14 11:58 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-11-18 12:50 . 2008-12-14 11:58 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-11-18 12:50 . 2008-12-14 11:58 161800 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-11-18 12:50 . 2008-12-14 11:58 12464 ----a-w- c:\windows\system32\avgrsstx.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\LocalService\Dokumenty ----

2010-01-15 00:17 . 2010-01-15 00:17 74 --sha-w- c:\documents and settings\LocalService\Dokumenty\desktop.ini


((((((((((((((((((((((((((((( SnapShot@2010-01-20_22.33.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-22 14:41 . 2010-01-22 14:41 16384 c:\windows\Temp\Perflib_Perfdata_3f4.dat
+ 2008-04-14 12:00 . 2010-01-05 09:58 44544 c:\windows\system32\pngfilt.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 44544 c:\windows\system32\pngfilt.dll
- 2007-08-13 17:54 . 2009-10-29 07:45 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 17:54 . 2010-01-05 09:58 52224 c:\windows\system32\msfeedsbs.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 27648 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 27648 c:\windows\system32\jsproxy.dll
- 2007-08-13 17:39 . 2009-10-28 14:35 13824 c:\windows\system32\ieudinit.exe
+ 2007-08-13 17:39 . 2009-12-31 15:32 13824 c:\windows\system32\ieudinit.exe
- 2008-04-14 12:00 . 2009-10-29 07:45 44544 c:\windows\system32\iernonce.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 44544 c:\windows\system32\iernonce.dll
- 2008-04-14 12:00 . 2009-10-28 14:35 70656 c:\windows\system32\ie4uinit.exe
+ 2008-04-14 12:00 . 2009-12-31 15:32 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 17:36 . 2010-01-05 09:57 63488 c:\windows\system32\icardie.dll
- 2007-08-13 17:36 . 2009-10-29 07:45 63488 c:\windows\system32\icardie.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2008-12-20 13:16 . 2010-01-05 09:58 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-12-20 13:16 . 2009-10-29 07:45 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2008-12-20 13:16 . 2009-10-28 14:35 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-12-20 13:16 . 2009-12-31 15:32 13824 c:\windows\system32\dllcache\ieudinit.exe
- 2008-04-14 12:00 . 2009-10-29 07:45 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 78336 c:\windows\system32\dllcache\ieencode.dll
- 2008-04-14 12:00 . 2009-10-28 14:35 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-04-14 12:00 . 2009-12-31 15:32 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-12-20 13:16 . 2009-10-29 07:45 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-12-20 13:16 . 2010-01-05 09:57 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 17408 c:\windows\system32\dllcache\corpol.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 17408 c:\windows\system32\dllcache\corpol.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 44544 c:\windows\ie7updates\KB978207-IE7\pngfilt.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 52224 c:\windows\ie7updates\KB978207-IE7\msfeedsbs.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 27648 c:\windows\ie7updates\KB978207-IE7\jsproxy.dll
+ 2010-01-21 23:29 . 2009-10-28 14:35 13824 c:\windows\ie7updates\KB978207-IE7\ieudinit.exe
+ 2010-01-21 23:29 . 2009-10-29 07:45 44544 c:\windows\ie7updates\KB978207-IE7\iernonce.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 78336 c:\windows\ie7updates\KB978207-IE7\ieencode.dll
+ 2010-01-21 23:29 . 2009-10-28 14:35 70656 c:\windows\ie7updates\KB978207-IE7\ie4uinit.exe
+ 2010-01-21 23:29 . 2009-10-29 07:45 63488 c:\windows\ie7updates\KB978207-IE7\icardie.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 17408 c:\windows\ie7updates\KB978207-IE7\corpol.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 233472 c:\windows\system32\webcheck.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 233472 c:\windows\system32\webcheck.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 105984 c:\windows\system32\url.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 105984 c:\windows\system32\url.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 102912 c:\windows\system32\occache.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 102912 c:\windows\system32\occache.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 671232 c:\windows\system32\mstime.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 671232 c:\windows\system32\mstime.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 193024 c:\windows\system32\msrating.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 193024 c:\windows\system32\msrating.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 477696 c:\windows\system32\mshtmled.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 477696 c:\windows\system32\mshtmled.dll
- 2007-08-13 17:54 . 2009-10-29 07:45 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 17:54 . 2010-01-05 09:58 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 17:34 . 2010-01-05 09:58 268288 c:\windows\system32\iertutil.dll
- 2007-08-13 17:34 . 2009-10-29 07:45 268288 c:\windows\system32\iertutil.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 192512 c:\windows\system32\iepeers.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 385024 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 385024 c:\windows\system32\iedkcs32.dll
- 2007-07-11 11:27 . 2009-10-29 07:45 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 11:27 . 2010-01-05 09:57 380928 c:\windows\system32\ieapfltr.dll
- 2008-04-14 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 230400 c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 230400 c:\windows\system32\ieaksie.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 153088 c:\windows\system32\ieakeng.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 153088 c:\windows\system32\ieakeng.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 133120 c:\windows\system32\extmgr.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 133120 c:\windows\system32\extmgr.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 214528 c:\windows\system32\dxtrans.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 214528 c:\windows\system32\dxtrans.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 347136 c:\windows\system32\dxtmsft.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 347136 c:\windows\system32\dxtmsft.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 182656 c:\windows\system32\drivers\ndis.sys
- 2008-04-14 12:00 . 2009-10-29 07:45 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 105984 c:\windows\system32\dllcache\url.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 105984 c:\windows\system32\dllcache\url.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2008-04-14 12:00 182656 c:\windows\system32\dllcache\ndis.sys
+ 2008-04-14 12:00 . 2010-01-05 09:58 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 671232 c:\windows\system32\dllcache\mstime.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 477696 c:\windows\system32\dllcache\mshtmled.dll
- 2008-12-20 13:16 . 2009-10-29 07:45 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-20 13:16 . 2010-01-05 09:58 459264 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-12-13 10:56 . 2009-12-18 13:05 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2008-12-20 13:16 . 2010-01-05 09:58 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-12-20 13:16 . 2009-10-29 07:45 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 192512 c:\windows\system32\dllcache\iepeers.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 385024 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-12-20 13:16 . 2009-10-29 07:45 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-12-20 13:16 . 2010-01-05 09:57 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-04-14 12:00 . 2009-12-18 13:04 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-04-14 12:00 . 2009-10-28 06:52 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 153088 c:\windows\system32\dllcache\ieakeng.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 124928 c:\windows\system32\advpack.dll
+ 2008-04-14 12:00 . 2010-01-05 09:57 124928 c:\windows\system32\advpack.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 832512 c:\windows\ie7updates\KB978207-IE7\wininet.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 233472 c:\windows\ie7updates\KB978207-IE7\webcheck.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 105984 c:\windows\ie7updates\KB978207-IE7\url.dll
+ 2010-01-21 23:29 . 2009-05-26 11:40 391032 c:\windows\ie7updates\KB978207-IE7\spuninst\updspapi.dll
+ 2010-01-21 23:29 . 2009-05-26 11:40 233848 c:\windows\ie7updates\KB978207-IE7\spuninst\spuninst.exe
+ 2010-01-21 23:29 . 2009-10-29 07:45 102912 c:\windows\ie7updates\KB978207-IE7\occache.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 671232 c:\windows\ie7updates\KB978207-IE7\mstime.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 193024 c:\windows\ie7updates\KB978207-IE7\msrating.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 477696 c:\windows\ie7updates\KB978207-IE7\mshtmled.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 459264 c:\windows\ie7updates\KB978207-IE7\msfeeds.dll
+ 2010-01-21 23:29 . 2009-10-28 06:54 634632 c:\windows\ie7updates\KB978207-IE7\iexplore.exe
+ 2010-01-21 23:29 . 2009-10-29 07:45 268288 c:\windows\ie7updates\KB978207-IE7\iertutil.dll
+ 2010-01-21 23:29 . 2007-08-13 17:54 191488 c:\windows\ie7updates\KB978207-IE7\iepeers.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 385024 c:\windows\ie7updates\KB978207-IE7\iedkcs32.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 380928 c:\windows\ie7updates\KB978207-IE7\ieapfltr.dll
+ 2010-01-21 23:29 . 2009-10-28 06:52 161792 c:\windows\ie7updates\KB978207-IE7\ieakui.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 230400 c:\windows\ie7updates\KB978207-IE7\ieaksie.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 153088 c:\windows\ie7updates\KB978207-IE7\ieakeng.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 133120 c:\windows\ie7updates\KB978207-IE7\extmgr.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 214528 c:\windows\ie7updates\KB978207-IE7\dxtrans.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 347136 c:\windows\ie7updates\KB978207-IE7\dxtmsft.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 124928 c:\windows\ie7updates\KB978207-IE7\advpack.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 1168384 c:\windows\system32\urlmon.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 1168384 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 3599360 c:\windows\system32\mshtml.dll
- 2007-08-13 17:54 . 2009-10-29 07:45 6067200 c:\windows\system32\ieframe.dll
+ 2007-08-13 17:54 . 2010-01-05 09:58 6067200 c:\windows\system32\ieframe.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 1168384 c:\windows\system32\dllcache\urlmon.dll
- 2008-04-14 12:00 . 2009-10-29 07:45 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2010-01-05 09:58 3599360 c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-20 13:16 . 2010-01-05 09:58 6067200 c:\windows\system32\dllcache\ieframe.dll
- 2008-12-20 13:16 . 2009-10-29 07:45 6067200 c:\windows\system32\dllcache\ieframe.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 1168384 c:\windows\ie7updates\KB978207-IE7\urlmon.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 3598336 c:\windows\ie7updates\KB978207-IE7\mshtml.dll
+ 2010-01-21 23:29 . 2009-10-29 07:45 6067200 c:\windows\ie7updates\KB978207-IE7\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:02 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-02-01 98304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7561216]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2009-12-26 2033432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\SONY\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-6-16 49152]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-11-18 12:50 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 13:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 21:34 24576 ----a-w- c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logan_S2P]
2007-06-10 23:58 253952 ----a-w- c:\program files\Samsung\Samsung SCX-4500 Series\SPanel\PSU\Scan2pc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2007-07-05 08:42 520192 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-12-14 161800]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-14 333192]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-14 360584]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2009-11-18 906520]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2009-11-18 285392]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [2008-12-15 9728]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-12-13 226304]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter;c:\windows\system32\drivers\ipwpnet.sys [2008-12-15 43184]
S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\drivers\whmice2k.sys [2004-04-26 6885]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-12-19 691696]
.
Obsah adresáře 'Naplánované úlohy'

2009-11-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\SONY\Data aplikací\Mozilla\Firefox\Profiles\0q6nxs00.default\
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\SONY\Data aplikací\Mozilla\Firefox\Profiles\0q6nxs00.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-22 15:42
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1192)
c:\windows\system32\VESWinlogon.dll
c:\program files\AlienGUIse\fastload.dll

- - - - - - - > 'explorer.exe'(2332)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
.
**************************************************************************
.
Celkový čas: 2010-01-22 15:46:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-22 14:46
ComboFix2.txt 2010-01-20 22:37

Před spuštěním: Volných bajtů: 150,670,008,320
Po spuštění: Volných bajtů: 150,632,480,768

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 4E08A601609023331433D73E3CEE93E8

[Reklama]

[Damned]

Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

c:\windows\system32\Drivers\SSPORT.sys
*****************************************************************************************************************************************
Stáhni si :Dr. Web CureIt nebo z http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html dej update , po aktualizaci dej start.

Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Pak napiš výsledek. Sken může trvat dlouho. Nalezenou infekci nejdříve léčit, potom teprve smazat. Pokud něco najde ve složce System Volume Information, tak smazat.

[menyluk]

c:\windows\system32\Drivers\SSPORT.sys
zadaný systémový soubor jsem nenašel v počitači... zadal jsem i vyhledat a našel mi ten soubor jen logech...jak postupovat dál???

[Damned]

Soubor tedy není, a zmínky o něm jen v logách?

Pokračuj tím Dr. Webem.

[menyluk]

Dr.Weber mi nefunguje nevim proc, spustim ho a sekne se.Zkousel jsem oba odkazy co jsi psal...
Navic mi antivir hlasí přítomnost rootkit agent ve slozce volume system information a tu slozku nemuzu najit ani zobrazeni systemovych souboru...
Co mam delat ted prosim te...dej vedet
Lukas

[Damned]

Vypni si Body obnovení systému a po chvíli si je opět zapni. Tím ti zmizí "rootkit" ze složky SVI.

Dr. Web ti nejde stáhnout, nebo nejde spustit launch.exe? Objeví se nějaké chybové hlášení?