Prosím o kontrolu logu

saionara · Příspěvekod **saionara** » 05 říj 2010 15:20

Dobrý den
Při startu operačního systemu se mi oběvírá okno ,,Adobe arm.exe spravna inicializace aplikace (0xc0000005) se nezdařila,,
Některé filmy najednou nejdou přehrát.Z ničeho nic se PC zasekává a CPU je vytížen na 100 %.
Prosím o radu.Přikládám log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:02:35, on 5.10.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\Documents and Settings\SAYONARA\Dokumenty\Stažené soubory\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: E - Unknown owner - C:\DOCUME~1\SAYONARA\LOCALS~1\Temp\E.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: GUZCBZUO - Unknown owner - C:\DOCUME~1\SAYONARA\LOCALS~1\Temp\GUZCBZUO.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6317 bytes

Reklama

Příspěvekod **jaro3** » 05 říj 2010 17:07

Odinstaluj:
SearchSettings

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O23 - Service: GUZCBZUO - Unknown owner - C:\DOCUME~1\SAYONARA\LOCALS~1\Temp\GUZCBZUO.exe (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Používáš tuto proxy:
ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000 ??

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole můzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

saionara · Příspěvekod **saionara** » 05 říj 2010 17:50

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:48:40, on 5.10.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\Documents and Settings\SAYONARA\Dokumenty\Stažené soubory\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/ ... ch/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: YSPManager - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: E - Unknown owner - C:\DOCUME~1\SAYONARA\LOCALS~1\Temp\E.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: GUZCBZUO - Unknown owner - C:\DOCUME~1\SAYONARA\LOCALS~1\Temp\GUZCBZUO.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 6472 bytes

Příspěvekod **jaro3** » 05 říj 2010 19:15

Já nechci log z HJT , ale , abys použil Dr.Web CureIt! a pak Malwarebytes' Anti-Malware a z něho log..

saionara · Příspěvekod **saionara** » 06 říj 2010 10:20

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 4750

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

6.10.2010 10:17:18
mbam-log-2010-10-06 (10-17-18).txt

Typ skenu: Rychlý sken
Skenované objekty: 320374
Uplynulý čas: 17 minuta(y), 45 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\WINDOWS\system32\secushr.dat (Malware.Trace) -> No action taken.

Příspěvekod **jaro3** » 06 říj 2010 10:53

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

saionara · Příspěvekod **saionara** » 06 říj 2010 11:49

ComboFix 10-10-05.01 - SAYONARA 06.10.2010 11:29:53.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1535.767 [GMT 2:00]
Spuštěný z: c:\documents and settings\SAYONARA\Dokumenty\Stažené soubory\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\SAYONARA\Data aplikací\BITS
c:\documents and settings\SAYONARA\Data aplikací\BITS\BITS.ini
c:\documents and settings\SAYONARA\Data aplikací\BITS\UPnP.ini
c:\documents and settings\SAYONARA\Recent\Thumbs.db
c:\program files\Search Settings
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\recycled\Recycled
c:\windows\system32\Drivers\yhuxwe.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_E
-------\Legacy_NPF
-------\Service_E
-------\Service_NPF
-------\Service_mthun

((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.

2010-10-06 07:45 . 2010-10-06 07:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-05 18:04 . 2010-10-05 18:04 -------- d-----w- c:\documents and settings\SAYONARA\DoctorWeb
2010-10-05 15:47 . 2010-10-05 15:47 388096 ----a-r- c:\documents and settings\SAYONARA\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-05 15:47 . 2010-10-05 15:47 -------- d-----w- c:\program files\Trend Micro
2010-10-05 12:08 . 2010-10-05 12:08 -------- dc----w- c:\windows\system32\wbem\Repository
2010-10-05 08:12 . 2010-10-05 08:14 -------- d-----w- c:\program files\JDownloader
2010-10-03 11:42 . 2010-10-03 15:24 -------- d-----w- C:\ubuntu
2010-10-02 13:28 . 2010-10-02 13:28 -------- d-----w- c:\program files\Common Files\Java
2010-10-02 13:28 . 2010-10-02 13:28 503808 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\msvcp71.dll
2010-10-02 13:28 . 2010-10-02 13:28 499712 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\jmc.dll
2010-10-02 13:28 . 2010-10-02 13:28 348160 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\msvcr71.dll
2010-10-02 13:28 . 2010-10-02 13:28 61440 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-712dd355-n\decora-sse.dll
2010-10-02 13:28 . 2010-10-02 13:28 12800 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-712dd355-n\decora-d3d.dll
2010-10-02 13:27 . 2010-10-02 13:27 -------- d-----w- c:\program files\Java
2010-10-02 13:26 . 2010-10-02 13:26 79488 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\jre1.6.0_21\gtapi.dll
2010-10-02 13:26 . 2010-10-02 13:26 152576 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\jre1.6.0_21\lzma.dll
2010-10-01 14:55 . 2010-09-07 14:52 165584 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2010-10-01 14:55 . 2010-09-07 14:47 17744 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-10-01 14:55 . 2010-09-07 14:47 23376 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2010-10-01 14:55 . 2010-09-07 14:52 46672 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2010-10-01 14:55 . 2010-09-07 14:47 100176 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2010-10-01 14:55 . 2010-09-07 14:47 94544 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-10-01 14:55 . 2010-09-07 14:46 28880 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2010-10-01 14:54 . 2010-09-07 15:12 38848 -c--a-w- c:\windows\avastSS.scr
2010-10-01 14:54 . 2010-09-07 15:11 167592 -c--a-w- c:\windows\system32\aswBoot.exe
2010-10-01 14:54 . 2010-10-01 14:54 -------- d-----w- c:\program files\Alwil Software
2010-10-01 11:49 . 2010-10-01 11:49 128 ---ha-w- c:\documents and settings\SAYONARA\microsoft.dat
2010-10-01 11:49 . 2010-10-05 16:13 -------- d-----w- c:\program files\Backgammon Classic 7
2010-09-30 22:52 . 2010-09-30 22:52 -------- d-----w- c:\program files\Webteh
2010-09-30 21:09 . 2010-09-30 21:09 -------- d-----w- c:\program files\CoreCodec
2010-09-30 08:24 . 2010-09-30 08:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-09-30 06:16 . 2010-09-30 06:16 -------- d-----w- c:\program files\Application Updater
2010-09-30 06:14 . 2010-09-30 06:14 -------- dc----w- c:\windows\system32\QuickTime
2010-09-26 16:23 . 2010-04-20 14:45 607472 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Yahoo!\YUpdater\yupdater.exe
2010-09-25 21:37 . 2003-02-01 10:19 52224 -c--a-w- c:\windows\system32\mspmsnsv.dll
2010-09-25 21:37 . 2003-02-01 10:19 52224 -c--a-w- c:\windows\system32\dllcache\mspmsnsv.dll
2010-09-25 21:37 . 2002-11-27 01:03 27136 -c--a-w- c:\windows\system32\wmdmlog.dll
2010-09-25 21:37 . 2002-11-27 01:03 27136 -c--a-w- c:\windows\system32\dllcache\wmdmlog.dll
2010-09-25 21:37 . 2002-11-27 01:03 23552 -c--a-w- c:\windows\system32\wmdmps.dll
2010-09-25 21:37 . 2002-11-27 01:03 159232 -c--a-w- c:\windows\system32\dllcache\CEWMDM.dll
2010-09-25 21:37 . 2002-11-27 01:03 159232 -c--a-w- c:\windows\system32\CEWMDM.dll
2010-09-25 21:37 . 2003-02-01 10:18 245760 -c--a-w- c:\windows\system32\mswmdm.dll
2010-09-25 21:37 . 2003-02-01 10:18 245760 -c--a-w- c:\windows\system32\dllcache\mswmdm.dll
2010-09-25 21:37 . 2002-11-27 01:03 23552 -c--a-w- c:\windows\system32\dllcache\wmdmps.dll
2010-09-25 06:27 . 2010-09-27 07:17 88 --sh--r- c:\documents and settings\All Users.WINDOWS\Data aplikací\F7DB45091D.sys
2010-09-25 06:27 . 2010-09-27 07:17 2516 --sha-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\KGyGaAvL.sys
2010-09-25 06:27 . 2010-09-25 06:27 -------- d-----w- c:\documents and settings\SAYONARA\Corel
2010-09-25 02:16 . 2010-10-06 09:38 -------- d-----w- c:\program files\Yahoo!
2010-09-25 01:12 . 2010-09-25 01:12 -------- dc----w- c:\windows\Logs
2010-09-25 00:41 . 2010-09-25 00:41 -------- d-----w- c:\program files\VideoLAN
2010-09-24 06:59 . 2010-04-29 13:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-24 06:58 . 2010-04-29 13:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-09-24 06:55 . 2009-10-22 11:54 37392 -c--a-w- c:\windows\system32\drivers\26113002.sys
2010-09-24 06:55 . 2009-09-25 15:59 128016 -c--a-w- c:\windows\system32\drivers\26113001.sys
2010-09-24 06:55 . 2009-10-09 21:31 315408 -c--a-w- c:\windows\system32\drivers\2611300.sys
2010-09-19 08:37 . 2010-10-05 13:31 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-19 08:23 . 2009-05-16 02:39 442368 -c--a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-19 08:23 . 2009-05-16 00:35 45056 -c--a-w- c:\windows\system32\aticalrt.dll
2010-09-19 08:23 . 2009-05-16 01:38 49664 -c--a-w- c:\windows\system32\atimpc32.dll
2010-09-19 08:23 . 2009-05-16 01:38 49664 -c--a-w- c:\windows\system32\amdpcom32.dll
2010-09-19 08:23 . 2009-05-16 00:33 3158016 -c--a-w- c:\windows\system32\aticaldd.dll
2010-09-19 08:23 . 2009-05-05 18:33 118784 -c--a-w- c:\windows\system32\atibtmon.exe
2010-09-19 08:23 . 2009-05-16 01:31 139264 -c--a-w- c:\windows\system32\atiadlxx.dll
2010-09-19 08:23 . 2009-05-16 01:26 376832 -c--a-w- c:\windows\system32\atiok3x2.dll
2010-09-19 08:23 . 2009-05-16 00:34 45056 -c--a-w- c:\windows\system32\aticalcl.dll
2010-09-19 08:22 . 2009-03-25 12:29 130432 -c--a-w- c:\windows\system32\drivers\Rtnicxp.sys
2010-09-19 08:22 . 2009-03-03 18:18 73728 -c--a-w- c:\windows\system32\RtNicProp32.dll
2010-09-18 17:27 . 2009-12-30 10:20 27064 -c--a-w- c:\windows\system32\drivers\revoflt.sys
2010-09-18 17:27 . 2010-09-18 17:27 -------- d-----w- c:\program files\VS Revo Group
2010-09-18 06:09 . 1998-11-17 11:44 328704 -c--a-w- c:\windows\IsUn0407.exe
2010-09-17 21:38 . 2010-02-27 12:19 13976 -c--a-w- c:\windows\system32\drivers\videX32.sys
2010-09-17 19:49 . 2010-09-17 19:49 -------- dc-h--w- c:\windows\PIF
2010-09-16 18:34 . 2001-10-25 14:00 229439 -c--a-w- c:\windows\system32\dllcache\multibox.dll
2010-09-16 18:33 . 2004-08-17 13:49 32256 -c--a-w- c:\windows\system32\dllcache\gzip.dll
2010-09-16 18:32 . 2004-08-17 13:49 8192 -c--a-w- c:\windows\system32\dllcache\staxmem.dll
2010-09-16 18:27 . 2004-08-17 13:49 40448 -c--a-w- c:\windows\system32\wbem\snmpthrd.dll
2010-09-16 18:27 . 2004-08-17 13:49 40448 -c--a-w- c:\windows\system32\dllcache\snmpthrd.dll
2010-09-16 18:27 . 2004-08-17 13:49 259072 -c--a-w- c:\windows\system32\wbem\snmpcl.dll
2010-09-16 18:27 . 2004-08-17 13:49 259072 -c--a-w- c:\windows\system32\dllcache\snmpcl.dll
2010-09-16 18:26 . 2004-08-17 13:49 26624 -c--a-w- c:\windows\system32\irmon.dll
2010-09-16 18:26 . 2004-08-17 13:49 153088 -c--a-w- c:\windows\system32\irftp.exe
2010-09-16 18:26 . 2004-08-03 21:00 87424 -c--a-w- c:\windows\system32\drivers\irda.sys
2010-09-16 18:26 . 2004-08-17 13:49 8192 -c--a-w- c:\windows\system32\wshirda.dll
2010-09-16 18:16 . 2001-08-17 19:51 19584 -c--a-w- c:\windows\system32\drivers\rasirda.sys
2010-09-16 18:14 . 2001-10-25 14:00 13312 -c--a-w- c:\windows\system32\irclass.dll
2010-09-16 18:14 . 2001-10-25 14:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-09-16 18:14 . 2001-10-25 14:00 24661 -c--a-w- c:\windows\system32\spxcoins.dll
2010-09-16 18:14 . 2001-10-25 14:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-09-16 14:51 . 2010-09-16 14:51 -------- dc----w- c:\windows\system32\ivtMobCache
2010-09-13 03:10 . 2010-09-13 03:08 737280 -c--a-w- c:\windows\iun6002.exe
2010-09-13 00:21 . 2010-09-13 00:21 -------- d-----w- c:\program files\MSECache
2010-09-11 23:02 . 2010-09-11 23:01 36684048 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze.exe
2010-09-11 23:01 . 2010-09-11 23:01 95232 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-09-11 23:01 . 2010-09-11 23:01 8192 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-09-11 23:01 . 2010-09-11 23:01 61440 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-09-11 23:01 . 2010-09-11 23:01 10240 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-09-10 09:26 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-09-10 09:25 . 2010-09-18 16:06 -------- dc----w- c:\windows\system32\drivers\UMDF
2010-09-10 09:25 . 2010-09-10 09:25 -------- dc----w- c:\windows\system32\LogFiles
2010-09-10 09:25 . 2008-11-07 16:55 26144 -c--a-w- c:\windows\system32\spupdsvc.exe
2010-09-10 09:24 . 2010-09-10 09:24 12212040 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-10 09:24 . 2010-09-10 09:24 13930312 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-10 09:24 . 2010-09-10 09:24 77824 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-10 09:24 . 2010-09-10 09:24 50000 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-09-10 09:24 . 2010-09-10 09:24 38912 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-09-10 09:24 . 2010-09-10 09:24 38912 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-09-10 09:24 . 2010-09-10 09:23 102913480 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-09-10 09:09 . 2006-08-29 14:56 32377 -c--a-w- c:\windows\system32\drivers\prodigy.sys
2010-09-10 06:38 . 2010-02-26 12:32 92672 -c--a-w- c:\windows\system32\nmwcdcls.dll
2010-09-10 06:38 . 2010-09-10 06:37 34557984 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Nokia_PC_Suite_7_1_30_8_cze_web.exe
2010-09-10 06:37 . 2010-09-10 06:37 95232 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\pcswpcsi.exe
2010-09-10 06:37 . 2010-09-10 06:37 8192 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstCCD.exe
2010-09-10 06:37 . 2010-09-10 06:37 61440 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-09-10 06:37 . 2010-09-10 06:37 10240 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{55495E65-7C5B-48E4-BC7D-DE54F3DE5ED6}\Installer\CommonCustomActions\UninstPCS.exe
2010-09-10 05:34 . 2010-09-10 05:33 92840 -c--a-w- c:\windows\system32\drivers\btwsecfl.sys
2010-09-10 05:05 . 2010-09-10 05:05 -------- dc----w- C:\MSIR20
2010-09-09 21:22 . 2009-05-18 11:17 26600 -c--a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-09 21:22 . 2008-04-17 10:12 107368 -c--a-w- c:\windows\system32\GEARAspi.dll
2010-09-09 15:36 . 2010-09-09 15:36 -------- d-----r- c:\program files\Skype
2010-09-09 14:51 . 2001-10-24 10:25 5632 -c--a-w- c:\windows\system32\ptpusb.dll
2010-09-09 14:51 . 2004-08-17 13:49 159232 -c--a-w- c:\windows\system32\ptpusd.dll
2010-09-09 14:51 . 2004-08-03 20:58 15104 -c--a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 00:05 . 2009-01-01 09:31 -------- d-----w- c:\program files\Google
2010-10-02 13:27 . 2010-08-06 04:04 423656 -c--a-w- c:\windows\system32\deployJava1.dll
2010-09-30 06:12 . 2008-12-31 00:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-25 07:38 . 2010-09-02 19:54 664 -c--a-w- c:\windows\system32\d3d9caps.dat
2010-09-23 22:24 . 2001-10-25 14:00 79164 ----a-w- c:\windows\system32\perfc005.dat
2010-09-23 22:24 . 2001-10-25 14:00 416962 ----a-w- c:\windows\system32\perfh005.dat
2010-09-18 16:06 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-18 14:05 . 2004-08-03 21:14 359040 -c--a-w- c:\windows\system32\drivers\tcpip.sys
2010-09-17 23:20 . 2010-03-14 01:21 -------- d-----w- c:\program files\Common Files\Apple
2010-09-16 18:28 . 2010-03-16 19:16 22976 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-09-10 09:33 . 2010-09-10 09:33 0 -c-ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-10 09:33 . 2010-09-10 09:33 0 -c-ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-10 06:39 . 2009-01-31 14:51 -------- d-----w- c:\program files\DIFX
2010-09-05 04:08 . 2009-10-24 10:03 -------- d---a-w- c:\program files\Serials 2005
2010-09-04 19:50 . 2010-09-04 17:15 -------- d-----w- c:\program files\XP TCPIP Repair
2010-08-29 16:04 . 2010-08-29 16:04 0 -c--a-w- c:\windows\ativpsrm.bin
2010-08-09 22:34 . 2010-07-24 23:33 -------- d-----w- c:\program files\ARCHPR
2010-08-08 00:19 . 2010-07-12 12:41 -------- d-----w- c:\program files\CommViewWiFi
2010-08-06 23:53 . 2010-08-06 23:53 56 -c-ha-w- c:\windows\system32\ezsidmv.dat
2010-08-06 15:10 . 2010-08-06 15:10 99688 -c--a-w- c:\windows\system32\BtMmHook.dll
2010-08-06 15:10 . 2010-08-06 15:10 996720 -c--a-w- c:\windows\system32\BTNeighborhood.dll
2010-08-06 15:10 . 2010-08-06 15:10 91504 -c--a-w- c:\windows\system32\BtAudioHelper.dll
2010-08-06 15:10 . 2010-08-06 15:10 521568 -c--a-w- c:\windows\system32\wbtapi.dll
2010-07-24 19:16 . 2010-07-24 19:16 503808 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\msvcp71.dll
2010-07-24 19:16 . 2010-07-24 19:16 348160 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\msvcr71.dll
2010-07-24 19:16 . 2010-07-24 19:16 499712 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\jmc.dll
2010-04-16 01:32 . 2010-04-16 01:32 40 -c--a-w- c:\program files\Recent.INI
2010-04-16 01:32 . 2010-04-16 01:32 4550 -c--a-w- c:\program files\PSPad.INI
2010-04-16 01:32 . 2010-04-16 01:32 0 -c--a-w- c:\program files\PSPad_MU.INI
.

------- Sigcheck -------

[-] 2003-02-01 10:19 . 9E1381B2DE2A23F8E4C22E814D55F475 . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2003-02-01 10:19 . 9E1381B2DE2A23F8E4C22E814D55F475 . 52224 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-22 39408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-03-01 12:00 9216928 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-03-01 12:00 9216928 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 --sha-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 13:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
"ServiceLayer"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Filters\\ac3config.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\Program Files\\Mozilla Firefox 4.0 Beta 6\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox 4.0 Beta 6\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"500:UDP"= 500:UDP:*:Disabled:@xpsp2res.dll,-22017

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 26113002;26113002 Boot Guard Driver;c:\windows\system32\drivers\26113002.sys [24.9.2010 8:55 37392]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [21.1.2008 19:28 19592]
R1 26113001;26113001;c:\windows\system32\drivers\26113001.sys [24.9.2010 8:55 128016]
R1 setup_9.0.0.722_24.09.2010_10-27drv;setup_9.0.0.722_24.09.2010_10-27drv;c:\windows\system32\drivers\2611300.sys [24.9.2010 8:55 315408]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASDIFSV.SYS --> c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASKUTIL.sys --> c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASKUTIL.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1.10.2010 16:52 136176]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 13:38 22528]
S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [29.3.2010 10:38 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\windows\system32\drivers\gtmmdmusb.sys [17.3.2010 18:46 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\windows\system32\drivers\gtmserusb.sys [17.3.2010 18:45 21888]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [21.1.2008 19:28 25480]
S3 KCIRDA;%KCIRDA.ServiceDesc%;c:\windows\system32\DRIVERS\KCIrNet.sys --> c:\windows\system32\DRIVERS\KCIrNet.sys [?]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [10.9.2010 11:09 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.9.2010 19:27 27064]
S3 SASENUM;SASENUM;\??\c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASENUM.SYS --> c:\docume~1\SAYONARA\LOCALS~1\Temp\SuperAntiSpyware\SASENUM.SYS [?]
S4 GUZCBZUO;GUZCBZUO;c:\docume~1\SAYONARA\LOCALS~1\Temp\GUZCBZUO.exe --> c:\docume~1\SAYONARA\LOCALS~1\Temp\GUZCBZUO.exe [?]
S4 VMCService;Vodafone Mobile Connect Service;"c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" --> c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-10-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-01 14:50]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-01 14:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;<local>
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: ????3??
IE: ????3??????
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download ALL with IDA
IE: Download with IDA
IE: ????3?? - c:\documents and settings\SAYONARA\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\SAYONARA\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\SAYONARA\Data aplikací\Mozilla\Firefox\Profiles\v3bjg12c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd

.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\SAYONARA\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\SAYONARA\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DFB660B-35C4-1D56-F2C0-52FD2B72E06B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"faldojjedcdp"=hex:66,61,6f,62,70,6f,70,62,62,62,6c,62,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1020)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\snmp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Celkový čas: 2010-10-06 11:45:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-06 09:45
ComboFix2.txt 2010-02-16 02:19
ComboFix3.txt 2010-02-16 00:25

Před spuštěním: 5 109 624 832
Po spuštění: 8 532 705 280

- - End Of File - - 935D85C59E74615E90172FA6495FF086

Příspěvekod **jaro3** » 06 říj 2010 14:07

Psal jsem:
Můžeš sem pak vložit nový log z MbAM.
Taky jsem psal , jestli používáš tuto proxy:
uInternet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Collect::
c:\documents and settings\All Users.WINDOWS\Data aplikací\F7DB45091D.sys
c:\windows\system32\drivers\26113002.sys
c:\windows\system32\drivers\26113001.sys
c:\windows\system32\drivers\2611300.sys

File::
c:\documents and settings\All Users.WINDOWS\Data aplikací\KGyGaAvL.sys
c:\windows\iun6002.exe
c:\windows\system32\d3d9caps.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
c:\windows\ativpsrm.bin
c:\windows\system32\ezsidmv.dat

Driver::
26113002
26113001
setup_9.0.0.722_24.09.2010_10-27drv
2611300
SASDIFSV
SASKUTIL
KCIRDA
KCIrNet
SASENUM
GUZCBZUO
VMCService

RegLock::
[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DFB660B-35C4-1D56-F2C0-52FD2B72E06B}*]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\documents and settings\SAYONARA\microsoft.dat
c:\windows\system32\drivers\tcpip.sys
c:\windows\system32\mspmsnsv.dll
c:\windows\system32\dllcache\mspmsnsv.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

saionara · Příspěvekod **saionara** » 06 říj 2010 15:09

ComboFix 10-10-05.04 - SAYONARA 06.10.2010 14:20:11.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1535.1177 [GMT 2:00]
Spuštěný z: c:\documents and settings\SAYONARA\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\SAYONARA\Plocha\CFScript.txt

FILE ::
"c:\documents and settings\All Users.WINDOWS\Data aplikací\KGyGaAvL.sys"
"c:\windows\ativpsrm.bin"
"c:\windows\iun6002.exe"
"c:\windows\system32\d3d9caps.dat"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfh005.dat"

file zipped: c:\documents and settings\All Users.WINDOWS\Data aplikací\F7DB45091D.sys
file zipped: c:\windows\system32\drivers\2611300.sys
file zipped: c:\windows\system32\drivers\26113001.sys
file zipped: c:\windows\system32\drivers\26113002.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_26113001
-------\Legacy_26113002
-------\Legacy_GUZCBZUO
-------\Legacy_SASDIFSV
-------\Legacy_SASENUM
-------\Legacy_SETUP_9.0.0.722_24.09.2010_10-27DRV
-------\Legacy_VMCSERVICE
-------\Service_26113001
-------\Service_26113002
-------\Service_GUZCBZUO
-------\Service_KCIRDA
-------\Service_SASDIFSV
-------\Service_SASENUM
-------\Service_SASKUTIL
-------\Service_setup_9.0.0.722_24.09.2010_10-27drv
-------\Service_VMCService

((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.

2010-10-06 11:20 . 2010-10-06 11:20 -------- d-sh--w- c:\documents and settings\SAYONARA\IETldCache
2010-10-06 10:55 . 2010-10-06 10:55 -------- dc----w- c:\windows\system32\KB905474
2010-10-06 10:54 . 2010-10-06 10:54 -------- dc----w- c:\windows\ie8updates
2010-10-06 10:53 . 2010-05-06 10:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-10-06 10:53 . 2010-05-06 10:35 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-10-06 10:53 . 2010-05-06 10:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-10-06 10:53 . 2010-05-06 10:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-10-06 10:53 . 2010-05-06 10:35 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-10-06 10:53 . 2010-05-06 10:35 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-10-06 10:53 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-10-06 10:51 . 2010-10-06 10:53 -------- dc-h--w- c:\windows\ie8
2010-10-06 10:51 . 2010-10-06 10:53 -------- dc----w- c:\windows\system32\cs-CZ
2010-10-06 10:13 . 2010-10-06 10:33 -------- dc----w- c:\windows\system32\CatRoot_bak
2010-10-06 10:02 . 2009-02-09 11:52 2059904 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-10-06 10:02 . 2009-02-09 11:52 2017792 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-10-06 10:02 . 2009-02-09 11:52 2182656 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-10-06 10:02 . 2009-02-09 11:52 2138112 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-10-06 10:01 . 2010-02-12 10:03 293376 -c----w- c:\windows\system32\browserchoice.exe
2010-10-06 09:42 . 2010-10-06 09:42 -------- dc----w- c:\windows\ServicePackFiles
2010-10-06 09:42 . 2010-10-06 10:55 -------- dc-h--w- c:\windows\$hf_mig$
2010-10-06 07:45 . 2010-10-06 07:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-05 18:04 . 2010-10-05 18:04 -------- d-----w- c:\documents and settings\SAYONARA\DoctorWeb
2010-10-05 15:47 . 2010-10-05 15:47 388096 ----a-r- c:\documents and settings\SAYONARA\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-05 15:47 . 2010-10-05 15:47 -------- d-----w- c:\program files\Trend Micro
2010-10-05 12:08 . 2010-10-05 12:08 -------- dc----w- c:\windows\system32\wbem\Repository
2010-10-05 08:12 . 2010-10-05 08:14 -------- d-----w- c:\program files\JDownloader
2010-10-03 11:42 . 2010-10-03 15:24 -------- d-----w- C:\ubuntu
2010-10-02 13:28 . 2010-10-02 13:28 -------- d-----w- c:\program files\Common Files\Java
2010-10-02 13:28 . 2010-10-02 13:28 503808 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\msvcp71.dll
2010-10-02 13:28 . 2010-10-02 13:28 499712 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\jmc.dll
2010-10-02 13:28 . 2010-10-02 13:28 348160 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6ee5393b-n\msvcr71.dll
2010-10-02 13:28 . 2010-10-02 13:28 61440 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-712dd355-n\decora-sse.dll
2010-10-02 13:28 . 2010-10-02 13:28 12800 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-712dd355-n\decora-d3d.dll
2010-10-02 13:27 . 2010-10-02 13:27 -------- d-----w- c:\program files\Java
2010-10-02 13:26 . 2010-10-02 13:26 79488 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\jre1.6.0_21\gtapi.dll
2010-10-02 13:26 . 2010-10-02 13:26 152576 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\jre1.6.0_21\lzma.dll
2010-10-01 14:55 . 2010-09-07 14:52 165584 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2010-10-01 14:55 . 2010-09-07 14:47 17744 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-10-01 14:55 . 2010-09-07 14:47 23376 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2010-10-01 14:55 . 2010-09-07 14:52 46672 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2010-10-01 14:55 . 2010-09-07 14:47 100176 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2010-10-01 14:55 . 2010-09-07 14:47 94544 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-10-01 14:55 . 2010-09-07 14:46 28880 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2010-10-01 14:54 . 2010-09-07 15:12 38848 -c--a-w- c:\windows\avastSS.scr
2010-10-01 14:54 . 2010-09-07 15:11 167592 -c--a-w- c:\windows\system32\aswBoot.exe
2010-10-01 14:54 . 2010-10-01 14:54 -------- d-----w- c:\program files\Alwil Software
2010-10-01 11:49 . 2010-10-01 11:49 128 ---ha-w- c:\documents and settings\SAYONARA\microsoft.dat
2010-10-01 11:49 . 2010-10-05 16:13 -------- d-----w- c:\program files\Backgammon Classic 7
2010-09-30 22:52 . 2010-09-30 22:52 -------- d-----w- c:\program files\Webteh
2010-09-30 21:09 . 2010-09-30 21:09 -------- d-----w- c:\program files\CoreCodec
2010-09-30 08:24 . 2010-09-30 08:24 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-09-30 06:16 . 2010-09-30 06:16 -------- d-----w- c:\program files\Application Updater
2010-09-30 06:14 . 2010-09-30 06:14 -------- dc----w- c:\windows\system32\QuickTime
2010-09-28 00:11 . 2009-11-27 17:35 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-09-26 16:23 . 2010-04-20 14:45 607472 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Yahoo!\YUpdater\yupdater.exe
2010-09-25 21:37 . 2003-02-01 10:19 52224 -c--a-w- c:\windows\system32\mspmsnsv.dll
2010-09-25 21:37 . 2003-02-01 10:19 52224 -c--a-w- c:\windows\system32\dllcache\mspmsnsv.dll
2010-09-25 21:37 . 2002-11-27 01:03 27136 -c--a-w- c:\windows\system32\wmdmlog.dll
2010-09-25 21:37 . 2002-11-27 01:03 27136 -c--a-w- c:\windows\system32\dllcache\wmdmlog.dll
2010-09-25 21:37 . 2002-11-27 01:03 23552 -c--a-w- c:\windows\system32\wmdmps.dll
2010-09-25 21:37 . 2002-11-27 01:03 159232 -c--a-w- c:\windows\system32\dllcache\CEWMDM.dll
2010-09-25 21:37 . 2002-11-27 01:03 159232 -c--a-w- c:\windows\system32\CEWMDM.dll
2010-09-25 21:37 . 2003-02-01 10:18 245760 -c--a-w- c:\windows\system32\mswmdm.dll
2010-09-25 21:37 . 2003-02-01 10:18 245760 -c--a-w- c:\windows\system32\dllcache\mswmdm.dll
2010-09-25 21:37 . 2002-11-27 01:03 23552 -c--a-w- c:\windows\system32\dllcache\wmdmps.dll
2010-09-25 06:27 . 2010-09-27 07:17 88 --sh--r- c:\documents and settings\All Users.WINDOWS\Data aplikací\F7DB45091D.sys
2010-09-25 06:27 . 2010-09-27 07:17 2516 --sha-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\KGyGaAvL.sys
2010-09-25 06:27 . 2010-09-25 06:27 -------- d-----w- c:\documents and settings\SAYONARA\Corel
2010-09-25 02:16 . 2010-10-06 09:38 -------- d-----w- c:\program files\Yahoo!
2010-09-25 01:12 . 2010-09-25 01:12 -------- dc----w- c:\windows\Logs
2010-09-25 00:41 . 2010-09-25 00:41 -------- d-----w- c:\program files\VideoLAN
2010-09-24 06:59 . 2010-04-29 13:39 38224 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-24 06:58 . 2010-04-29 13:39 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-09-24 06:55 . 2010-10-06 12:20 37392 -c--a-w- c:\windows\system32\drivers\26113002.sys
2010-09-24 06:55 . 2010-10-06 12:20 128016 -c--a-w- c:\windows\system32\drivers\26113001.sys
2010-09-24 06:55 . 2010-10-06 12:20 315408 -c--a-w- c:\windows\system32\drivers\2611300.sys
2010-09-19 08:37 . 2010-10-05 13:31 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-19 08:23 . 2009-05-16 02:39 442368 -c--a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-19 08:23 . 2009-05-16 00:35 45056 -c--a-w- c:\windows\system32\aticalrt.dll
2010-09-19 08:23 . 2009-05-16 01:38 49664 -c--a-w- c:\windows\system32\atimpc32.dll
2010-09-19 08:23 . 2009-05-16 01:38 49664 -c--a-w- c:\windows\system32\amdpcom32.dll
2010-09-19 08:23 . 2009-05-16 00:33 3158016 -c--a-w- c:\windows\system32\aticaldd.dll
2010-09-19 08:23 . 2009-05-05 18:33 118784 -c--a-w- c:\windows\system32\atibtmon.exe
2010-09-19 08:23 . 2009-05-16 01:31 139264 -c--a-w- c:\windows\system32\atiadlxx.dll
2010-09-19 08:23 . 2009-05-16 01:26 376832 -c--a-w- c:\windows\system32\atiok3x2.dll
2010-09-19 08:23 . 2009-05-16 00:34 45056 -c--a-w- c:\windows\system32\aticalcl.dll
2010-09-19 08:22 . 2009-03-25 12:29 130432 -c--a-w- c:\windows\system32\drivers\Rtnicxp.sys
2010-09-19 08:22 . 2009-03-03 18:18 73728 -c--a-w- c:\windows\system32\RtNicProp32.dll
2010-09-18 17:27 . 2009-12-30 10:20 27064 -c--a-w- c:\windows\system32\drivers\revoflt.sys
2010-09-18 17:27 . 2010-09-18 17:27 -------- d-----w- c:\program files\VS Revo Group
2010-09-18 06:09 . 1998-11-17 11:44 328704 -c--a-w- c:\windows\IsUn0407.exe
2010-09-17 21:38 . 2010-02-27 12:19 13976 -c--a-w- c:\windows\system32\drivers\videX32.sys
2010-09-17 19:49 . 2010-09-17 19:49 -------- dc-h--w- c:\windows\PIF
2010-09-16 18:34 . 2001-10-25 14:00 229439 -c--a-w- c:\windows\system32\dllcache\multibox.dll
2010-09-16 18:33 . 2004-08-17 13:49 32256 -c--a-w- c:\windows\system32\dllcache\gzip.dll
2010-09-16 18:32 . 2004-08-17 13:49 8192 -c--a-w- c:\windows\system32\dllcache\staxmem.dll
2010-09-16 18:27 . 2004-08-17 13:49 40448 -c--a-w- c:\windows\system32\wbem\snmpthrd.dll
2010-09-16 18:27 . 2004-08-17 13:49 40448 -c--a-w- c:\windows\system32\dllcache\snmpthrd.dll
2010-09-16 18:27 . 2004-08-17 13:49 259072 -c--a-w- c:\windows\system32\wbem\snmpcl.dll
2010-09-16 18:27 . 2004-08-17 13:49 259072 -c--a-w- c:\windows\system32\dllcache\snmpcl.dll
2010-09-16 18:26 . 2004-08-17 13:49 26624 -c--a-w- c:\windows\system32\irmon.dll
2010-09-16 18:26 . 2004-08-17 13:49 153088 -c--a-w- c:\windows\system32\irftp.exe
2010-09-16 18:26 . 2004-08-03 21:00 87424 -c--a-w- c:\windows\system32\drivers\irda.sys
2010-09-16 18:26 . 2004-08-17 13:49 8192 -c--a-w- c:\windows\system32\wshirda.dll
2010-09-16 18:16 . 2001-08-17 19:51 19584 -c--a-w- c:\windows\system32\drivers\rasirda.sys
2010-09-16 18:14 . 2001-10-25 14:00 13312 -c--a-w- c:\windows\system32\irclass.dll
2010-09-16 18:14 . 2001-10-25 14:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-09-16 18:14 . 2001-10-25 14:00 24661 -c--a-w- c:\windows\system32\spxcoins.dll
2010-09-16 18:14 . 2001-10-25 14:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-09-16 14:51 . 2010-09-16 14:51 -------- dc----w- c:\windows\system32\ivtMobCache
2010-09-13 03:10 . 2010-09-13 03:08 737280 -c--a-w- c:\windows\iun6002.exe
2010-09-13 00:21 . 2010-09-13 00:21 -------- d-----w- c:\program files\MSECache
2010-09-11 23:02 . 2010-09-11 23:01 36684048 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze.exe
2010-09-11 23:01 . 2010-09-11 23:01 95232 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-09-11 23:01 . 2010-09-11 23:01 8192 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-09-11 23:01 . 2010-09-11 23:01 61440 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-09-11 23:01 . 2010-09-11 23:01 10240 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-09-10 09:26 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-09-10 09:25 . 2010-09-18 16:06 -------- dc----w- c:\windows\system32\drivers\UMDF
2010-09-10 09:25 . 2010-09-10 09:25 -------- dc----w- c:\windows\system32\LogFiles
2010-09-10 09:25 . 2009-01-07 16:20 26144 -c--a-w- c:\windows\system32\spupdsvc.exe
2010-09-10 09:24 . 2010-09-10 09:24 12212040 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-09-10 09:24 . 2010-09-10 09:24 13930312 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-09-10 09:24 . 2010-09-10 09:24 77824 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-09-10 09:24 . 2010-09-10 09:24 50000 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 11:25 . 2001-10-25 14:00 79164 ----a-w- c:\windows\system32\perfc005.dat
2010-10-06 11:25 . 2001-10-25 14:00 416962 ----a-w- c:\windows\system32\perfh005.dat
2010-10-05 00:05 . 2009-01-01 09:31 -------- d-----w- c:\program files\Google
2010-10-02 13:27 . 2010-08-06 04:04 423656 -c--a-w- c:\windows\system32\deployJava1.dll
2010-09-30 06:12 . 2008-12-31 00:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-25 07:38 . 2010-09-02 19:54 664 -c--a-w- c:\windows\system32\d3d9caps.dat
2010-09-18 16:06 . 2009-12-25 22:19 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-17 23:20 . 2010-03-14 01:21 -------- d-----w- c:\program files\Common Files\Apple
2010-09-16 18:28 . 2010-03-16 19:16 22976 -c--a-w- c:\windows\system32\emptyregdb.dat
2010-09-10 09:33 . 2010-09-10 09:33 0 -c-ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-10 09:33 . 2010-09-10 09:33 0 -c-ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-10 06:39 . 2009-01-31 14:51 -------- d-----w- c:\program files\DIFX
2010-09-05 04:08 . 2009-10-24 10:03 -------- d---a-w- c:\program files\Serials 2005
2010-09-04 19:50 . 2010-09-04 17:15 -------- d-----w- c:\program files\XP TCPIP Repair
2010-08-29 16:04 . 2010-08-29 16:04 0 -c--a-w- c:\windows\ativpsrm.bin
2010-08-09 22:34 . 2010-07-24 23:33 -------- d-----w- c:\program files\ARCHPR
2010-08-08 00:19 . 2010-07-12 12:41 -------- d-----w- c:\program files\CommViewWiFi
2010-08-06 23:53 . 2010-08-06 23:53 56 -c-ha-w- c:\windows\system32\ezsidmv.dat
2010-08-06 15:10 . 2010-08-06 15:10 99688 -c--a-w- c:\windows\system32\BtMmHook.dll
2010-08-06 15:10 . 2010-08-06 15:10 996720 -c--a-w- c:\windows\system32\BTNeighborhood.dll
2010-08-06 15:10 . 2010-08-06 15:10 91504 -c--a-w- c:\windows\system32\BtAudioHelper.dll
2010-08-06 15:10 . 2010-08-06 15:10 521568 -c--a-w- c:\windows\system32\wbtapi.dll
2010-07-24 19:16 . 2010-07-24 19:16 503808 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\msvcp71.dll
2010-07-24 19:16 . 2010-07-24 19:16 348160 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\msvcr71.dll
2010-07-24 19:16 . 2010-07-24 19:16 499712 ----a-w- c:\documents and settings\SAYONARA\Data aplikací\Sun\Java\Deployment\cache\6.0\46\f84c6ae-1fbd2d7a-n\jmc.dll
2010-04-16 01:32 . 2010-04-16 01:32 40 -c--a-w- c:\program files\Recent.INI
2010-04-16 01:32 . 2010-04-16 01:32 4550 -c--a-w- c:\program files\PSPad.INI
2010-04-16 01:32 . 2010-04-16 01:32 0 -c--a-w- c:\program files\PSPad_MU.INI
.

saionara · Příspěvekod **saionara** » 06 říj 2010 15:09

------- Sigcheck -------

[-] 2008-04-14 03:21 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\mspmsnsv.dll
[-] 2003-02-01 10:19 . 9E1381B2DE2A23F8E4C22E814D55F475 . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2003-02-01 10:19 . 9E1381B2DE2A23F8E4C22E814D55F475 . 52224 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-10-06_09.40.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-06 12:30 . 2010-10-06 12:30 16384 c:\windows\temp\Perflib_Perfdata_798.dat
+ 2004-08-17 13:49 . 2009-06-25 08:48 59392 c:\windows\system32\wdigest.dll
+ 2010-10-06 10:00 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2010-09-10 09:27 . 2009-01-07 16:20 17952 c:\windows\system32\spmsg.dll
+ 2004-08-17 13:49 . 2006-11-21 10:26 32768 c:\windows\system32\snmp.exe
+ 2004-08-17 13:49 . 2009-06-25 08:48 56320 c:\windows\system32\secur32.dll
+ 2001-10-25 14:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
- 2004-08-17 13:49 . 2004-08-17 13:49 69632 c:\windows\system32\raschap.dll
+ 2004-08-17 13:49 . 2009-10-12 13:54 69632 c:\windows\system32\raschap.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll
+ 2001-10-25 14:00 . 2010-10-06 11:25 66912 c:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2010-09-23 22:24 66912 c:\windows\system32\perfc009.dat
+ 2009-01-07 16:20 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 91648 c:\windows\system32\mtxoci.dll
+ 2004-08-17 13:49 . 2008-06-12 14:19 66560 c:\windows\system32\mtxclu.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-17 15:49 . 2009-11-27 17:35 17920 c:\windows\system32\msyuv.dll
+ 2001-10-25 14:00 . 2009-11-27 16:40 28672 c:\windows\system32\msvidc32.dll
+ 2004-08-17 13:49 . 2009-11-27 16:40 11264 c:\windows\system32\msrle32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 11264 c:\windows\system32\msrle32.dll
+ 2004-08-17 13:48 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 66560 c:\windows\system32\mshtmled.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe
+ 2009-03-08 02:31 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe
+ 2009-03-08 02:31 . 2010-05-06 10:35 55296 c:\windows\system32\msfeedsbs.dll
- 2010-03-16 19:14 . 2004-08-17 13:49 58880 c:\windows\system32\msdtclog.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 58880 c:\windows\system32\msdtclog.dll
+ 2004-08-17 13:49 . 2008-06-24 16:24 74240 c:\windows\system32\mscms.dll
+ 2004-08-17 13:49 . 2009-09-04 20:47 58880 c:\windows\system32\msasn1.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 48640 c:\windows\system32\mqupgrd.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 48640 c:\windows\system32\mqupgrd.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 95744 c:\windows\system32\mqsec.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 95744 c:\windows\system32\mqsec.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 16896 c:\windows\system32\mqise.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 16896 c:\windows\system32\mqise.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 47104 c:\windows\system32\mqdscli.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 47104 c:\windows\system32\mqdscli.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 19968 c:\windows\system32\mqbkup.exe
+ 2004-08-17 13:49 . 2009-06-22 11:49 19968 c:\windows\system32\mqbkup.exe
+ 2004-08-17 13:49 . 2009-03-08 02:34 43008 c:\windows\system32\licmgr10.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-17 15:49 . 2009-11-27 16:40 48128 c:\windows\system32\iyuv_32.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll
+ 2009-03-08 02:32 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe
+ 2004-08-17 13:49 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll
+ 2009-03-08 02:31 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll
+ 2001-10-25 14:00 . 2009-10-15 17:22 82432 c:\windows\system32\fontsub.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 55808 c:\windows\system32\extmgr.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 55808 c:\windows\system32\extmgr.dll
+ 2004-08-03 20:58 . 2009-06-22 11:48 91776 c:\windows\system32\drivers\mqac.sys
+ 2004-08-03 20:59 . 2009-06-22 11:34 92544 c:\windows\system32\drivers\ksecdd.sys
+ 2004-08-17 13:49 . 2009-06-25 08:48 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2004-08-17 13:49 . 2006-11-21 10:26 32768 c:\windows\system32\dllcache\snmp.exe
+ 2004-08-17 13:49 . 2009-06-25 08:48 56320 c:\windows\system32\dllcache\secur32.dll
+ 2001-10-25 14:00 . 2009-02-06 16:54 35328 c:\windows\system32\dllcache\sc.exe
+ 2004-08-17 13:49 . 2009-10-12 13:54 69632 c:\windows\system32\dllcache\raschap.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 69632 c:\windows\system32\dllcache\raschap.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2004-08-17 13:49 . 2008-06-12 14:19 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2001-10-25 14:00 . 2009-11-27 16:40 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2004-08-17 13:49 . 2009-11-27 16:40 11264 c:\windows\system32\dllcache\msrle32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2004-08-17 13:48 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe
- 2010-03-16 19:14 . 2004-08-17 13:49 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2004-08-17 13:49 . 2008-06-24 16:24 74240 c:\windows\system32\dllcache\mscms.dll
+ 2004-08-17 13:49 . 2009-09-04 20:47 58880 c:\windows\system32\dllcache\msasn1.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 48640 c:\windows\system32\dllcache\mqupgrd.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 48640 c:\windows\system32\dllcache\mqupgrd.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 95744 c:\windows\system32\dllcache\mqsec.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 95744 c:\windows\system32\dllcache\mqsec.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 16896 c:\windows\system32\dllcache\mqise.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 16896 c:\windows\system32\dllcache\mqise.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 47104 c:\windows\system32\dllcache\mqdscli.dll
+ 2004-08-17 13:49 . 2009-06-22 11:49 19968 c:\windows\system32\dllcache\mqbkup.exe
- 2004-08-17 13:49 . 2004-08-17 13:49 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2004-08-03 20:58 . 2009-06-22 11:48 91776 c:\windows\system32\dllcache\mqac.sys
+ 2004-08-17 13:49 . 2009-03-08 02:34 43008 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-03 20:59 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2004-08-17 13:49 . 2010-05-06 10:35 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:40 . 2009-11-27 16:40 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll
- 2008-12-30 20:09 . 2004-08-17 13:49 18432 c:\windows\system32\dllcache\iedw.exe
+ 2008-12-30 20:09 . 2010-04-16 13:36 18432 c:\windows\system32\dllcache\iedw.exe
+ 2008-12-30 20:09 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll
+ 2001-10-25 14:00 . 2009-10-15 17:22 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 55808 c:\windows\system32\dllcache\extmgr.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-17 13:49 . 2009-12-14 07:37 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll
+ 2010-03-16 19:14 . 2005-07-26 04:42 60416 c:\windows\system32\dllcache\colbact.dll
+ 2004-08-17 13:49 . 2010-01-13 14:10 85504 c:\windows\system32\dllcache\cabview.dll
+ 2004-08-17 13:49 . 2009-11-27 16:40 84992 c:\windows\system32\dllcache\avifil32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 84992 c:\windows\system32\dllcache\avifil32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 58880 c:\windows\system32\dllcache\atl.dll
+ 2004-08-17 13:49 . 2009-07-17 18:57 58880 c:\windows\system32\dllcache\atl.dll
+ 2004-08-17 13:49 . 2010-03-05 14:57 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-17 13:49 . 2009-12-14 07:37 33280 c:\windows\system32\csrsrv.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll
+ 2010-03-16 19:14 . 2005-07-26 04:42 60416 c:\windows\system32\colbact.dll
+ 2004-08-17 13:49 . 2010-01-13 14:10 85504 c:\windows\system32\cabview.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 84992 c:\windows\system32\avifil32.dll
+ 2004-08-17 13:49 . 2009-11-27 16:40 84992 c:\windows\system32\avifil32.dll
+ 2004-08-17 13:49 . 2009-07-17 18:57 58880 c:\windows\system32\atl.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 58880 c:\windows\system32\atl.dll
+ 2004-08-17 13:49 . 2010-03-05 14:57 65536 c:\windows\system32\asycfilt.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll
+ 2010-10-06 10:54 . 2009-03-08 02:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2010-10-06 10:54 . 2009-03-08 02:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2010-10-06 10:54 . 2009-03-08 02:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 37888 c:\windows\ie8\url.dll
+ 2010-10-06 10:53 . 2009-03-08 14:57 58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 39424 c:\windows\ie8\pngfilt.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 96768 c:\windows\ie8\occache.dll
+ 2010-10-06 10:51 . 2004-08-17 13:48 56832 c:\windows\ie8\mshtmler.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 29184 c:\windows\ie8\mshta.exe
+ 2010-10-06 10:51 . 2004-08-17 13:49 22016 c:\windows\ie8\licmgr10.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 16384 c:\windows\ie8\jsproxy.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 96768 c:\windows\ie8\inseng.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 35840 c:\windows\ie8\imgutil.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 93184 c:\windows\ie8\iexplore.exe
+ 2010-10-06 10:51 . 2004-08-17 13:49 62976 c:\windows\ie8\iesetup.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 48640 c:\windows\ie8\iernonce.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 81920 c:\windows\ie8\ieencode.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 34304 c:\windows\ie8\ie4uinit.exe
+ 2010-10-06 10:51 . 2004-08-17 13:49 38912 c:\windows\ie8\hmmapi.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 35328 c:\windows\ie8\corpol.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 61440 c:\windows\ie8\admparse.dll
+ 2010-09-28 00:11 . 2009-11-27 17:35 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:40 . 2009-11-27 16:40 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2001-10-24 12:25 . 2009-11-27 16:40 8704 c:\windows\system32\tsbyuv.dll
+ 2004-08-17 13:49 . 2009-06-22 11:49 4608 c:\windows\system32\mqsvc.exe
- 2004-08-17 13:49 . 2004-08-17 13:49 4608 c:\windows\system32\mqsvc.exe
+ 2009-11-27 16:40 . 2009-11-27 16:40 8704 c:\windows\system32\dllcache\tsbyuv.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2004-08-17 13:49 . 2009-06-22 11:49 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2009-11-27 16:40 . 2009-11-27 16:40 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2008-02-17 02:33 . 2010-04-16 13:47 360448 c:\windows\system32\xpsp3res.dll
+ 2009-01-07 16:21 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll
+ 2004-08-17 13:49 . 2009-04-03 10:15 485376 c:\windows\system32\wmspdmod.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 233472 c:\windows\system32\wmpdxm.dll
+ 2004-08-17 13:49 . 2009-07-13 00:18 233472 c:\windows\system32\wmpdxm.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-17 13:49 . 2009-06-10 06:31 132096 c:\windows\system32\wkssvc.dll
+ 2004-08-17 13:49 . 2009-12-24 07:07 177664 c:\windows\system32\wintrust.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 916480 c:\windows\system32\wininet.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 351232 c:\windows\system32\winhttp.dll
+ 2004-08-17 13:49 . 2008-12-16 12:50 351232 c:\windows\system32\winhttp.dll
+ 2009-03-08 02:34 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-17 13:49 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll
+ 2010-03-16 19:14 . 2009-02-06 16:39 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2010-03-16 19:14 . 2009-02-09 10:22 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2010-03-16 19:14 . 2009-02-09 10:22 473088 c:\windows\system32\wbem\fastprox.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 420352 c:\windows\system32\vbscript.dll
+ 2004-08-17 13:49 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll
+ 2004-08-17 13:49 . 2009-10-15 20:52 119808 c:\windows\system32\t2embed.dll
+ 2004-08-17 13:49 . 2009-08-26 08:16 247326 c:\windows\system32\strmdll.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 168448 c:\windows\system32\schannel.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 169472 c:\windows\system32\Setup\msmqocm.dll
+ 2004-08-17 13:49 . 2009-02-09 10:11 111104 c:\windows\system32\services.exe
+ 2004-08-17 13:49 . 2009-02-09 10:22 399360 c:\windows\system32\rpcss.dll
+ 2004-08-17 13:49 . 2009-04-15 15:18 584192 c:\windows\system32\rpcrt4.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 112640 c:\windows\system32\rastls.dll
+ 2004-08-17 13:49 . 2009-10-12 13:54 112640 c:\windows\system32\rastls.dll
- 2001-10-25 14:00 . 2010-09-23 22:24 418224 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-10-06 11:25 418224 c:\windows\system32\perfh009.dat
+ 2004-08-17 13:49 . 2009-03-06 14:47 283648 c:\windows\system32\pdh.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 283648 c:\windows\system32\pdh.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 206848 c:\windows\system32\occache.dll
+ 2004-08-17 13:49 . 2009-10-13 10:53 267776 c:\windows\system32\oakley.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 267776 c:\windows\system32\oakley.dll
+ 2004-08-17 13:48 . 2009-02-09 10:22 709632 c:\windows\system32\ntdll.dll
+ 2004-08-17 13:49 . 2008-10-15 17:00 332800 c:\windows\system32\netapi32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 247296 c:\windows\system32\mswsock.dll
+ 2004-08-17 13:49 . 2008-06-20 17:42 247296 c:\windows\system32\mswsock.dll
+ 2004-08-17 13:49 . 2009-08-05 09:07 205312 c:\windows\system32\mswebdvd.dll
+ 2004-08-17 13:49 . 2009-09-11 14:35 133632 c:\windows\system32\msv1_0.dll
+ 2010-03-16 19:14 . 2009-06-05 07:46 655872 c:\windows\system32\mstscax.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 611840 c:\windows\system32\mstime.dll
+ 2004-08-17 13:49 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll
- 2010-03-16 19:14 . 2004-08-17 13:49 343552 c:\windows\system32\mspaint.exe
+ 2010-03-16 19:14 . 2009-12-17 08:00 343552 c:\windows\system32\mspaint.exe
+ 2001-10-25 14:00 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll
+ 2009-03-08 02:32 . 2010-05-06 10:35 599040 c:\windows\system32\msfeeds.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 161792 c:\windows\system32\msdtcuiu.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 956928 c:\windows\system32\msdtctm.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 428032 c:\windows\system32\msdtcprx.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 489472 c:\windows\system32\mqutil.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 489472 c:\windows\system32\mqutil.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 186880 c:\windows\system32\mqtrig.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 186880 c:\windows\system32\mqtrig.dll
+ 2004-08-17 13:49 . 2009-06-22 11:49 117248 c:\windows\system32\mqtgsvc.exe
- 2004-08-17 13:49 . 2004-08-17 13:49 117248 c:\windows\system32\mqtgsvc.exe
+ 2004-08-17 13:49 . 2009-06-25 18:37 517120 c:\windows\system32\mqsnap.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 123392 c:\windows\system32\mqrtdep.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 123392 c:\windows\system32\mqrtdep.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 177152 c:\windows\system32\mqrt.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 177152 c:\windows\system32\mqrt.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 661504 c:\windows\system32\mqqm.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 225280 c:\windows\system32\mqoa.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 225280 c:\windows\system32\mqoa.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 138240 c:\windows\system32\mqad.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 138240 c:\windows\system32\mqad.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 723456 c:\windows\system32\lsasrv.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 103936 c:\windows\system32\logagent.exe
+ 2004-08-17 13:49 . 2008-06-09 23:31 103936 c:\windows\system32\logagent.exe
+ 2004-08-17 13:49 . 2009-05-07 15:44 345088 c:\windows\system32\localspl.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 298496 c:\windows\system32\kerberos.dll
+ 2010-10-06 10:55 . 2009-03-10 20:18 454024 c:\windows\system32\KB905474\wgasetup.exe
+ 2004-08-17 13:49 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll
+ 2010-03-16 19:17 . 2010-01-29 15:07 683520 c:\windows\system32\inetcomm.dll
+ 2009-03-08 02:22 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 184320 c:\windows\system32\iepeers.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 387584 c:\windows\system32\iedkcs32.dll
+ 2009-03-08 02:11 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll
+ 2001-10-25 14:00 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll
+ 2004-08-17 13:49 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
+ 2004-08-17 13:49 . 2008-10-23 13:01 283648 c:\windows\system32\gdi32.dll
- 2010-03-16 20:02 . 2010-09-30 00:40 119744 c:\windows\system32\FNTCACHE.DAT
+ 2010-03-16 20:02 . 2010-10-06 11:19 119744 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-17 13:49 . 2008-07-07 20:32 253952 c:\windows\system32\es.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll
+ 2004-08-03 21:07 . 2010-02-11 12:01 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2004-08-03 21:14 . 2008-06-20 10:45 360320 c:\windows\system32\drivers\tcpip.sys
+ 2001-10-25 14:00 . 2008-05-08 12:28 202752 c:\windows\system32\drivers\rmcast.sys
+ 2004-08-03 21:14 . 2008-06-20 10:44 138368 c:\windows\system32\drivers\afd.sys
+ 2004-08-17 13:49 . 2008-06-20 21:12 148992 c:\windows\system32\dnsapi.dll
+ 2008-12-30 20:07 . 2008-04-21 21:28 216576 c:\windows\system32\dllcache\wordpad.exe
+ 2004-08-17 13:49 . 2009-04-03 10:15 485376 c:\windows\system32\dllcache\wmspdmod.dll
+ 2004-08-17 13:49 . 2009-07-13 00:18 233472 c:\windows\system32\dllcache\wmpdxm.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2010-03-16 19:14 . 2009-02-06 16:39 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2010-03-16 19:14 . 2009-02-09 10:22 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2004-08-17 13:49 . 2009-06-10 06:31 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2004-08-17 13:49 . 2009-12-24 07:07 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 916480 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-17 13:49 . 2008-12-16 12:50 351232 c:\windows\system32\dllcache\winhttp.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2004-08-17 13:49 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll
+ 2008-12-30 20:10 . 2009-03-08 02:33 759296 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 420352 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-17 13:49 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll
+ 2008-12-30 20:09 . 2009-06-21 22:07 153088 c:\windows\system32\dllcache\triedit.dll
- 2008-12-30 20:09 . 2004-08-17 13:49 153088 c:\windows\system32\dllcache\triedit.dll
+ 2004-08-03 21:07 . 2010-02-11 12:01 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2004-08-03 21:14 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\tcpip.sys
+ 2004-08-17 13:49 . 2009-10-15 20:52 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2004-08-17 13:49 . 2009-08-26 08:16 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 168448 c:\windows\system32\dllcache\schannel.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-17 13:49 . 2009-02-09 10:11 111104 c:\windows\system32\dllcache\services.exe
+ 2004-08-17 13:49 . 2009-02-09 10:22 399360 c:\windows\system32\dllcache\rpcss.dll
+ 2004-08-17 13:49 . 2009-04-15 15:18 584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2001-10-25 14:00 . 2008-05-08 12:28 202752 c:\windows\system32\dllcache\rmcast.sys
- 2004-08-17 13:49 . 2004-08-17 13:49 112640 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-17 13:49 . 2009-10-12 13:54 112640 c:\windows\system32\dllcache\rastls.dll
+ 2004-08-17 13:49 . 2009-03-06 14:47 283648 c:\windows\system32\dllcache\pdh.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 283648 c:\windows\system32\dllcache\pdh.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-17 13:49 . 2009-10-13 10:53 267776 c:\windows\system32\dllcache\oakley.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 267776 c:\windows\system32\dllcache\oakley.dll
+ 2004-08-17 13:48 . 2009-02-09 10:22 709632 c:\windows\system32\dllcache\ntdll.dll
+ 2004-08-17 13:49 . 2008-10-15 17:00 332800 c:\windows\system32\dllcache\netapi32.dll
+ 2004-08-17 13:49 . 2008-06-20 17:42 247296 c:\windows\system32\dllcache\mswsock.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2004-08-17 13:49 . 2009-08-05 09:07 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2004-08-17 13:49 . 2009-09-11 14:35 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2010-03-16 19:14 . 2009-06-05 07:46 655872 c:\windows\system32\dllcache\mstscax.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 611840 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-17 13:49 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll
- 2010-03-16 19:14 . 2004-08-17 13:49 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2010-03-16 19:14 . 2009-12-17 08:00 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2004-08-17 13:49 . 2009-06-25 18:37 169472 c:\windows\system32\dllcache\msmqocm.dll
+ 2001-10-25 14:00 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2010-03-16 19:14 . 2008-06-12 14:19 428032 c:\windows\system32\dllcache\msdtcprx.dll
+ 2008-12-30 20:09 . 2008-05-01 14:33 331776 c:\windows\system32\dllcache\msadce.dll
- 2008-12-30 20:09 . 2004-08-17 13:49 331776 c:\windows\system32\dllcache\msadce.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 489472 c:\windows\system32\dllcache\mqutil.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 489472 c:\windows\system32\dllcache\mqutil.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2004-08-17 13:49 . 2009-06-22 11:49 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2004-08-17 13:49 . 2009-06-25 18:37 517120 c:\windows\system32\dllcache\mqsnap.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 123392 c:\windows\system32\dllcache\mqrtdep.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 123392 c:\windows\system32\dllcache\mqrtdep.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 177152 c:\windows\system32\dllcache\mqrt.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 661504 c:\windows\system32\dllcache\mqqm.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 225280 c:\windows\system32\dllcache\mqoa.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 225280 c:\windows\system32\dllcache\mqoa.dll
+ 2004-08-17 13:49 . 2009-06-25 18:37 138240 c:\windows\system32\dllcache\mqad.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 138240 c:\windows\system32\dllcache\mqad.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 723456 c:\windows\system32\dllcache\lsasrv.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 103936 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-17 13:49 . 2008-06-09 23:31 103936 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-17 13:49 . 2009-05-07 15:44 345088 c:\windows\system32\dllcache\localspl.dll
+ 2004-08-17 13:49 . 2009-06-25 08:48 298496 c:\windows\system32\dllcache\kerberos.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll
+ 2010-03-16 19:17 . 2010-01-29 15:07 683520 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-12-30 20:09 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-17 13:49 . 2010-05-06 10:35 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2001-10-25 14:00 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-17 13:49 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-17 13:49 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2010-03-16 19:17 . 2004-08-17 13:49 743936 c:\windows\system32\dllcache\helpsvc.exe
+ 2010-03-16 19:17 . 2010-06-14 14:30 743936 c:\windows\system32\dllcache\helpsvc.exe
+ 2004-08-17 13:49 . 2008-10-23 13:01 283648 c:\windows\system32\dllcache\gdi32.dll
+ 2010-03-16 19:14 . 2009-02-09 10:22 473088 c:\windows\system32\dllcache\fastprox.dll
+ 2004-08-17 13:49 . 2008-07-07 20:32 253952 c:\windows\system32\dllcache\es.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-17 13:49 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-17 13:49 . 2008-06-20 21:12 148992 c:\windows\system32\dllcache\dnsapi.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 151552 c:\windows\system32\dllcache\cdfview.dll
+ 2004-08-03 21:14 . 2008-06-20 10:44 138368 c:\windows\system32\dllcache\afd.sys
+ 2004-08-17 13:49 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 683520 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-17 13:49 . 2009-02-09 10:22 683520 c:\windows\system32\dllcache\advapi32.dll
+ 2004-08-17 13:49 . 2010-02-12 04:47 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 151552 c:\windows\system32\cdfview.dll
+ 2004-08-17 13:49 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll
+ 2004-08-17 13:49 . 2009-02-09 10:22 683520 c:\windows\system32\advapi32.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 683520 c:\windows\system32\advapi32.dll
+ 2004-08-17 13:49 . 2010-02-12 04:47 100864 c:\windows\system32\6to4svc.dll
+ 2010-03-16 19:17 . 2010-06-14 14:30 743936 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
- 2010-03-16 19:17 . 2004-08-17 13:49 743936 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2010-10-06 09:44 . 2010-10-06 09:44 972800 c:\windows\Installer\49b86.msi
+ 2010-10-06 10:54 . 2009-03-08 02:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2010-10-06 10:54 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2010-10-06 10:54 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2010-10-06 10:54 . 2009-03-08 02:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2010-10-06 10:54 . 2009-03-08 02:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2010-10-06 10:54 . 2009-03-08 02:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2010-10-06 10:54 . 2009-03-08 02:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2010-10-06 10:54 . 2009-03-08 02:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2010-10-06 10:54 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2010-10-06 10:54 . 2009-03-08 12:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2010-10-06 10:54 . 2009-03-08 02:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2010-10-06 10:51 . 2010-04-16 15:38 663040 c:\windows\ie8\wininet.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 278528 c:\windows\ie8\webcheck.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 848384 c:\windows\ie8\vgx.dll
+ 2010-10-06 10:51 . 2007-12-18 14:43 417792 c:\windows\ie8\vbscript.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 625152 c:\windows\ie8\urlmon.dll
+ 2010-10-06 10:53 . 2009-01-07 16:20 390688 c:\windows\ie8\spuninst\updspapi.dll
+ 2010-10-06 10:53 . 2009-01-07 16:20 234016 c:\windows\ie8\spuninst\spuninst.exe
+ 2010-10-06 10:51 . 2010-04-16 15:38 532480 c:\windows\ie8\mstime.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 146432 c:\windows\ie8\msrating.dll
+ 2010-10-06 10:51 . 2001-10-25 14:00 146432 c:\windows\ie8\msls31.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 449024 c:\windows\ie8\mshtmled.dll
+ 2010-10-06 10:51 . 2009-08-21 06:52 450560 c:\windows\ie8\jscript.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 251392 c:\windows\ie8\iepeers.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 323584 c:\windows\ie8\iedkcs32.dll
+ 2010-10-06 10:51 . 2001-10-25 14:00 225280 c:\windows\ie8\ieakui.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 219136 c:\windows\ie8\ieaksie.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 139264 c:\windows\ie8\ieakeng.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 205312 c:\windows\ie8\dxtrans.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 357888 c:\windows\ie8\dxtmsft.dll
+ 2010-10-06 10:51 . 2004-08-17 13:49 100352 c:\windows\ie8\advpack.dll
+ 2004-08-17 13:49 . 2010-04-08 11:53 2113536 c:\windows\system32\WMVCore.dll
+ 2004-08-17 13:49 . 2010-02-16 05:27 4734976 c:\windows\system32\wmp.dll
+ 2004-08-17 13:49 . 2008-06-10 16:18 1053696 c:\windows\system32\WMNetmgr.dll
+ 2004-08-17 13:44 . 2010-05-02 08:27 1850880 c:\windows\system32\win32k.sys
+ 2004-08-17 13:49 . 2010-05-06 10:35 1209344 c:\windows\system32\urlmon.dll
+ 2004-08-17 13:49 . 2008-07-03 13:15 8458752 c:\windows\system32\shell32.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 1506816 c:\windows\system32\shdocvw.dll
+ 2004-08-17 13:49 . 2009-07-17 16:27 1437696 c:\windows\system32\query.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 1437696 c:\windows\system32\query.dll
+ 2004-08-17 13:49 . 2010-02-05 18:40 1293824 c:\windows\system32\quartz.dll
+ 2004-08-17 13:45 . 2009-02-09 11:52 2182656 c:\windows\system32\ntoskrnl.exe
+ 2004-08-17 15:45 . 2009-02-09 11:52 2059904 c:\windows\system32\ntkrnlpa.exe
+ 2008-08-29 18:06 . 2008-08-29 18:06 1350664 c:\windows\system32\msxml6.dll
+ 2004-08-17 13:49 . 2009-07-31 04:59 1172480 c:\windows\system32\msxml3.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 5950976 c:\windows\system32\mshtml.dll
+ 2010-10-06 10:55 . 2009-03-10 20:26 1435008 c:\windows\system32\KB905474\wganotifypackageinner.exe
+ 2009-03-08 02:32 . 2010-05-06 10:35 1985536 c:\windows\system32\iertutil.dll
+ 2009-02-06 19:07 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat
+ 2004-08-17 13:49 . 2010-04-08 11:53 2113536 c:\windows\system32\dllcache\WMVCore.dll
+ 2004-08-17 13:49 . 2010-02-16 05:27 4734976 c:\windows\system32\dllcache\wmp.dll
+ 2004-08-17 13:49 . 2008-06-10 16:18 1053696 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2004-08-17 13:44 . 2010-05-02 08:27 1850880 c:\windows\system32\dllcache\win32k.sys
+ 2004-08-17 13:49 . 2010-05-06 10:35 1209344 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-17 13:49 . 2008-07-03 13:15 8458752 c:\windows\system32\dllcache\shell32.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 1506816 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-17 13:49 . 2009-07-17 16:27 1437696 c:\windows\system32\dllcache\query.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 1437696 c:\windows\system32\dllcache\query.dll
+ 2004-08-17 13:49 . 2010-02-05 18:40 1293824 c:\windows\system32\dllcache\quartz.dll
+ 2004-08-17 13:49 . 2009-07-31 04:59 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-12-30 20:09 . 2010-01-29 15:07 1315840 c:\windows\system32\dllcache\msoe.dll
+ 2004-08-17 13:49 . 2010-05-06 10:35 5950976 c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-30 20:09 . 2009-10-23 14:27 3555328 c:\windows\system32\dllcache\moviemk.exe
- 2008-12-30 20:09 . 2004-08-17 13:49 3555328 c:\windows\system32\dllcache\moviemk.exe
+ 2004-08-17 13:49 . 2010-04-16 15:38 1055232 c:\windows\system32\dllcache\danim.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 1023488 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 1055232 c:\windows\system32\danim.dll
+ 2004-08-17 13:49 . 2010-04-16 15:38 1023488 c:\windows\system32\browseui.dll
+ 2010-10-06 10:54 . 2009-03-08 02:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2010-10-06 10:54 . 2009-03-08 02:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2010-10-06 10:54 . 2009-03-08 02:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2010-10-06 10:51 . 2010-04-16 15:38 3086336 c:\windows\ie8\mshtml.dll
+ 2010-10-06 10:02 . 2009-02-09 11:52 2182656 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-10-06 10:02 . 2009-02-09 11:52 2017792 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-10-06 10:02 . 2009-02-09 11:52 2059904 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-10-06 10:02 . 2009-02-09 11:52 2138112 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-10-06 10:38 . 2010-09-10 12:34 35552200 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2010-05-06 10:35 11076096 c:\windows\system32\ieframe.dll
+ 2010-10-06 10:54 . 2009-03-08 02:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-22 39408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
2010-03-01 12:00 9216928 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
2010-03-01 12:00 9216928 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 --sha-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-09-02 13:15 13351304 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apple Mobile Device"=2 (0x2)
"ServiceLayer"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\K-Lite Codec Pack\\Filters\\ac3config.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\Innovative Solutions\\DriverMax\\devices.exe"=
"c:\\Program Files\\Mozilla Firefox 4.0 Beta 6\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox 4.0 Beta 6\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"500:UDP"= 500:UDP:*:Disabled:@xpsp2res.dll,-22017

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [21.1.2008 19:28 19592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1.10.2010 16:52 136176]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 13:38 22528]
S3 FTLUND;Lundinova Filter Driver;c:\windows\system32\drivers\ftlund.sys [29.3.2010 10:38 6828]
S3 GTMMDMUSB;GT M 3G+ USB MDM;c:\windows\system32\drivers\gtmmdmusb.sys [17.3.2010 18:46 25472]
S3 GTMSERUSB;GT M 3G+ USB SER;c:\windows\system32\drivers\gtmserusb.sys [17.3.2010 18:45 21888]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [21.1.2008 19:28 25480]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [10.9.2010 11:09 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.9.2010 19:27 27064]
.
Obsah adresáře 'Naplánované úlohy'

2010-10-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-01 14:50]

2010-10-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-01 14:51]

2010-10-06 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-10-06 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
uInternet Settings,ProxyOverride = 127.0.0.1;localhost;<local>
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: ????3??
IE: ????3??????
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: Download ALL with IDA
IE: Download with IDA
IE: ????3?? - c:\documents and settings\SAYONARA\Data aplikací\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\documents and settings\SAYONARA\Data aplikací\FlashGetBHO\GetAllUrl.htm
FF - ProfilePath - c:\documents and settings\SAYONARA\Data aplikací\Mozilla\Firefox\Profiles\v3bjg12c.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p=
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\Google\Google Updater\2.4.1970.7372\npCIDetect14.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Documents and Settings\\SAYONARA\\Data aplikací\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Documents and Settings\\SAYONARA\\Data aplikací\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1454471165-329068152-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5DFB660B-35C4-1D56-F2C0-52FD2B72E06B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"faldojjedcdp"=hex:66,61,6f,62,70,6f,70,62,62,62,6c,62,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1144)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\snmp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-10-06 14:34:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-06 12:34
ComboFix2.txt 2010-10-06 09:45
ComboFix3.txt 2010-02-16 02:19
ComboFix4.txt 2010-02-16 00:25

Před spuštěním: 7 518 466 048
Po spuštění: 7 526 600 704

- - End Of File - - AB43D493FCF809E3E9C2CA4B417D36B4
Nahr nˇ probŘhlo ŁspŘçnŘ

saionara · Příspěvekod **saionara** » 06 říj 2010 15:10

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:10:14, on 6.10.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:3128;https=127.0.0.1:3128;socks=127.0.0.1:9000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

--
End of file - 3663 bytes

saionara · Příspěvekod **saionara** » 06 říj 2010 15:11

http://www.virustotal.com/file-scan/rep ... 1286369552

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online