Prosím o kontrolu logu Vyřešeno

[Dasty_]

Dobrý den, notebook je velmi pomalý při startu, práci i vypínání, prosím o radu a pomoc, děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:50, on 3.2.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
D:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4781934968
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4781918750
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

--
End of file - 5549 bytes

[Reklama]

[memphisto]

Odinstaluj Spybota, máš Avast

V logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 4781934968
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4781918750
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Dasty_]

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5671

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

3.2.2011 22:25:11
mbam-log-2011-02-03 (22-25-11).txt

Typ kontroly: Rychlý test
Testované objekty: 151485
Uplynulý čas: 2 minut, 22 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[memphisto]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Dasty_]

ComboFix 11-01-31.02 - user 03.02.2011 22:53:42.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1014.577 [GMT 1:00]
Spuštěný z: D:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Common Files\Temp
c:\windows\system32\winlogon.bak

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-03 do 2011-02-03 )))))))))))))))))))))))))))))))
.

2011-02-03 19:12 . 2011-02-03 19:39 -------- d-----w- c:\documents and settings\user\DoctorWeb
2011-02-03 18:24 . 2011-02-03 18:24 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-03 18:22 . 2011-02-03 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-03 18:22 . 2011-02-03 21:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-27 16:08 . 2011-02-03 16:41 -------- d-----w- c:\documents and settings\user\Data aplikací\skypePM
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\program files\Common Files\Skype
2011-01-27 15:58 . 2011-01-27 15:59 -------- d-----r- c:\program files\Skype
2011-01-27 15:58 . 2011-02-03 19:09 -------- d-----w- c:\documents and settings\user\Data aplikací\Skype
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-27 14:59 . 2011-01-27 15:00 -------- d-----w- C:\edd68f97009bf7aa95128853b1df
2011-01-27 12:27 . 2011-01-27 12:27 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-08-10 2349776]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Check Windows Disk Protection.lnk.disabled [2006-1-18 2521]

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^Openoffice.org 2.3.lnk]
path=c:\documents and settings\user\Nabídka Start\Programy\Po spuštění\Openoffice.org 2.3.lnk
backup=c:\windows\pss\Openoffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WDPOperations"=2 (0x2)
"McciCMService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"SoundMan"=SOUNDMAN.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe"
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe"
"PPort10reminder"="c:\program files\ScanSoft\PaperPort\Ereg\ereg.exe" -r "c:\documents and settings\All Users\Data aplikací\ScanSoft\PaperPort\10\Config\Ereg\ereg.ini"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
R4 WDPOperations;WDPOperations;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2005-09-02 8192]
S0 ewf;ewf; [x]
S1 aswSP;aswSP; [x]
S1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
S2 aswFsBlk;aswFsBlk; [x]


--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - DWPROT
*Deregistered* - Dwsh000021D4

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Notify-WgaLogon - (no file)
SafeBoot-Wdf01000.sys



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-03 22:58
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(528)
c:\windows\system32\igfxdev.dll
.
Celkový čas: 2011-02-03 23:02:33
ComboFix-quarantined-files.txt 2011-02-03 22:02

Před spuštěním: Volných bajtů: 29 994 307 584
Po spuštění: Volných bajtů: 29 955 182 592

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect

- - End Of File - - 8E8D107E13A50F2BE6316CCE4AD085AD

[memphisto]

Udělej sken Combofixem ještě jednou pod účtem s administrátorskými pravomocemi

[Dasty_]

ComboFix 11-01-31.02 - admin 04.02.2011 21:40:52.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1014.713 [GMT 1:00]
Spuštěný z: D:\ComboFix.exe
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-04 do 2011-02-04 )))))))))))))))))))))))))))))))
.

2011-02-04 19:28 . 2011-02-04 19:28 -------- d-----w- c:\documents and settings\admin\Data aplikací\Malwarebytes
2011-02-04 09:37 . 2010-05-06 21:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-04 09:37 . 2010-05-06 21:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-04 09:37 . 2010-05-06 21:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-04 09:37 . 2010-05-06 21:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-04 09:37 . 2010-05-06 21:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-04 09:37 . 2010-05-06 21:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-04 09:37 . 2010-05-06 21:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-04 09:36 . 2010-05-06 21:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2011-02-04 09:36 . 2010-05-06 21:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-04 08:18 . 2011-02-04 08:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2011-02-03 19:12 . 2011-02-03 19:39 -------- d-----w- c:\documents and settings\user\DoctorWeb
2011-02-03 18:24 . 2011-02-03 18:24 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2011-02-03 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2011-02-04 20:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-27 16:08 . 2011-02-04 16:31 -------- d-----w- c:\documents and settings\user\Data aplikací\skypePM
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\program files\Common Files\Skype
2011-01-27 15:58 . 2011-01-27 15:59 -------- d-----r- c:\program files\Skype
2011-01-27 15:58 . 2011-02-04 16:31 -------- d-----w- c:\documents and settings\user\Data aplikací\Skype
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-27 14:59 . 2011-01-27 15:00 -------- d-----w- C:\edd68f97009bf7aa95128853b1df
2011-01-27 12:27 . 2011-01-27 12:27 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((( SnapShot@2011-02-03_21.59.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2006-01-11 21:14 . 2011-02-04 09:28 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-01-11 21:14 . 2011-02-04 09:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-01-11 21:14 . 2009-03-29 17:02 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-02-04 09:18 . 2011-02-04 09:18 16384 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2011-02-04 09:14 . 2011-02-04 09:14 15984 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
+ 2011-02-04 09:14 . 2011-02-04 09:28 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-01-11 21:14 . 2009-03-29 17:02 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2011-02-04 09:17 . 2011-02-04 09:17 11653552 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KHS5ODEF\gb_setup_3.1.177538.38[1].exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Check Windows Disk Protection.lnk.disabled [2006-1-18 2521]

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^Openoffice.org 2.3.lnk]
path=c:\documents and settings\user\Nabídka Start\Programy\Po spuštění\Openoffice.org 2.3.lnk
backup=c:\windows\pss\Openoffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WDPOperations"=2 (0x2)
"McciCMService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"SoundMan"=SOUNDMAN.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe"
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe"
"PPort10reminder"="c:\program files\ScanSoft\PaperPort\Ereg\ereg.exe" -r "c:\documents and settings\All Users\Data aplikací\ScanSoft\PaperPort\10\Config\Ereg\ereg.ini"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
R4 WDPOperations;WDPOperations;c:\program files\Microsoft Shared Computer Toolkit\bin\SRVANY.EXE [2005-09-02 8192]
S0 ewf;ewf; [x]
S1 aswSP;aswSP; [x]
S1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
S2 aswFsBlk;aswFsBlk; [x]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-04 21:46
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1696)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-02-04 21:49:25
ComboFix-quarantined-files.txt 2011-02-04 20:49
ComboFix2.txt 2011-02-03 22:02

Před spuštěním: Volných bajtů: 30 017 261 568
Po spuštění: Volných bajtů: 30 017 671 168

- - End Of File - - 276DCD99C533BC06581C8ADE7965E27D

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DirLook::
C:\edd68f97009bf7aa95128853b1df

Registry::
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"=-

Driver::
ewf


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Dasty_]

Při restartu jsem musel zvolit - poslední známá konfigurace, jinak to padalo do modré obrazovky

ComboFix 11-01-31.02 - admin 04.02.2011 22:09:30.3.1 - x86
Spuštěný z: D:\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EWF
-------\Service_ewf


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-04 do 2011-02-04 )))))))))))))))))))))))))))))))
.

2011-02-04 19:28 . 2011-02-04 19:28 -------- d-----w- c:\documents and settings\admin\Data aplikací\Malwarebytes
2011-02-04 09:37 . 2010-05-06 21:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-04 09:37 . 2010-05-06 21:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-04 09:37 . 2010-05-06 21:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-04 09:37 . 2010-05-06 21:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-04 09:37 . 2010-05-06 21:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-04 09:37 . 2010-05-06 21:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-04 09:37 . 2010-05-06 21:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-04 09:36 . 2010-05-06 21:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2011-02-04 09:36 . 2010-05-06 21:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-04 08:18 . 2011-02-04 08:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2011-02-03 19:12 . 2011-02-03 19:39 -------- d-----w- c:\documents and settings\user\DoctorWeb
2011-02-03 18:24 . 2011-02-03 18:24 -------- d-----w- c:\documents and settings\user\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2011-02-03 18:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-03 18:22 . 2011-02-04 20:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-27 16:08 . 2011-02-04 16:31 -------- d-----w- c:\documents and settings\user\Data aplikací\skypePM
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\program files\Common Files\Skype
2011-01-27 15:58 . 2011-01-27 15:59 -------- d-----r- c:\program files\Skype
2011-01-27 15:58 . 2011-02-04 16:31 -------- d-----w- c:\documents and settings\user\Data aplikací\Skype
2011-01-27 15:58 . 2011-01-27 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-01-27 14:59 . 2011-01-27 15:00 -------- d-----w- C:\edd68f97009bf7aa95128853b1df
2011-01-27 12:27 . 2011-01-27 12:27 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\edd68f97009bf7aa95128853b1df ----

2007-10-04 08:13 . 2007-10-04 08:13 57344 ----a-w- c:\edd68f97009bf7aa95128853b1df\wininet.dll.mui
2007-10-04 08:13 . 2007-10-04 08:13 6144 ----a-w- c:\edd68f97009bf7aa95128853b1df\winfxdocobj.exe.mui
2007-10-04 08:12 . 2007-10-04 08:12 45056 ----a-w- c:\edd68f97009bf7aa95128853b1df\webcheck.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 40960 ----a-w- c:\edd68f97009bf7aa95128853b1df\urlmon.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 20480 ----a-w- c:\edd68f97009bf7aa95128853b1df\occache.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 53248 ----a-w- c:\edd68f97009bf7aa95128853b1df\msrating.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 57344 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtmler.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 3584 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtmled.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 12288 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtml.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 2560 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshta.exe.mui
2007-10-04 08:12 . 2007-10-04 08:12 4096 ----a-w- c:\edd68f97009bf7aa95128853b1df\licmgr10.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 3584 ----a-w- c:\edd68f97009bf7aa95128853b1df\inseng.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 39158 ----a-w- c:\edd68f97009bf7aa95128853b1df\inetset.iem
2007-10-04 08:12 . 2007-10-04 08:12 2417894 ----a-w- c:\edd68f97009bf7aa95128853b1df\inetres.adm
2007-10-04 08:12 . 2007-10-04 08:12 110592 ----a-w- c:\edd68f97009bf7aa95128853b1df\inetcpl.cpl.mui
2007-10-04 08:12 . 2007-10-04 08:12 14026 ----a-w- c:\edd68f97009bf7aa95128853b1df\inetcorp.iem
2007-10-04 08:12 . 2007-10-04 08:12 16384 ----a-w- c:\edd68f97009bf7aa95128853b1df\iexplore.exe.mui
2007-10-04 08:12 . 2007-10-04 08:12 2560 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieunatt.exe.mui
2007-10-04 08:12 . 2007-10-04 08:12 6656 ----a-w- c:\edd68f97009bf7aa95128853b1df\iesetup.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 4608 ----a-w- c:\edd68f97009bf7aa95128853b1df\iernonce.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 4608 ----a-w- c:\edd68f97009bf7aa95128853b1df\iepeers.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 1024000 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieframe.dll.mui
2007-10-04 08:12 . 2007-10-04 08:12 5632 ----a-w- c:\edd68f97009bf7aa95128853b1df\iedw.exe.mui
2007-10-04 08:11 . 2007-10-04 08:11 81920 ----a-w- c:\edd68f97009bf7aa95128853b1df\iedkcs32.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 139264 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieakui.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 45056 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieaksie.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 7680 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieakeng.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 4096 ----a-w- c:\edd68f97009bf7aa95128853b1df\ie4uinit.exe.mui
2007-10-04 08:11 . 2007-10-04 08:11 8704 ----a-w- c:\edd68f97009bf7aa95128853b1df\icardie.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 10752 ----a-w- c:\edd68f97009bf7aa95128853b1df\html.iec.mui
2007-10-04 08:11 . 2007-10-04 08:11 8704 ----a-w- c:\edd68f97009bf7aa95128853b1df\extmgr.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 10752 ----a-w- c:\edd68f97009bf7aa95128853b1df\advpack.dll.mui
2007-10-04 08:11 . 2007-10-04 08:11 3584 ----a-w- c:\edd68f97009bf7aa95128853b1df\admparse.dll.mui
2007-08-13 17:54 . 2007-08-13 17:54 3578368 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtml.dll
2007-08-13 17:54 . 2007-08-13 17:54 33792 ----a-w- c:\edd68f97009bf7aa95128853b1df\custsat.dll
2007-08-13 17:54 . 2007-08-13 17:54 131584 ----a-w- c:\edd68f97009bf7aa95128853b1df\extmgr.dll
2007-08-13 17:54 . 2007-08-13 17:54 6049280 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieframe.dll
2007-08-13 17:54 . 2007-08-13 17:54 191488 ----a-w- c:\edd68f97009bf7aa95128853b1df\iepeers.dll
2007-08-13 17:54 . 2007-08-13 17:54 287744 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieproxy.dll
2007-08-13 17:54 . 2007-08-13 17:54 180736 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieui.dll
2007-08-13 17:54 . 2007-08-13 17:54 27136 ----a-w- c:\edd68f97009bf7aa95128853b1df\jsproxy.dll
2007-08-13 17:54 . 2007-08-13 17:54 458752 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeeds.dll
2007-08-13 17:54 . 2007-08-13 17:54 50688 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeedsbs.dll
2007-08-13 17:54 . 2007-08-13 17:54 475648 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtmled.dll
2007-08-13 17:54 . 2007-08-13 17:54 156160 ----a-w- c:\edd68f97009bf7aa95128853b1df\msls31.dll
2007-08-13 17:54 . 2007-08-13 17:54 670720 ----a-w- c:\edd68f97009bf7aa95128853b1df\mstime.dll
2007-08-13 17:54 . 2007-08-13 17:54 1162240 ----a-w- c:\edd68f97009bf7aa95128853b1df\urlmon.dll
2007-08-13 17:54 . 2007-08-13 17:54 413696 ----a-w- c:\edd68f97009bf7aa95128853b1df\vbscript.dll
2007-08-13 17:54 . 2007-08-13 17:54 765952 ----a-w- c:\edd68f97009bf7aa95128853b1df\vgx.dll
2007-08-13 17:54 . 2007-08-13 17:54 231424 ----a-w- c:\edd68f97009bf7aa95128853b1df\webcheck.dll
2007-08-13 17:54 . 2007-08-13 17:54 818688 ----a-w- c:\edd68f97009bf7aa95128853b1df\wininet.dll
2007-08-13 17:45 . 2007-08-13 17:45 443904 ----a-w- c:\edd68f97009bf7aa95128853b1df\html.iec
2007-08-13 17:45 . 2007-08-13 17:45 78336 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieencode.dll
2007-08-13 17:45 . 2007-08-13 17:45 206336 ----a-w- c:\edd68f97009bf7aa95128853b1df\winfxdocobj.exe
2007-08-13 17:45 . 2007-08-13 17:45 1817088 ----a-w- c:\edd68f97009bf7aa95128853b1df\inetcpl.cpl
2007-08-13 17:44 . 2007-08-13 17:44 105984 ----a-w- c:\edd68f97009bf7aa95128853b1df\url.dll
2007-08-13 17:44 . 2007-08-13 17:44 192000 ----a-w- c:\edd68f97009bf7aa95128853b1df\msrating.dll
2007-08-13 17:44 . 2007-08-13 17:44 40960 ----a-w- c:\edd68f97009bf7aa95128853b1df\licmgr10.dll
2007-08-13 17:44 . 2007-08-13 17:44 101376 ----a-w- c:\edd68f97009bf7aa95128853b1df\occache.dll
2007-08-13 17:44 . 2007-08-13 17:44 69120 ----a-w- c:\edd68f97009bf7aa95128853b1df\iedw.exe
2007-08-13 17:43 . 2007-08-13 17:43 622080 ----a-w- c:\edd68f97009bf7aa95128853b1df\iexplore.exe
2007-08-13 17:42 . 2007-08-13 17:42 17408 ----a-w- c:\edd68f97009bf7aa95128853b1df\corpol.dll
2007-08-13 17:39 . 2007-08-13 17:39 229376 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieaksie.dll
2007-08-13 17:39 . 2007-08-13 17:39 382976 ----a-w- c:\edd68f97009bf7aa95128853b1df\iedkcs32.dll
2007-08-13 17:39 . 2007-08-13 17:39 152064 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieakeng.dll
2007-08-13 17:39 . 2007-08-13 17:39 71680 ----a-w- c:\edd68f97009bf7aa95128853b1df\admparse.dll
2007-08-13 17:39 . 2007-08-13 17:39 55296 ----a-w- c:\edd68f97009bf7aa95128853b1df\iesetup.dll
2007-08-13 17:39 . 2007-08-13 17:39 43008 ----a-w- c:\edd68f97009bf7aa95128853b1df\iernonce.dll
2007-08-13 17:39 . 2007-08-13 17:39 13312 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieudinit.exe
2007-08-13 17:39 . 2007-08-13 17:39 54784 ----a-w- c:\edd68f97009bf7aa95128853b1df\ie4uinit.exe
2007-08-13 17:39 . 2007-08-13 17:39 92672 ----a-w- c:\edd68f97009bf7aa95128853b1df\inseng.dll
2007-08-13 17:39 . 2007-08-13 17:39 123904 ----a-w- c:\edd68f97009bf7aa95128853b1df\advpack.dll
2007-08-13 17:38 . 2007-08-13 17:38 491520 ----a-w- c:\edd68f97009bf7aa95128853b1df\jscript.dll
2007-08-13 17:36 . 2007-08-13 17:36 12288 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeedssync.exe
2007-08-13 17:36 . 2007-08-13 17:36 61952 ----a-w- c:\edd68f97009bf7aa95128853b1df\icardie.dll
2007-08-13 17:36 . 2007-08-13 17:36 2560 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeedsbs.dll.mui
2007-08-13 17:36 . 2007-08-13 17:36 44544 ----a-w- c:\edd68f97009bf7aa95128853b1df\pngfilt.dll
2007-08-13 17:36 . 2007-08-13 17:36 36352 ----a-w- c:\edd68f97009bf7aa95128853b1df\imgutil.dll
2007-08-13 17:35 . 2007-08-13 17:35 346624 ----a-w- c:\edd68f97009bf7aa95128853b1df\dxtmsft.dll
2007-08-13 17:35 . 2007-08-13 17:35 214528 ----a-w- c:\edd68f97009bf7aa95128853b1df\dxtrans.dll
2007-08-13 17:34 . 2007-08-13 17:34 266752 ----a-w- c:\edd68f97009bf7aa95128853b1df\iertutil.dll
2007-08-13 17:32 . 2007-08-13 17:32 45568 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshta.exe
2007-08-13 17:32 . 2007-08-13 17:32 66560 ----a-w- c:\edd68f97009bf7aa95128853b1df\tdc.ocx
2007-08-13 17:18 . 2007-08-13 17:18 60416 ----a-w- c:\edd68f97009bf7aa95128853b1df\hmmapi.dll
2007-08-13 17:17 . 2007-08-13 17:17 32768 ----a-w- c:\edd68f97009bf7aa95128853b1df\hmmapi.dll.mui
2007-08-13 17:11 . 2007-08-13 17:11 3584 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieui.dll.mui
2007-08-13 17:06 . 2007-08-13 17:06 56700 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieuinit.inf
2007-08-13 17:01 . 2007-08-13 17:01 48128 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtmler.dll
2007-08-13 16:56 . 2007-08-13 16:56 161792 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieakui.dll
2007-08-13 16:50 . 2007-08-13 16:50 1383424 ----a-w- c:\edd68f97009bf7aa95128853b1df\mshtml.tlb
2007-08-13 16:12 . 2007-08-13 16:12 448 ----a-w- c:\edd68f97009bf7aa95128853b1df\install.ins
2007-07-11 11:27 . 2007-07-11 11:27 383488 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieapfltr.dll
2007-02-12 15:10 . 2007-02-12 15:10 62907 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieakmmc.chm
2007-02-12 15:10 . 2007-02-12 15:10 2451312 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieapfltr.dat
2006-09-23 12:12 . 2006-09-23 12:12 474112 ----a-w- c:\edd68f97009bf7aa95128853b1df\shlwapi.dll
2006-09-23 12:12 . 2006-09-23 12:12 1022976 ----a-w- c:\edd68f97009bf7aa95128853b1df\browseui.dll
2006-09-23 12:12 . 2006-09-23 12:12 1497600 ----a-w- c:\edd68f97009bf7aa95128853b1df\shdocvw.dll
2006-09-06 16:42 . 2006-09-06 16:42 215776 ----a-w- c:\edd68f97009bf7aa95128853b1df\spuninst.exe
2006-09-06 16:42 . 2006-09-06 16:42 22752 ----a-w- c:\edd68f97009bf7aa95128853b1df\spupdsvc.exe
2006-09-06 16:42 . 2006-09-06 16:42 15072 ----a-w- c:\edd68f97009bf7aa95128853b1df\spmsg.dll
2006-09-06 16:22 . 2006-09-06 16:22 12974 ----a-w- c:\edd68f97009bf7aa95128853b1df\ieeula.chm
2006-09-06 16:22 . 2006-09-06 16:22 31331 ----a-w- c:\edd68f97009bf7aa95128853b1df\iesupp.chm
2006-09-06 16:22 . 2006-09-06 16:22 550596 ----a-w- c:\edd68f97009bf7aa95128853b1df\iexplore.chm
2006-09-01 07:54 . 2006-09-01 07:54 1876 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeeds.mof
2006-09-01 07:54 . 2006-09-01 07:54 1938 ----a-w- c:\edd68f97009bf7aa95128853b1df\msfeedsbs.mof
2006-09-01 07:47 . 2006-09-01 07:47 8636 ----a-w- c:\edd68f97009bf7aa95128853b1df\feeddisc.wav
2006-09-01 07:47 . 2006-09-01 07:47 20336 ----a-w- c:\edd68f97009bf7aa95128853b1df\infobar.wav
2006-09-01 07:47 . 2006-09-01 07:47 2202 ----a-w- c:\edd68f97009bf7aa95128853b1df\navstart.wav
2006-09-01 07:47 . 2006-09-01 07:47 29444 ----a-w- c:\edd68f97009bf7aa95128853b1df\popupblk.wav
2006-09-01 07:44 . 2006-09-01 07:44 65 ----a-w- c:\edd68f97009bf7aa95128853b1df\webcheck.ini
2006-09-01 07:44 . 2006-09-01 07:44 8798 ----a-w- c:\edd68f97009bf7aa95128853b1df\icrav03.rat
2006-09-01 07:44 . 2006-09-01 07:44 1988 ----a-w- c:\edd68f97009bf7aa95128853b1df\ticrf.rat
2006-09-01 07:44 . 2006-09-01 07:44 65 ----a-w- c:\edd68f97009bf7aa95128853b1df\occache.ini


((((((((((((((((((((((((((((( SnapShot@2011-02-03_21.59.15 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2006-01-11 21:14 . 2011-02-04 09:28 49152 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2006-01-11 21:14 . 2011-02-04 09:28 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2006-01-11 21:14 . 2009-03-29 17:02 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-02-04 09:18 . 2011-02-04 09:18 16384 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Microsoft\Internet Explorer\MSIMGSIZ.DAT
+ 2011-02-04 09:14 . 2011-02-04 09:14 15984 c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
+ 2009-07-11 23:02 . 2009-07-11 23:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 23:05 . 2009-07-11 23:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
- 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2011-02-04 09:17 . 2011-02-04 09:17 11653552 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KHS5ODEF\gb_setup_3.1.177538.38[1].exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Check Windows Disk Protection.lnk.disabled [2006-1-18 2521]

[HKLM\~\startupfolder\C:^Documents and Settings^user^Nabídka Start^Programy^Po spuštění^Openoffice.org 2.3.lnk]
path=c:\documents and settings\user\Nabídka Start\Programy\Po spuštění\Openoffice.org 2.3.lnk
backup=c:\windows\pss\Openoffice.org 2.3.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"WDPOperations"=2 (0x2)
"McciCMService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"BluetoothAuthenticationAgent"=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
"SoundMan"=SOUNDMAN.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe"
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe"
"PPort10reminder"="c:\program files\ScanSoft\PaperPort\Ereg\ereg.exe" -r "c:\documents and settings\All Users\Data aplikací\ScanSoft\PaperPort\10\Config\Ereg\ereg.ini"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-04 22:22
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3684)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-02-04 22:26:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-04 21:26
ComboFix2.txt 2011-02-04 20:49
ComboFix3.txt 2011-02-03 22:02

Před spuštěním: Volných bajtů: 30 024 060 928
Po spuštění: Volných bajtů: 29 932 421 120

- - End Of File - - 1AE4C5DF998E938B1BD473559ECB07A3

[memphisto]

Mrkni do složky C:Windows/Minidump a nahraj někam soubor s datem a časem odpovídající pádu systému. Mrknem na to, co to způsobilo

[memphisto]

Najdi na systémovém disku složku Minidump. Nech si zobrazit skryté soubory (Nástoroje - Možnosti složky - Zobrazení - zobrazovat skryté - ok)

[Dasty_]

XPčka nechtějí naběhnout, ani admin, ani user, objeví se lišta, část plochy, ale nedá se nic udělat