Dobrý den,
potřeboval bych udělat kontrolu logu, jedná se spíše o prevntivní kontrolu. Jen mi v poslední době nějak zamrzají videa na internetu (youtube,stream a podobně). Nevím zda je to kodeky, prohlížečem (Firefox, Opera) a nebo nějakou havětí.
Děkuji za ochotu
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:18:10, on 20.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
C:\WINDOWS\system\ComHookMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\ASUSAUDIOCENTER.EXE
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Winamp\winamp.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\uTorrent\uTorrent.exe
e:\Miranda\Wolf\RobbeF1\miranda32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 12\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 12\plugin-container.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102876&l=dis&gct=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Documents and Settings\Luke\Local Settings\Data aplikací\Browser Plugin\BHO.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Cmaudio8788MixerMonitor] C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
O4 - HKLM\..\Run: [Cmaudio8788Hook] C:\WINDOWS\system\ComHookMonitor.exe Envoke
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)
--
End of file - 9937 bytes
Preventivní kontrola Vyřešeno
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Od COMODA máš jen firewall nebo celý IS balík?
Odinstaluj:
Ask Toolbar
PandoraTV Toolbar
Spyware Terminator
V HJT fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Odinstaluj:
Ask Toolbar
PandoraTV Toolbar
Spyware Terminator
V HJT fixni:
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=102876&l=dis&gct=hp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'SYSTEM')Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Preventivní kontrola
Od Comoda mám aktivní jen Firewall Security ( už si nepamatuju zda jsem instaloval celý balík a nebo jen pouze firewall) ale aktivní je jen ten firewall zbytek je vypnutý.
Re: Preventivní kontrola
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 6110
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
20.3.2011 11:06:56
mbam-log-2011-03-20 (11-06-56).txt
Typ kontroly: Rychlý test
Testované objekty: 140807
Uplynulý čas: 4 minut, 46 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
www.malwarebytes.org
Verze databáze: 6110
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
20.3.2011 11:06:56
mbam-log-2011-03-20 (11-06-56).txt
Typ kontroly: Rychlý test
Testované objekty: 140807
Uplynulý čas: 4 minut, 46 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Preventivní kontrola
ComboFix 11-03-19.03 - Luke 20.03.2011 11:24:40.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3199.2664 [GMT 1:00]
Spuštěný z: c:\documents and settings\Luke\Plocha\prehravace MP3\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-20 do 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 10:01 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:01 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 06:23 . 2011-03-20 06:23 -------- d-----w- c:\program files\Common Files\Java
2011-03-20 06:20 . 2011-03-20 06:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-03-19 12:20 . 2011-03-19 12:20 -------- d-----w- c:\program files\Winamp Detect
2011-03-19 12:20 . 2011-03-04 19:44 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 59888 ------w- c:\windows\system32\pxwma.dll
2011-03-19 12:19 . 2011-03-19 12:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winamp
2011-03-19 12:19 . 2011-03-19 12:23 -------- d-----w- c:\program files\Winamp
2011-03-19 11:49 . 2011-03-19 11:56 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winyl
2011-03-19 11:48 . 2011-03-19 11:48 -------- d-----w- c:\program files\Winyl
2011-03-19 10:58 . 2011-03-19 11:06 -------- d-----w- c:\program files\The GodFather
2011-03-18 06:58 . 2011-03-18 07:00 -------- d-----w- c:\program files\The KMPlayer
2011-03-18 06:27 . 2011-02-15 22:30 121344 ----a-w- c:\windows\system32\lagarith.dll
2011-03-18 06:27 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-18 06:27 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-18 06:27 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-18 06:27 . 2006-04-02 13:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-03-18 06:27 . 2011-02-28 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-18 06:27 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-18 06:27 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-18 06:27 . 2011-03-18 06:27 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-16 18:42 . 2011-03-16 18:42 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Browser Plugin
2011-03-13 12:49 . 2011-03-13 12:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-03-13 11:29 . 2011-03-13 20:58 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Nokia Ovi Suite
2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nokia
2011-03-12 07:55 . 2011-03-12 07:55 -------- d-----w- c:\windows\Sun
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\Luke\Data aplikací\RealHideIP
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RealHideIP
2011-03-12 07:05 . 2011-03-12 07:05 -------- d-----w- c:\program files\RealHideIP
2011-03-11 19:42 . 2011-03-11 19:42 -------- d-----w- c:\documents and settings\Luke\Data aplikací\VitySoft
2011-03-09 10:44 . 2010-12-21 11:26 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2011-03-09 10:44 . 2010-12-22 11:29 2690560 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-03-09 06:30 . 2011-03-09 06:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Media Player Classic
2011-03-08 21:41 . 2011-03-20 05:45 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 12
2011-03-08 11:22 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-08 09:30 . 2011-03-08 09:29 737280 ----a-w- c:\windows\iun6002.exe
2011-03-07 21:04 . 2011-03-08 07:41 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Nokia
2011-03-07 20:59 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-03-07 20:58 . 2011-03-07 20:58 -------- d-----w- c:\program files\PC Connectivity Solution
2011-03-07 20:54 . 2010-07-26 11:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-03-07 20:54 . 2010-07-26 11:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-03-07 20:54 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-03-07 20:54 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-03-07 20:54 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-03-07 20:54 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-03-07 20:54 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-03-07 08:38 . 2011-03-07 09:13 -------- d-----w- C:\Down-mazeme
2011-03-02 23:23 . 2009-10-08 09:11 643072 ----a-w- c:\windows\system32\ykx32ncu.dll
2011-03-02 23:23 . 2009-09-28 09:22 364544 ----a-w- c:\windows\system32\m4x32coinst.dll
2011-03-02 23:23 . 2009-09-28 09:22 298752 ----a-w- c:\windows\system32\drivers\m4cxw2k3.sys
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\program files\D-Link
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\TMP
2011-03-01 05:36 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-01 05:36 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-01 05:36 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-01 05:36 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-01 05:36 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-01 05:36 . 2011-02-23 14:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-03-01 05:36 . 2011-02-23 14:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-03-01 05:36 . 2011-02-23 14:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-03-01 05:36 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-01 05:36 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\program files\AVAST Software
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-02-28 05:18 . 2011-02-28 05:18 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\ESET
2011-02-26 12:10 . 2011-02-26 12:10 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Locktime
2011-02-26 12:03 . 2011-02-26 12:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Locktime
2011-02-26 11:58 . 2011-02-26 11:58 -------- d-----w- c:\program files\WinPcap
2011-02-26 11:58 . 2011-03-08 22:49 -------- d-----w- c:\program files\iTraffic Monitor
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\program files\DU Meter
2011-02-26 05:13 . 2011-02-26 05:13 -------- d-----w- c:\program files\Down2Home
2011-02-26 05:03 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-26 05:03 . 2011-02-26 05:03 -------- d-----w- c:\program files\Axence
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-03-20 10:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-25 03:37 . 2011-02-25 03:37 -------- d-----w- c:\program files\Trend Micro
2011-02-24 09:55 . 2011-02-24 09:55 -------- d-----w- c:\windows\system32\LogFiles
2011-02-24 06:00 . 2011-02-24 06:00 -------- d-----w- c:\windows\system32\Adobe
2011-02-22 14:37 . 2011-02-22 14:37 -------- d-----w- c:\documents and settings\Luke\Data aplikací\O2
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 19:44 . 2010-12-04 09:38 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-03-04 19:44 . 2010-12-04 09:38 133616 ------w- c:\windows\system32\pxafs.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-11-28 18:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-11-28 18:28 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-23 09:01 . 2010-04-09 00:26 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-23 09:01 . 2010-04-09 00:25 94784 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-23 09:01 . 2010-04-09 00:25 27576 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-23 09:01 . 2010-04-09 00:25 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-23 09:01 . 2010-04-09 00:25 239368 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-21 14:42 . 2010-06-23 21:34 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2010-06-23 21:32 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:02 . 2010-06-23 21:34 1864064 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 09:39 . 2010-11-28 19:45 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-22 12:32 . 2010-06-23 21:32 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-22 11:29 . 2010-11-28 17:53 36864 ----a-w- c:\windows\system32\tsgqec.dll
2010-12-22 11:29 . 2010-11-28 17:52 2690560 ----a-w- c:\windows\system32\mstscax.dll
2010-12-22 11:29 . 2010-11-28 17:52 130560 ----a-w- c:\windows\system32\aaclient.dll
2010-12-21 11:26 . 2010-11-28 17:52 1034240 ----a-w- c:\windows\system32\mstsc.exe
2010-12-20 23:51 . 2010-06-23 21:34 919552 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:51 . 2010-06-23 21:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:51 . 2010-06-23 21:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:24 . 2010-06-23 21:33 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:48 . 2010-06-23 21:32 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
.
[-] 2010-06-23 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-02-07_20.45.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2011-03-14 04:47 . 2011-03-14 04:47 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2011-03-20 09:54 . 2011-03-20 09:54 16384 c:\windows\Temp\Perflib_Perfdata_e54.dat
+ 2009-08-27 09:10 . 2009-08-27 09:10 64000 c:\windows\system32\yk51x86v.dll
+ 2009-09-22 09:10 . 2009-09-22 09:10 47616 c:\windows\system32\yk51x86l.dll
+ 2007-11-06 20:22 . 2007-11-06 20:22 68224 c:\windows\system32\WanPacket.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 68592 c:\windows\system32\pxinsa64.exe
- 2010-12-04 09:38 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2010-12-04 09:38 . 2011-03-04 19:44 72176 c:\windows\system32\pxhpinst.exe
+ 2010-12-04 09:38 . 2011-03-04 19:44 68080 c:\windows\system32\pxcpya64.exe
+ 2007-11-06 20:19 . 2007-11-06 20:19 53299 c:\windows\system32\pthreadVC.dll
+ 2008-04-14 12:00 . 2011-03-20 06:21 79706 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-03-20 06:21 93172 c:\windows\system32\perfc005.dat
+ 2007-11-06 20:22 . 2007-11-06 20:22 88696 c:\windows\system32\Packet.dll
+ 2010-12-26 02:55 . 2010-07-30 13:17 75264 c:\windows\system32\nmwcdcls.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 66560 c:\windows\system32\mshtmled.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 66560 c:\windows\system32\mshtmled.dll
+ 2010-06-23 21:38 . 2010-12-20 23:51 55296 c:\windows\system32\msfeedsbs.dll
- 2010-06-23 21:38 . 2010-11-06 00:24 55296 c:\windows\system32\msfeedsbs.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 25600 c:\windows\system32\jsproxy.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 25600 c:\windows\system32\jsproxy.dll
- 2010-12-26 02:55 . 2008-08-26 09:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2011-03-07 20:59 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 23040 c:\windows\system32\DRVSTORE\ccdcmbo_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmbo.sys
+ 2011-03-07 20:54 . 2010-07-30 13:17 75264 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdcls.dll
+ 2011-03-07 20:54 . 2010-07-30 13:16 18048 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmb.sys
+ 2009-08-27 09:10 . 2009-08-27 09:10 20992 c:\windows\system32\drivers\yk51x86v.sys
+ 2009-09-22 09:10 . 2009-09-22 09:10 60928 c:\windows\system32\drivers\yk51x86l.sys
+ 2007-11-06 20:22 . 2007-11-06 20:22 34064 c:\windows\system32\drivers\npf.sys
+ 2010-11-28 19:10 . 2010-12-20 23:51 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-11-28 17:53 . 2010-12-22 11:29 36864 c:\windows\system32\dllcache\tsgqec.dll
- 2010-11-28 17:53 . 2010-06-23 21:34 36864 c:\windows\system32\dllcache\tsgqec.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-06-23 21:32 . 2010-12-09 14:28 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-06-23 21:32 . 2010-12-09 14:28 33280 c:\windows\system32\csrsrv.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 33280 c:\windows\system32\csrsrv.dll
+ 2011-02-24 06:01 . 2011-02-24 06:01 87711 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2011-02-02 13:46 . 2011-02-02 13:46 98304 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 68536 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2011-03-07 20:51 . 2011-03-07 20:51 78336 c:\windows\Installer\193c48ce.msi
+ 2011-03-07 20:59 . 2011-03-07 20:59 10134 c:\windows\Installer\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}\ARPPRODUCTICON.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-11-30 02:01 . 2011-03-09 02:03 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-11-30 02:01 . 2010-12-18 02:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut31_E2CBBE559A074AF98E8596196B075190.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 53248 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\ARPPRODUCTICON.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-02-10 02:03 . 2010-06-23 21:32 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2011-03-07 20:54 . 2010-07-26 11:24 8576 c:\windows\system32\DRVSTORE\nmwcdnsuc_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdnsuc.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 8192 c:\windows\system32\DRVSTORE\ccdcmbm_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\usbser_lowerflt.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 8192 c:\windows\system32\DRVSTORE\ccdcmbj_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\usbser_lowerfltj.sys
+ 2011-02-02 13:47 . 2011-02-02 13:47 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-03-07 20:54 . 2011-03-07 20:54 3262 c:\windows\Installer\{4216D328-0FE8-48B8-85B8-BD300E6F080F}\ARPPRODUCTICON.exe
+ 2007-11-06 20:23 . 2007-11-06 20:23 240248 c:\windows\system32\wpcap.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 100848 c:\windows\system32\vxblock.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 440816 c:\windows\system32\pxwave.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 219632 c:\windows\system32\pxmas.dll
- 2010-12-04 09:38 . 2009-04-28 20:20 219632 c:\windows\system32\pxmas.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 571888 c:\windows\system32\pxdrv.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 698864 c:\windows\system32\px.dll
+ 2008-04-14 12:00 . 2011-03-20 06:21 467244 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-03-20 06:21 463442 c:\windows\system32\perfh005.dat
- 2010-06-23 21:33 . 2010-11-06 00:24 206848 c:\windows\system32\occache.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 206848 c:\windows\system32\occache.dll
+ 2009-02-09 10:59 . 2010-12-09 15:15 713216 c:\windows\system32\ntdll.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 611840 c:\windows\system32\mstime.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 611840 c:\windows\system32\mstime.dll
- 2010-06-23 21:38 . 2010-11-06 00:24 602112 c:\windows\system32\msfeeds.dll
+ 2010-06-23 21:38 . 2010-12-20 23:51 602112 c:\windows\system32\msfeeds.dll
+ 2011-02-18 17:23 . 2011-02-24 06:00 234656 c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 157472 c:\windows\system32\javaws.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 157472 c:\windows\system32\javaws.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 145184 c:\windows\system32\javaw.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 145184 c:\windows\system32\javaw.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 145184 c:\windows\system32\java.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 145184 c:\windows\system32\java.exe
+ 2010-06-23 21:32 . 2010-12-20 23:51 184320 c:\windows\system32\iepeers.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 184320 c:\windows\system32\iepeers.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 387584 c:\windows\system32\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 387584 c:\windows\system32\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 12:48 173568 c:\windows\system32\ie4uinit.exe
- 2010-06-23 21:32 . 2010-11-03 12:01 173568 c:\windows\system32\ie4uinit.exe
+ 2010-11-28 18:42 . 2011-02-10 02:25 267008 c:\windows\system32\FNTCACHE.DAT
- 2010-11-28 18:42 . 2011-01-06 06:52 267008 c:\windows\system32\FNTCACHE.DAT
+ 2011-03-07 20:59 . 2010-04-14 09:40 590848 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\PCCSWpdDriver.dll
- 2010-12-26 02:55 . 2010-04-14 10:40 590848 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\PCCSWpdDriver.dll
+ 2011-03-07 20:54 . 2010-07-26 11:24 137600 c:\windows\system32\DRVSTORE\nmwcdnsu_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdnsu.sys
+ 2011-03-02 23:23 . 2009-09-28 09:22 364544 c:\windows\system32\DRVSTORE\netm4cx_C1BB052BCDF07F80D8D1D7678C2410A51183EAD1\m4x32coinst.dll
+ 2011-03-02 23:23 . 2009-09-28 09:22 298752 c:\windows\system32\DRVSTORE\netm4cx_C1BB052BCDF07F80D8D1D7678C2410A51183EAD1\m4cxw2k3.sys
+ 2011-03-07 20:54 . 2010-07-30 13:17 604160 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdcocls.dll
+ 2011-03-07 20:54 . 2010-07-30 13:17 111104 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmbwu.dll
- 2010-06-23 21:34 . 2010-11-06 00:24 919552 c:\windows\system32\dllcache\wininet.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 919552 c:\windows\system32\dllcache\wininet.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 440832 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-04-14 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 270848 c:\windows\system32\dllcache\sbe.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 206848 c:\windows\system32\dllcache\occache.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-02-09 10:59 . 2010-12-09 15:15 713216 c:\windows\system32\dllcache\ntdll.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-06-23 21:33 . 2010-06-23 21:33 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-06-23 21:33 . 2010-12-20 17:24 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-06-23 21:32 . 2010-12-22 12:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 12:48 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2010-06-23 21:32 . 2010-11-03 12:01 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00 . 2008-04-14 12:00 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2010-06-23 21:32 . 2010-10-28 13:05 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2010-06-23 21:32 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll
- 2010-11-28 17:52 . 2010-06-23 21:32 130560 c:\windows\system32\dllcache\aaclient.dll
+ 2010-11-28 17:52 . 2010-12-22 11:29 130560 c:\windows\system32\dllcache\aaclient.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-02-02 13:55 . 2011-02-02 13:55 469944 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1159620.exe
+ 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
+ 2011-02-02 13:48 . 2011-02-02 13:48 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 798208 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 215992 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 135168 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2011-03-20 06:23 . 2011-03-20 06:23 180224 c:\windows\Installer\a45528a.msi
+ 2011-03-14 04:46 . 2011-03-14 04:46 424960 c:\windows\Installer\1c7736a.msi
+ 2011-03-07 20:58 . 2011-03-07 20:58 495616 c:\windows\Installer\193c4920.msi
+ 2011-03-07 20:54 . 2011-03-07 20:54 336384 c:\windows\Installer\193c48ea.msi
- 2011-01-04 18:41 . 2011-01-13 02:02 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 458752 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut20_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 458752 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut16_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll
+ 2009-02-14 05:04 . 2009-02-14 05:04 625520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBSERVICES.DLL
+ 2009-02-12 14:19 . 2009-02-12 14:19 688512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBPLATFORMSERVICES.DLL
+ 2009-03-06 03:33 . 2009-03-06 03:33 961888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEUTIL.DLL
+ 2009-02-14 05:03 . 2009-02-14 05:03 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVE.EXE
+ 2011-02-10 02:03 . 2010-11-06 00:24 919552 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-10 02:03 . 2010-11-06 00:24 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-10 02:03 . 2010-11-03 12:01 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2011-02-10 02:10 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2485376$\spuninst\updspapi.dll
+ 2011-02-10 02:10 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2485376$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-10-28 13:05 290048 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-10 02:08 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2483185$\spuninst\updspapi.dll
+ 2011-02-10 02:08 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2483185$\spuninst\spuninst.exe
+ 2011-02-10 02:08 . 2010-06-23 21:34 439808 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-02-10 02:08 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2479628$\spuninst\updspapi.dll
+ 2011-02-10 02:08 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2479628$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2478971$\spuninst\updspapi.dll
+ 2011-02-10 02:10 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2478971$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-06-23 21:32 301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-10 02:01 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2478960$\spuninst\updspapi.dll
+ 2011-02-10 02:01 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2478960$\spuninst\spuninst.exe
+ 2011-02-10 02:01 . 2010-06-23 21:33 729088 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2476687$\spuninst\updspapi.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2476687$\spuninst\spuninst.exe
+ 2011-02-10 02:00 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2393802$\spuninst\updspapi.dll
+ 2011-02-10 02:00 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2393802$\spuninst\spuninst.exe
+ 2011-02-10 02:00 . 2009-02-09 10:59 710144 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2011-03-14 04:47 . 2011-03-14 04:47 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
- 2010-06-23 21:34 . 2010-11-06 00:24 1211904 c:\windows\system32\urlmon.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 1211904 c:\windows\system32\urlmon.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 8467456 c:\windows\system32\shell32.dll
- 2010-06-23 21:34 . 2010-07-27 06:29 8467456 c:\windows\system32\shell32.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 2095600 c:\windows\system32\pxsfs.dll
+ 2010-06-23 21:33 . 2010-12-09 15:14 2194944 c:\windows\system32\ntoskrnl.exe
+ 2010-02-16 19:02 . 2010-12-09 19:44 2071552 c:\windows\system32\ntkrnlpa.exe
+ 2010-06-23 21:33 . 2010-12-20 23:51 5962240 c:\windows\system32\mshtml.dll
+ 2010-11-28 18:28 . 2011-02-24 06:00 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-06-23 21:37 . 2010-12-20 23:51 1992192 c:\windows\system32\iertutil.dll
- 2010-06-23 21:37 . 2010-11-06 00:24 1992192 c:\windows\system32\iertutil.dll
+ 2011-03-07 20:59 . 2010-04-14 08:26 1837296 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\WUDFUpdate_01009.dll
- 2010-12-26 02:55 . 2010-04-14 09:26 1837296 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\WUDFUpdate_01009.dll
+ 2011-03-07 20:54 . 2010-02-26 13:19 1461992 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\wdfcoinstaller01009.dll
+ 2010-06-23 21:34 . 2010-12-31 14:02 1864064 c:\windows\system32\dllcache\win32k.sys
- 2010-06-23 21:34 . 2010-11-06 00:24 1211904 c:\windows\system32\dllcache\urlmon.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 1211904 c:\windows\system32\dllcache\urlmon.dll
- 2010-06-23 21:34 . 2010-07-27 06:29 8467456 c:\windows\system32\dllcache\shell32.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 8467456 c:\windows\system32\dllcache\shell32.dll
+ 2010-11-28 19:11 . 2010-12-09 15:14 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2010-04-28 22:19 . 2010-12-09 19:44 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-06-23 21:33 . 2010-12-20 23:51 5962240 c:\windows\system32\dllcache\mshtml.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 1992192 c:\windows\system32\dllcache\iertutil.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 1992192 c:\windows\system32\dllcache\iertutil.dll
+ 2011-02-02 13:39 . 2011-02-02 13:39 1019904 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 2224816 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2011-02-02 13:41 . 2011-02-02 13:41 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2011-02-16 12:54 . 2011-02-16 12:54 4992000 c:\windows\Installer\848d228.msp
+ 2011-01-11 16:53 . 2011-01-11 16:53 1763328 c:\windows\Installer\848d207.msp
+ 2011-01-11 16:52 . 2011-01-11 16:52 3360768 c:\windows\Installer\33ca310.msp
+ 2011-03-14 04:48 . 2011-03-14 04:48 1882112 c:\windows\Installer\1c77370.msi
+ 2011-01-04 18:41 . 2011-03-10 02:05 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe
+ 2009-02-14 05:03 . 2009-02-14 05:03 3070832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEDOCUMENTSHARETOOL.DLL
+ 2011-02-10 02:03 . 2010-11-06 00:24 1211904 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 5960704 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 1992192 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-11-28 19:11 . 2010-12-09 15:14 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-04-28 22:19 . 2010-12-09 19:44 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-02-10 02:08 . 2010-07-27 06:29 8467456 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-02-10 02:08 . 2010-10-26 14:04 1862272 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2011-02-10 02:00 . 2010-04-28 05:19 2192256 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-10 02:00 . 2010-04-28 05:19 2026496 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-10 02:00 . 2010-04-28 22:19 2069120 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-10 02:00 . 2010-04-28 05:19 2148352 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2010-06-23 21:38 . 2011-03-10 02:05 37943240 c:\windows\system32\MRT.exe
- 2010-06-23 21:37 . 2010-11-06 04:54 11082752 c:\windows\system32\ieframe.dll
+ 2010-06-23 21:37 . 2010-12-20 23:51 11082752 c:\windows\system32\ieframe.dll
+ 2010-09-10 10:20 . 2010-12-20 23:51 11082752 c:\windows\system32\dllcache\ieframe.dll
- 2010-09-10 10:20 . 2010-11-06 04:54 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2011-01-30 20:52 . 2011-01-30 20:52 12425728 c:\windows\Installer\b1110.msp
+ 2011-03-09 02:02 . 2011-03-09 02:02 20308992 c:\windows\Installer\322b58c.msp
+ 2010-11-10 11:49 . 2010-11-10 11:49 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll
+ 2011-02-10 02:03 . 2010-11-06 04:54 11082752 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2010-02-28 519584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-05-04 1572872]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544]
"Cmaudio8788MixerMonitor"="c:\program files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe" [2007-09-07 90112]
"Cmaudio8788Hook"="c:\windows\system\ComHookMonitor.exe" [2007-08-10 20480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-23 2548552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2010-11-28 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-06-23 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mobiola Web Camera for S60\\webcam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Miranda\\Wolf\\RobbeF1\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.12.2010 6:16 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.3.2011 6:36 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.3.2011 6:36 301528]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9.4.2010 1:25 27576]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.3.2011 6:36 19544]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [26.2.2011 12:51 1382672]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [28.11.2010 20:44 10448]
R3 cmudaxp;ASUS Xonar D2 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [12.12.2010 15:16 1839680]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link DGE-5xx Gigabit Ethernet Adapter;c:\windows\system32\drivers\m4cxw2k3.sys [3.3.2011 0:23 298752]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [23.6.2010 22:37 9472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [28.11.2010 19:01 130384]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [28.11.2010 21:01 14856]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.3.2011 21:54 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.3.2011 21:54 8576]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 REVO51;REVO51;c:\windows\system32\DRIVERS\revo51.sys --> c:\windows\system32\DRIVERS\revo51.sys [?]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x86l.sys [22.9.2009 10:10 60928]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x86v.sys [27.8.2009 10:10 20992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Luke\Data aplikací\Mozilla\Firefox\Profiles\40bb21pn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 11:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Xanthic\{290A6A8A-0F70-FC9A-A343-BE3AB91B8116}*_]
"fr"="078D556350544C"
"lr"="078D59765E5551"
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(4044)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-03-20 11:41:48
ComboFix-quarantined-files.txt 2011-03-20 10:41
ComboFix2.txt 2011-02-07 20:47
.
Před spuštěním: Volných bajtů: 288 594 939 904
Po spuštění: Volných bajtů: 288 707 809 280
.
- - End Of File - - 595158AB9FFBFCE478129917BC2BFDCD
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3199.2664 [GMT 1:00]
Spuštěný z: c:\documents and settings\Luke\Plocha\prehravace MP3\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-20 do 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 10:01 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:01 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 06:23 . 2011-03-20 06:23 -------- d-----w- c:\program files\Common Files\Java
2011-03-20 06:20 . 2011-03-20 06:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-03-19 12:20 . 2011-03-19 12:20 -------- d-----w- c:\program files\Winamp Detect
2011-03-19 12:20 . 2011-03-04 19:44 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 59888 ------w- c:\windows\system32\pxwma.dll
2011-03-19 12:19 . 2011-03-19 12:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winamp
2011-03-19 12:19 . 2011-03-19 12:23 -------- d-----w- c:\program files\Winamp
2011-03-19 11:49 . 2011-03-19 11:56 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winyl
2011-03-19 11:48 . 2011-03-19 11:48 -------- d-----w- c:\program files\Winyl
2011-03-19 10:58 . 2011-03-19 11:06 -------- d-----w- c:\program files\The GodFather
2011-03-18 06:58 . 2011-03-18 07:00 -------- d-----w- c:\program files\The KMPlayer
2011-03-18 06:27 . 2011-02-15 22:30 121344 ----a-w- c:\windows\system32\lagarith.dll
2011-03-18 06:27 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-18 06:27 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-18 06:27 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-18 06:27 . 2006-04-02 13:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-03-18 06:27 . 2011-02-28 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-18 06:27 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-18 06:27 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-18 06:27 . 2011-03-18 06:27 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-16 18:42 . 2011-03-16 18:42 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Browser Plugin
2011-03-13 12:49 . 2011-03-13 12:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-03-13 11:29 . 2011-03-13 20:58 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Nokia Ovi Suite
2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nokia
2011-03-12 07:55 . 2011-03-12 07:55 -------- d-----w- c:\windows\Sun
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\Luke\Data aplikací\RealHideIP
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RealHideIP
2011-03-12 07:05 . 2011-03-12 07:05 -------- d-----w- c:\program files\RealHideIP
2011-03-11 19:42 . 2011-03-11 19:42 -------- d-----w- c:\documents and settings\Luke\Data aplikací\VitySoft
2011-03-09 10:44 . 2010-12-21 11:26 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2011-03-09 10:44 . 2010-12-22 11:29 2690560 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-03-09 06:30 . 2011-03-09 06:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Media Player Classic
2011-03-08 21:41 . 2011-03-20 05:45 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 12
2011-03-08 11:22 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-08 09:30 . 2011-03-08 09:29 737280 ----a-w- c:\windows\iun6002.exe
2011-03-07 21:04 . 2011-03-08 07:41 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Nokia
2011-03-07 20:59 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-03-07 20:58 . 2011-03-07 20:58 -------- d-----w- c:\program files\PC Connectivity Solution
2011-03-07 20:54 . 2010-07-26 11:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-03-07 20:54 . 2010-07-26 11:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-03-07 20:54 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-03-07 20:54 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-03-07 20:54 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-03-07 20:54 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-03-07 20:54 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-03-07 08:38 . 2011-03-07 09:13 -------- d-----w- C:\Down-mazeme
2011-03-02 23:23 . 2009-10-08 09:11 643072 ----a-w- c:\windows\system32\ykx32ncu.dll
2011-03-02 23:23 . 2009-09-28 09:22 364544 ----a-w- c:\windows\system32\m4x32coinst.dll
2011-03-02 23:23 . 2009-09-28 09:22 298752 ----a-w- c:\windows\system32\drivers\m4cxw2k3.sys
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\program files\D-Link
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\TMP
2011-03-01 05:36 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-01 05:36 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-01 05:36 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-01 05:36 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-01 05:36 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-01 05:36 . 2011-02-23 14:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-03-01 05:36 . 2011-02-23 14:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-03-01 05:36 . 2011-02-23 14:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-03-01 05:36 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-01 05:36 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\program files\AVAST Software
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-02-28 05:18 . 2011-02-28 05:18 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\ESET
2011-02-26 12:10 . 2011-02-26 12:10 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Locktime
2011-02-26 12:03 . 2011-02-26 12:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Locktime
2011-02-26 11:58 . 2011-02-26 11:58 -------- d-----w- c:\program files\WinPcap
2011-02-26 11:58 . 2011-03-08 22:49 -------- d-----w- c:\program files\iTraffic Monitor
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\program files\DU Meter
2011-02-26 05:13 . 2011-02-26 05:13 -------- d-----w- c:\program files\Down2Home
2011-02-26 05:03 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-26 05:03 . 2011-02-26 05:03 -------- d-----w- c:\program files\Axence
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-03-20 10:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-25 03:37 . 2011-02-25 03:37 -------- d-----w- c:\program files\Trend Micro
2011-02-24 09:55 . 2011-02-24 09:55 -------- d-----w- c:\windows\system32\LogFiles
2011-02-24 06:00 . 2011-02-24 06:00 -------- d-----w- c:\windows\system32\Adobe
2011-02-22 14:37 . 2011-02-22 14:37 -------- d-----w- c:\documents and settings\Luke\Data aplikací\O2
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 19:44 . 2010-12-04 09:38 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-03-04 19:44 . 2010-12-04 09:38 133616 ------w- c:\windows\system32\pxafs.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-11-28 18:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-11-28 18:28 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-23 09:01 . 2010-04-09 00:26 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-23 09:01 . 2010-04-09 00:25 94784 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-23 09:01 . 2010-04-09 00:25 27576 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-23 09:01 . 2010-04-09 00:25 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-23 09:01 . 2010-04-09 00:25 239368 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-21 14:42 . 2010-06-23 21:34 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2010-06-23 21:32 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:02 . 2010-06-23 21:34 1864064 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 09:39 . 2010-11-28 19:45 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-22 12:32 . 2010-06-23 21:32 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-22 11:29 . 2010-11-28 17:53 36864 ----a-w- c:\windows\system32\tsgqec.dll
2010-12-22 11:29 . 2010-11-28 17:52 2690560 ----a-w- c:\windows\system32\mstscax.dll
2010-12-22 11:29 . 2010-11-28 17:52 130560 ----a-w- c:\windows\system32\aaclient.dll
2010-12-21 11:26 . 2010-11-28 17:52 1034240 ----a-w- c:\windows\system32\mstsc.exe
2010-12-20 23:51 . 2010-06-23 21:34 919552 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:51 . 2010-06-23 21:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:51 . 2010-06-23 21:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:24 . 2010-06-23 21:33 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:48 . 2010-06-23 21:32 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
.
[-] 2010-06-23 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-02-07_20.45.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2011-03-14 04:47 . 2011-03-14 04:47 82432 c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.0.0_x-ww_29c3ad6a\msxml4r.dll
+ 2011-03-20 09:54 . 2011-03-20 09:54 16384 c:\windows\Temp\Perflib_Perfdata_e54.dat
+ 2009-08-27 09:10 . 2009-08-27 09:10 64000 c:\windows\system32\yk51x86v.dll
+ 2009-09-22 09:10 . 2009-09-22 09:10 47616 c:\windows\system32\yk51x86l.dll
+ 2007-11-06 20:22 . 2007-11-06 20:22 68224 c:\windows\system32\WanPacket.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 68592 c:\windows\system32\pxinsa64.exe
- 2010-12-04 09:38 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2010-12-04 09:38 . 2011-03-04 19:44 72176 c:\windows\system32\pxhpinst.exe
+ 2010-12-04 09:38 . 2011-03-04 19:44 68080 c:\windows\system32\pxcpya64.exe
+ 2007-11-06 20:19 . 2007-11-06 20:19 53299 c:\windows\system32\pthreadVC.dll
+ 2008-04-14 12:00 . 2011-03-20 06:21 79706 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-03-20 06:21 93172 c:\windows\system32\perfc005.dat
+ 2007-11-06 20:22 . 2007-11-06 20:22 88696 c:\windows\system32\Packet.dll
+ 2010-12-26 02:55 . 2010-07-30 13:17 75264 c:\windows\system32\nmwcdcls.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 66560 c:\windows\system32\mshtmled.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 66560 c:\windows\system32\mshtmled.dll
+ 2010-06-23 21:38 . 2010-12-20 23:51 55296 c:\windows\system32\msfeedsbs.dll
- 2010-06-23 21:38 . 2010-11-06 00:24 55296 c:\windows\system32\msfeedsbs.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 25600 c:\windows\system32\jsproxy.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 25600 c:\windows\system32\jsproxy.dll
- 2010-12-26 02:55 . 2008-08-26 09:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2011-03-07 20:59 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 23040 c:\windows\system32\DRVSTORE\ccdcmbo_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmbo.sys
+ 2011-03-07 20:54 . 2010-07-30 13:17 75264 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdcls.dll
+ 2011-03-07 20:54 . 2010-07-30 13:16 18048 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmb.sys
+ 2009-08-27 09:10 . 2009-08-27 09:10 20992 c:\windows\system32\drivers\yk51x86v.sys
+ 2009-09-22 09:10 . 2009-09-22 09:10 60928 c:\windows\system32\drivers\yk51x86l.sys
+ 2007-11-06 20:22 . 2007-11-06 20:22 34064 c:\windows\system32\drivers\npf.sys
+ 2010-11-28 19:10 . 2010-12-20 23:51 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-11-28 17:53 . 2010-12-22 11:29 36864 c:\windows\system32\dllcache\tsgqec.dll
- 2010-11-28 17:53 . 2010-06-23 21:34 36864 c:\windows\system32\dllcache\tsgqec.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-06-23 21:32 . 2010-12-09 14:28 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2010-06-23 21:32 . 2010-12-09 14:28 33280 c:\windows\system32\csrsrv.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 33280 c:\windows\system32\csrsrv.dll
+ 2011-02-24 06:01 . 2011-02-24 06:01 87711 c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
+ 2011-02-02 13:46 . 2011-02-02 13:46 98304 c:\windows\system32\Adobe\Shockwave 11\SwMenu.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 79488 c:\windows\system32\Adobe\Shockwave 11\gtapi.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 68536 c:\windows\system32\Adobe\Director\SWDNLD.EXE
+ 2011-03-07 20:51 . 2011-03-07 20:51 78336 c:\windows\Installer\193c48ce.msi
+ 2011-03-07 20:59 . 2011-03-07 20:59 10134 c:\windows\Installer\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}\ARPPRODUCTICON.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-11-30 02:01 . 2011-03-09 02:03 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-11-30 02:01 . 2010-12-18 02:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut31_E2CBBE559A074AF98E8596196B075190.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 49152 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 53248 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\ARPPRODUCTICON.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll
+ 2011-02-10 02:03 . 2010-06-23 21:32 33280 c:\windows\$NtUninstallKB2476687$\csrsrv.dll
+ 2011-03-07 20:54 . 2010-07-26 11:24 8576 c:\windows\system32\DRVSTORE\nmwcdnsuc_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdnsuc.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 8192 c:\windows\system32\DRVSTORE\ccdcmbm_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\usbser_lowerflt.sys
+ 2011-03-07 20:54 . 2010-07-30 13:16 8192 c:\windows\system32\DRVSTORE\ccdcmbj_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\usbser_lowerfltj.sys
+ 2011-02-02 13:47 . 2011-02-02 13:47 9216 c:\windows\system32\Adobe\Shockwave 11\DynaPlayer.dll
+ 2011-03-07 20:54 . 2011-03-07 20:54 3262 c:\windows\Installer\{4216D328-0FE8-48B8-85B8-BD300E6F080F}\ARPPRODUCTICON.exe
+ 2007-11-06 20:23 . 2007-11-06 20:23 240248 c:\windows\system32\wpcap.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 100848 c:\windows\system32\vxblock.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 440816 c:\windows\system32\pxwave.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 219632 c:\windows\system32\pxmas.dll
- 2010-12-04 09:38 . 2009-04-28 20:20 219632 c:\windows\system32\pxmas.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 571888 c:\windows\system32\pxdrv.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 698864 c:\windows\system32\px.dll
+ 2008-04-14 12:00 . 2011-03-20 06:21 467244 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-03-20 06:21 463442 c:\windows\system32\perfh005.dat
- 2010-06-23 21:33 . 2010-11-06 00:24 206848 c:\windows\system32\occache.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 206848 c:\windows\system32\occache.dll
+ 2009-02-09 10:59 . 2010-12-09 15:15 713216 c:\windows\system32\ntdll.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 611840 c:\windows\system32\mstime.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 611840 c:\windows\system32\mstime.dll
- 2010-06-23 21:38 . 2010-11-06 00:24 602112 c:\windows\system32\msfeeds.dll
+ 2010-06-23 21:38 . 2010-12-20 23:51 602112 c:\windows\system32\msfeeds.dll
+ 2011-02-18 17:23 . 2011-02-24 06:00 234656 c:\windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 157472 c:\windows\system32\javaws.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 157472 c:\windows\system32\javaws.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 145184 c:\windows\system32\javaw.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 145184 c:\windows\system32\javaw.exe
- 2011-01-01 14:10 . 2010-11-12 17:53 145184 c:\windows\system32\java.exe
+ 2011-03-20 06:21 . 2011-02-02 20:40 145184 c:\windows\system32\java.exe
+ 2010-06-23 21:32 . 2010-12-20 23:51 184320 c:\windows\system32\iepeers.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 184320 c:\windows\system32\iepeers.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 387584 c:\windows\system32\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 387584 c:\windows\system32\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 12:48 173568 c:\windows\system32\ie4uinit.exe
- 2010-06-23 21:32 . 2010-11-03 12:01 173568 c:\windows\system32\ie4uinit.exe
+ 2010-11-28 18:42 . 2011-02-10 02:25 267008 c:\windows\system32\FNTCACHE.DAT
- 2010-11-28 18:42 . 2011-01-06 06:52 267008 c:\windows\system32\FNTCACHE.DAT
+ 2011-03-07 20:59 . 2010-04-14 09:40 590848 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\PCCSWpdDriver.dll
- 2010-12-26 02:55 . 2010-04-14 10:40 590848 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\PCCSWpdDriver.dll
+ 2011-03-07 20:54 . 2010-07-26 11:24 137600 c:\windows\system32\DRVSTORE\nmwcdnsu_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdnsu.sys
+ 2011-03-02 23:23 . 2009-09-28 09:22 364544 c:\windows\system32\DRVSTORE\netm4cx_C1BB052BCDF07F80D8D1D7678C2410A51183EAD1\m4x32coinst.dll
+ 2011-03-02 23:23 . 2009-09-28 09:22 298752 c:\windows\system32\DRVSTORE\netm4cx_C1BB052BCDF07F80D8D1D7678C2410A51183EAD1\m4cxw2k3.sys
+ 2011-03-07 20:54 . 2010-07-30 13:17 604160 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\nmwcdcocls.dll
+ 2011-03-07 20:54 . 2010-07-30 13:17 111104 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\ccdcmbwu.dll
- 2010-06-23 21:34 . 2010-11-06 00:24 919552 c:\windows\system32\dllcache\wininet.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 919552 c:\windows\system32\dllcache\wininet.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 440832 c:\windows\system32\dllcache\shimgvw.dll
+ 2008-04-14 12:00 . 2011-02-09 13:53 270848 c:\windows\system32\dllcache\sbe.dll
- 2008-04-14 12:00 . 2008-04-14 12:00 270848 c:\windows\system32\dllcache\sbe.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 206848 c:\windows\system32\dllcache\occache.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-02-09 10:59 . 2010-12-09 15:15 713216 c:\windows\system32\dllcache\ntdll.dll
+ 2010-06-23 21:33 . 2010-12-20 23:51 611840 c:\windows\system32\dllcache\mstime.dll
- 2010-06-23 21:33 . 2010-11-06 00:24 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-06-23 21:33 . 2010-06-23 21:33 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-06-23 21:33 . 2010-12-20 17:24 729088 c:\windows\system32\dllcache\lsasrv.dll
+ 2010-06-23 21:32 . 2010-12-22 12:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-06-23 21:32 . 2010-06-23 21:32 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-06-23 21:32 . 2010-12-20 23:51 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2010-06-23 21:32 . 2010-11-06 00:24 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2010-06-23 21:32 . 2010-12-20 12:48 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2010-06-23 21:32 . 2010-11-03 12:01 173568 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00 . 2008-04-14 12:00 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
- 2010-06-23 21:32 . 2010-10-28 13:05 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2010-06-23 21:32 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll
- 2010-11-28 17:52 . 2010-06-23 21:32 130560 c:\windows\system32\dllcache\aaclient.dll
+ 2010-11-28 17:52 . 2010-12-22 11:29 130560 c:\windows\system32\dllcache\aaclient.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 114688 c:\windows\system32\Adobe\Shockwave 11\SwInit.exe
+ 2011-02-02 13:55 . 2011-02-02 13:55 469944 c:\windows\system32\Adobe\Shockwave 11\SwHelper_1159620.exe
+ 2011-02-02 13:35 . 2011-02-02 13:35 136568 c:\windows\system32\Adobe\Shockwave 11\SCC.dll
+ 2011-02-02 13:48 . 2011-02-02 13:48 446464 c:\windows\system32\Adobe\Shockwave 11\Proj.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 372736 c:\windows\system32\Adobe\Shockwave 11\Plugin.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 798208 c:\windows\system32\Adobe\Shockwave 11\gi.dll
+ 2011-02-02 13:46 . 2011-02-02 13:46 503808 c:\windows\system32\Adobe\Shockwave 11\Control.dll
+ 2011-02-02 13:55 . 2011-02-02 13:55 215992 c:\windows\system32\Adobe\Director\SwDir.dll
+ 2011-02-02 13:47 . 2011-02-02 13:47 135168 c:\windows\system32\Adobe\Director\np32dsw.dll
+ 2011-03-20 06:23 . 2011-03-20 06:23 180224 c:\windows\Installer\a45528a.msi
+ 2011-03-14 04:46 . 2011-03-14 04:46 424960 c:\windows\Installer\1c7736a.msi
+ 2011-03-07 20:58 . 2011-03-07 20:58 495616 c:\windows\Installer\193c4920.msi
+ 2011-03-07 20:54 . 2011-03-07 20:54 336384 c:\windows\Installer\193c48ea.msi
- 2011-01-04 18:41 . 2011-01-13 02:02 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 458752 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut20_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2011-03-14 04:48 . 2011-03-14 04:48 458752 c:\windows\Installer\{4D568C38-0552-4CDD-A643-01FAFA2957EF}\NewShortcut16_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll
+ 2009-02-14 05:04 . 2009-02-14 05:04 625520 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBSERVICES.DLL
+ 2009-02-12 14:19 . 2009-02-12 14:19 688512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEWEBPLATFORMSERVICES.DLL
+ 2009-03-06 03:33 . 2009-03-06 03:33 961888 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEUTIL.DLL
+ 2009-02-14 05:03 . 2009-02-14 05:03 337264 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVE.EXE
+ 2011-02-10 02:03 . 2010-11-06 00:24 919552 c:\windows\ie8updates\KB2482017-IE8\wininet.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe
+ 2011-02-10 02:03 . 2010-11-06 00:24 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll
+ 2011-02-10 02:03 . 2010-11-03 12:01 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe
+ 2011-02-10 02:10 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2485376$\spuninst\updspapi.dll
+ 2011-02-10 02:10 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2485376$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-10-28 13:05 290048 c:\windows\$NtUninstallKB2485376$\atmfd.dll
+ 2011-02-10 02:08 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2483185$\spuninst\updspapi.dll
+ 2011-02-10 02:08 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2483185$\spuninst\spuninst.exe
+ 2011-02-10 02:08 . 2010-06-23 21:34 439808 c:\windows\$NtUninstallKB2483185$\shimgvw.dll
+ 2011-02-10 02:08 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2479628$\spuninst\updspapi.dll
+ 2011-02-10 02:08 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2479628$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-02-22 14:21 391032 c:\windows\$NtUninstallKB2478971$\spuninst\updspapi.dll
+ 2011-02-10 02:10 . 2010-02-22 14:20 233848 c:\windows\$NtUninstallKB2478971$\spuninst\spuninst.exe
+ 2011-02-10 02:10 . 2010-06-23 21:32 301568 c:\windows\$NtUninstallKB2478971$\kerberos.dll
+ 2011-02-10 02:01 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2478960$\spuninst\updspapi.dll
+ 2011-02-10 02:01 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2478960$\spuninst\spuninst.exe
+ 2011-02-10 02:01 . 2010-06-23 21:33 729088 c:\windows\$NtUninstallKB2478960$\lsasrv.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2476687$\spuninst\updspapi.dll
+ 2011-02-10 02:03 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2476687$\spuninst\spuninst.exe
+ 2011-02-10 02:00 . 2010-07-05 13:13 391032 c:\windows\$NtUninstallKB2393802$\spuninst\updspapi.dll
+ 2011-02-10 02:00 . 2010-07-05 13:13 233848 c:\windows\$NtUninstallKB2393802$\spuninst\spuninst.exe
+ 2011-02-10 02:00 . 2009-02-09 10:59 710144 c:\windows\$NtUninstallKB2393802$\ntdll.dll
+ 2011-03-14 04:47 . 2011-03-14 04:47 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
- 2010-06-23 21:34 . 2010-11-06 00:24 1211904 c:\windows\system32\urlmon.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 1211904 c:\windows\system32\urlmon.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 8467456 c:\windows\system32\shell32.dll
- 2010-06-23 21:34 . 2010-07-27 06:29 8467456 c:\windows\system32\shell32.dll
+ 2010-12-04 09:38 . 2011-03-04 19:44 2095600 c:\windows\system32\pxsfs.dll
+ 2010-06-23 21:33 . 2010-12-09 15:14 2194944 c:\windows\system32\ntoskrnl.exe
+ 2010-02-16 19:02 . 2010-12-09 19:44 2071552 c:\windows\system32\ntkrnlpa.exe
+ 2010-06-23 21:33 . 2010-12-20 23:51 5962240 c:\windows\system32\mshtml.dll
+ 2010-11-28 18:28 . 2011-02-24 06:00 6053536 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2010-06-23 21:37 . 2010-12-20 23:51 1992192 c:\windows\system32\iertutil.dll
- 2010-06-23 21:37 . 2010-11-06 00:24 1992192 c:\windows\system32\iertutil.dll
+ 2011-03-07 20:59 . 2010-04-14 08:26 1837296 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\WUDFUpdate_01009.dll
- 2010-12-26 02:55 . 2010-04-14 09:26 1837296 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\WUDFUpdate_01009.dll
+ 2011-03-07 20:54 . 2010-02-26 13:19 1461992 c:\windows\system32\DRVSTORE\ccdcmb_1507EAA4009CCD3F133476A7176B42C0EDC3BF32\wdfcoinstaller01009.dll
+ 2010-06-23 21:34 . 2010-12-31 14:02 1864064 c:\windows\system32\dllcache\win32k.sys
- 2010-06-23 21:34 . 2010-11-06 00:24 1211904 c:\windows\system32\dllcache\urlmon.dll
+ 2010-06-23 21:34 . 2010-12-20 23:51 1211904 c:\windows\system32\dllcache\urlmon.dll
- 2010-06-23 21:34 . 2010-07-27 06:29 8467456 c:\windows\system32\dllcache\shell32.dll
+ 2010-06-23 21:34 . 2011-01-21 14:42 8467456 c:\windows\system32\dllcache\shell32.dll
+ 2010-11-28 19:11 . 2010-12-09 15:14 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2010-04-28 22:19 . 2010-12-09 19:44 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-06-23 21:33 . 2010-12-20 23:51 5962240 c:\windows\system32\dllcache\mshtml.dll
+ 2010-11-28 19:10 . 2010-12-20 23:51 1992192 c:\windows\system32\dllcache\iertutil.dll
- 2010-11-28 19:10 . 2010-11-06 00:24 1992192 c:\windows\system32\dllcache\iertutil.dll
+ 2011-02-02 13:39 . 2011-02-02 13:39 1019904 c:\windows\system32\Adobe\Shockwave 11\iml32.dll
+ 2011-02-02 13:35 . 2011-02-02 13:35 2224816 c:\windows\system32\Adobe\Shockwave 11\gt.exe
+ 2011-02-02 13:41 . 2011-02-02 13:41 1802240 c:\windows\system32\Adobe\Shockwave 11\dirapi.dll
+ 2011-02-16 12:54 . 2011-02-16 12:54 4992000 c:\windows\Installer\848d228.msp
+ 2011-01-11 16:53 . 2011-01-11 16:53 1763328 c:\windows\Installer\848d207.msp
+ 2011-01-11 16:52 . 2011-01-11 16:52 3360768 c:\windows\Installer\33ca310.msp
+ 2011-03-14 04:48 . 2011-03-14 04:48 1882112 c:\windows\Installer\1c77370.msi
+ 2011-01-04 18:41 . 2011-03-10 02:05 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2011-01-04 18:41 . 2011-03-10 02:05 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2011-01-04 18:41 . 2011-01-13 02:02 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll
+ 2010-11-10 11:49 . 2010-11-10 11:49 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe
+ 2010-11-10 11:49 . 2010-11-10 11:49 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe
+ 2009-02-14 05:03 . 2009-02-14 05:03 3070832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\GROOVEDOCUMENTSHARETOOL.DLL
+ 2011-02-10 02:03 . 2010-11-06 00:24 1211904 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 5960704 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll
+ 2011-02-10 02:03 . 2010-11-06 00:24 1992192 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll
+ 2010-11-28 19:11 . 2010-12-09 15:14 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2010-04-28 22:19 . 2010-12-09 19:44 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2010-11-28 19:11 . 2010-12-09 15:14 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-02-10 02:08 . 2010-07-27 06:29 8467456 c:\windows\$NtUninstallKB2483185$\shell32.dll
+ 2011-02-10 02:08 . 2010-10-26 14:04 1862272 c:\windows\$NtUninstallKB2479628$\win32k.sys
+ 2011-02-10 02:00 . 2010-04-28 05:19 2192256 c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
+ 2011-02-10 02:00 . 2010-04-28 05:19 2026496 c:\windows\$NtUninstallKB2393802$\ntkrpamp.exe
+ 2011-02-10 02:00 . 2010-04-28 22:19 2069120 c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
+ 2011-02-10 02:00 . 2010-04-28 05:19 2148352 c:\windows\$NtUninstallKB2393802$\ntkrnlmp.exe
+ 2010-06-23 21:38 . 2011-03-10 02:05 37943240 c:\windows\system32\MRT.exe
- 2010-06-23 21:37 . 2010-11-06 04:54 11082752 c:\windows\system32\ieframe.dll
+ 2010-06-23 21:37 . 2010-12-20 23:51 11082752 c:\windows\system32\ieframe.dll
+ 2010-09-10 10:20 . 2010-12-20 23:51 11082752 c:\windows\system32\dllcache\ieframe.dll
- 2010-09-10 10:20 . 2010-11-06 04:54 11082752 c:\windows\system32\dllcache\ieframe.dll
+ 2011-01-30 20:52 . 2011-01-30 20:52 12425728 c:\windows\Installer\b1110.msp
+ 2011-03-09 02:02 . 2011-03-09 02:02 20308992 c:\windows\Installer\322b58c.msp
+ 2010-11-10 11:49 . 2010-11-10 11:49 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll
+ 2011-02-10 02:03 . 2010-11-06 04:54 11082752 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2010-02-28 519584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-05-04 1572872]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544]
"Cmaudio8788MixerMonitor"="c:\program files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe" [2007-09-07 90112]
"Cmaudio8788Hook"="c:\windows\system\ComHookMonitor.exe" [2007-08-10 20480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-23 2548552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2010-11-28 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-06-23 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mobiola Web Camera for S60\\webcam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Miranda\\Wolf\\RobbeF1\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.12.2010 6:16 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.3.2011 6:36 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.3.2011 6:36 301528]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9.4.2010 1:25 27576]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.3.2011 6:36 19544]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [26.2.2011 12:51 1382672]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [28.11.2010 20:44 10448]
R3 cmudaxp;ASUS Xonar D2 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [12.12.2010 15:16 1839680]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link DGE-5xx Gigabit Ethernet Adapter;c:\windows\system32\drivers\m4cxw2k3.sys [3.3.2011 0:23 298752]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [23.6.2010 22:37 9472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [28.11.2010 19:01 130384]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [28.11.2010 21:01 14856]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys --> c:\windows\system32\DRIVERS\nlndis.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.3.2011 21:54 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.3.2011 21:54 8576]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 REVO51;REVO51;c:\windows\system32\DRIVERS\revo51.sys --> c:\windows\system32\DRIVERS\revo51.sys [?]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x86l.sys [22.9.2009 10:10 60928]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x86v.sys [27.8.2009 10:10 20992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Luke\Data aplikací\Mozilla\Firefox\Profiles\40bb21pn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 11:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Xanthic\{290A6A8A-0F70-FC9A-A343-BE3AB91B8116}*_]
"fr"="078D556350544C"
"lr"="078D59765E5551"
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(4044)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-03-20 11:41:48
ComboFix-quarantined-files.txt 2011-03-20 10:41
ComboFix2.txt 2011-02-07 20:47
.
Před spuštěním: Volných bajtů: 288 594 939 904
Po spuštění: Volných bajtů: 288 707 809 280
.
- - End Of File - - 595158AB9FFBFCE478129917BC2BFDCD
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Nejdřív odinstaluj SuperAntiSpyware
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Folder::
c:\documents and settings\All Users\Data aplikací\McAfee
c:\documents and settings\Luke\Local Settings\Data aplikací\ESET
File::
c:\windows\iun6002.exe
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\DRIVERS\nlndis.sys
c:\windows\system32\DRIVERS\revo51.sys
Driver::
NLNdisMP
NLNdisPT
REVO51
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Preventivní kontrola
ComboFix 11-03-19.03 - Luke 20.03.2011 13:21:43.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3199.2491 [GMT 1:00]
Spuštěný z: c:\documents and settings\Luke\Plocha\prehravace MP3\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Luke\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"c:\windows\iun6002.exe"
"c:\windows\system32\DRIVERS\nlndis.sys"
"c:\windows\system32\DRIVERS\revo51.sys"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-20 do 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 10:01 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:01 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 06:23 . 2011-03-20 06:23 -------- d-----w- c:\program files\Common Files\Java
2011-03-19 12:20 . 2011-03-19 12:20 -------- d-----w- c:\program files\Winamp Detect
2011-03-19 12:20 . 2011-03-04 19:44 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 59888 ------w- c:\windows\system32\pxwma.dll
2011-03-19 12:19 . 2011-03-19 12:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winamp
2011-03-19 12:19 . 2011-03-19 12:23 -------- d-----w- c:\program files\Winamp
2011-03-19 11:49 . 2011-03-19 11:56 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winyl
2011-03-19 11:48 . 2011-03-19 11:48 -------- d-----w- c:\program files\Winyl
2011-03-19 10:58 . 2011-03-19 11:06 -------- d-----w- c:\program files\The GodFather
2011-03-18 06:58 . 2011-03-18 07:00 -------- d-----w- c:\program files\The KMPlayer
2011-03-18 06:27 . 2011-02-15 22:30 121344 ----a-w- c:\windows\system32\lagarith.dll
2011-03-18 06:27 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-18 06:27 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-18 06:27 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-18 06:27 . 2006-04-02 13:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-03-18 06:27 . 2011-02-28 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-18 06:27 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-18 06:27 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-18 06:27 . 2011-03-18 06:27 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-16 18:42 . 2011-03-16 18:42 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Browser Plugin
2011-03-13 12:49 . 2011-03-13 12:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-03-13 11:29 . 2011-03-13 20:58 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Nokia Ovi Suite
2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nokia
2011-03-12 07:55 . 2011-03-12 07:55 -------- d-----w- c:\windows\Sun
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\Luke\Data aplikací\RealHideIP
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RealHideIP
2011-03-12 07:05 . 2011-03-12 07:05 -------- d-----w- c:\program files\RealHideIP
2011-03-11 19:42 . 2011-03-11 19:42 -------- d-----w- c:\documents and settings\Luke\Data aplikací\VitySoft
2011-03-09 10:44 . 2010-12-21 11:26 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2011-03-09 10:44 . 2010-12-22 11:29 2690560 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-03-09 06:30 . 2011-03-09 06:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Media Player Classic
2011-03-08 21:41 . 2011-03-20 05:45 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 12
2011-03-08 11:22 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-07 21:04 . 2011-03-08 07:41 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Nokia
2011-03-07 20:59 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-03-07 20:58 . 2011-03-07 20:58 -------- d-----w- c:\program files\PC Connectivity Solution
2011-03-07 20:54 . 2010-07-26 11:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-03-07 20:54 . 2010-07-26 11:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-03-07 20:54 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-03-07 20:54 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-03-07 20:54 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-03-07 20:54 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-03-07 20:54 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-03-07 08:38 . 2011-03-07 09:13 -------- d-----w- C:\Down-mazeme
2011-03-02 23:23 . 2009-10-08 09:11 643072 ----a-w- c:\windows\system32\ykx32ncu.dll
2011-03-02 23:23 . 2009-09-28 09:22 364544 ----a-w- c:\windows\system32\m4x32coinst.dll
2011-03-02 23:23 . 2009-09-28 09:22 298752 ----a-w- c:\windows\system32\drivers\m4cxw2k3.sys
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\program files\D-Link
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\TMP
2011-03-01 05:36 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-01 05:36 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-01 05:36 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-01 05:36 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-01 05:36 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-01 05:36 . 2011-02-23 14:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-03-01 05:36 . 2011-02-23 14:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-03-01 05:36 . 2011-02-23 14:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-03-01 05:36 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-01 05:36 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\program files\AVAST Software
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-02-26 12:10 . 2011-02-26 12:10 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Locktime
2011-02-26 12:03 . 2011-02-26 12:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Locktime
2011-02-26 11:58 . 2011-02-26 11:58 -------- d-----w- c:\program files\WinPcap
2011-02-26 11:58 . 2011-03-08 22:49 -------- d-----w- c:\program files\iTraffic Monitor
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\program files\DU Meter
2011-02-26 05:13 . 2011-02-26 05:13 -------- d-----w- c:\program files\Down2Home
2011-02-26 05:03 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-26 05:03 . 2011-02-26 05:03 -------- d-----w- c:\program files\Axence
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-03-20 10:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-25 03:37 . 2011-02-25 03:37 -------- d-----w- c:\program files\Trend Micro
2011-02-24 09:55 . 2011-02-24 09:55 -------- d-----w- c:\windows\system32\LogFiles
2011-02-24 06:00 . 2011-02-24 06:00 -------- d-----w- c:\windows\system32\Adobe
2011-02-22 14:37 . 2011-02-22 14:37 -------- d-----w- c:\documents and settings\Luke\Data aplikací\O2
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 19:44 . 2010-12-04 09:38 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-03-04 19:44 . 2010-12-04 09:38 133616 ------w- c:\windows\system32\pxafs.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-11-28 18:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-11-28 18:28 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-23 09:01 . 2010-04-09 00:26 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-23 09:01 . 2010-04-09 00:25 94784 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-23 09:01 . 2010-04-09 00:25 27576 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-23 09:01 . 2010-04-09 00:25 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-23 09:01 . 2010-04-09 00:25 239368 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-21 14:42 . 2010-06-23 21:34 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2010-06-23 21:32 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:02 . 2010-06-23 21:34 1864064 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 09:39 . 2010-11-28 19:45 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-22 12:32 . 2010-06-23 21:32 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-22 11:29 . 2010-11-28 17:53 36864 ----a-w- c:\windows\system32\tsgqec.dll
2010-12-22 11:29 . 2010-11-28 17:52 2690560 ----a-w- c:\windows\system32\mstscax.dll
2010-12-22 11:29 . 2010-11-28 17:52 130560 ----a-w- c:\windows\system32\aaclient.dll
2010-12-21 11:26 . 2010-11-28 17:52 1034240 ----a-w- c:\windows\system32\mstsc.exe
2010-12-20 23:51 . 2010-06-23 21:34 919552 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:51 . 2010-06-23 21:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:51 . 2010-06-23 21:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:24 . 2010-06-23 21:33 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:48 . 2010-06-23 21:32 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
.
[-] 2010-06-23 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot_2011-03-20_10.37.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-20 12:35 . 2011-03-20 12:35 16384 c:\windows\temp\Perflib_Perfdata_6d0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2010-02-28 519584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-05-04 1572872]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544]
"Cmaudio8788MixerMonitor"="c:\program files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe" [2007-09-07 90112]
"Cmaudio8788Hook"="c:\windows\system\ComHookMonitor.exe" [2007-08-10 20480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-23 2548552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2010-11-28 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-06-23 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mobiola Web Camera for S60\\webcam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Miranda\\Wolf\\RobbeF1\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.12.2010 6:16 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.3.2011 6:36 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.3.2011 6:36 301528]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9.4.2010 1:25 27576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.3.2011 6:36 19544]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [26.2.2011 12:51 1382672]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [28.11.2010 20:44 10448]
R3 cmudaxp;ASUS Xonar D2 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [12.12.2010 15:16 1839680]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link DGE-5xx Gigabit Ethernet Adapter;c:\windows\system32\drivers\m4cxw2k3.sys [3.3.2011 0:23 298752]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [23.6.2010 22:37 9472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [28.11.2010 19:01 130384]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [28.11.2010 21:01 14856]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.3.2011 21:54 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.3.2011 21:54 8576]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x86l.sys [22.9.2009 10:10 60928]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x86v.sys [27.8.2009 10:10 20992]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [23.6.2010 22:34 14848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Luke\Data aplikací\Mozilla\Firefox\Profiles\40bb21pn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 13:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Xanthic\{290A6A8A-0F70-FC9A-A343-BE3AB91B8116}*_]
"fr"="078D556350544C"
"lr"="078D59765E5551"
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(568)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-03-20 13:40:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-20 12:40
ComboFix2.txt 2011-03-20 12:05
ComboFix3.txt 2011-03-20 10:41
ComboFix4.txt 2011-02-07 20:47
.
Před spuštěním: Volných bajtů: 288 697 155 584
Po spuštění: Volných bajtů: 288 680 890 368
.
- - End Of File - - 50C018951D928C83EB387480110E2A7D
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3199.2491 [GMT 1:00]
Spuštěný z: c:\documents and settings\Luke\Plocha\prehravace MP3\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Luke\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"c:\windows\iun6002.exe"
"c:\windows\system32\DRIVERS\nlndis.sys"
"c:\windows\system32\DRIVERS\revo51.sys"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-20 do 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 10:01 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 10:01 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 06:23 . 2011-03-20 06:23 -------- d-----w- c:\program files\Common Files\Java
2011-03-19 12:20 . 2011-03-19 12:20 -------- d-----w- c:\program files\Winamp Detect
2011-03-19 12:20 . 2011-03-04 19:44 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-03-19 12:20 . 2011-03-04 19:44 59888 ------w- c:\windows\system32\pxwma.dll
2011-03-19 12:19 . 2011-03-19 12:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winamp
2011-03-19 12:19 . 2011-03-19 12:23 -------- d-----w- c:\program files\Winamp
2011-03-19 11:49 . 2011-03-19 11:56 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Winyl
2011-03-19 11:48 . 2011-03-19 11:48 -------- d-----w- c:\program files\Winyl
2011-03-19 10:58 . 2011-03-19 11:06 -------- d-----w- c:\program files\The GodFather
2011-03-18 06:58 . 2011-03-18 07:00 -------- d-----w- c:\program files\The KMPlayer
2011-03-18 06:27 . 2011-02-15 22:30 121344 ----a-w- c:\windows\system32\lagarith.dll
2011-03-18 06:27 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll
2011-03-18 06:27 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-03-18 06:27 . 2008-09-24 19:41 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-03-18 06:27 . 2006-04-02 13:47 630784 ----a-w- c:\windows\system32\vp7vfw.dll
2011-03-18 06:27 . 2011-02-28 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll
2011-03-18 06:27 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll
2011-03-18 06:27 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll
2011-03-18 06:27 . 2011-03-18 06:27 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-03-16 18:42 . 2011-03-16 18:42 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Browser Plugin
2011-03-13 12:49 . 2011-03-13 12:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-03-13 11:29 . 2011-03-13 20:58 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Nokia Ovi Suite
2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nokia
2011-03-12 07:55 . 2011-03-12 07:55 -------- d-----w- c:\windows\Sun
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\Luke\Data aplikací\RealHideIP
2011-03-12 07:06 . 2011-03-12 07:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RealHideIP
2011-03-12 07:05 . 2011-03-12 07:05 -------- d-----w- c:\program files\RealHideIP
2011-03-11 19:42 . 2011-03-11 19:42 -------- d-----w- c:\documents and settings\Luke\Data aplikací\VitySoft
2011-03-09 10:44 . 2010-12-21 11:26 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2011-03-09 10:44 . 2010-12-22 11:29 2690560 -c----w- c:\windows\system32\dllcache\mstscax.dll
2011-03-09 06:30 . 2011-03-09 06:30 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Media Player Classic
2011-03-08 21:41 . 2011-03-20 05:45 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 12
2011-03-08 11:22 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2011-03-07 21:04 . 2011-03-08 07:41 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Nokia
2011-03-07 20:59 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-03-07 20:58 . 2011-03-07 20:58 -------- d-----w- c:\program files\PC Connectivity Solution
2011-03-07 20:54 . 2010-07-26 11:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-03-07 20:54 . 2010-07-26 11:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-03-07 20:54 . 2010-07-30 13:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-03-07 20:54 . 2010-07-30 13:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-03-07 20:54 . 2010-07-30 13:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-03-07 20:54 . 2010-07-30 13:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-03-07 20:54 . 2010-07-30 13:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-03-07 20:54 . 2010-02-26 13:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-03-07 08:38 . 2011-03-07 09:13 -------- d-----w- C:\Down-mazeme
2011-03-02 23:23 . 2009-10-08 09:11 643072 ----a-w- c:\windows\system32\ykx32ncu.dll
2011-03-02 23:23 . 2009-09-28 09:22 364544 ----a-w- c:\windows\system32\m4x32coinst.dll
2011-03-02 23:23 . 2009-09-28 09:22 298752 ----a-w- c:\windows\system32\drivers\m4cxw2k3.sys
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\program files\D-Link
2011-03-02 23:23 . 2011-03-02 23:23 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\TMP
2011-03-01 05:36 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-01 05:36 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-01 05:36 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-01 05:36 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-01 05:36 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-01 05:36 . 2011-02-23 14:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-03-01 05:36 . 2011-02-23 14:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-03-01 05:36 . 2011-02-23 14:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-03-01 05:36 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-01 05:36 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\program files\AVAST Software
2011-03-01 05:35 . 2011-03-01 05:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-02-26 12:10 . 2011-02-26 12:10 -------- d-----w- c:\documents and settings\Luke\Local Settings\Data aplikací\Locktime
2011-02-26 12:03 . 2011-02-26 12:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Locktime
2011-02-26 11:58 . 2011-02-26 11:58 -------- d-----w- c:\program files\WinPcap
2011-02-26 11:58 . 2011-03-08 22:49 -------- d-----w- c:\program files\iTraffic Monitor
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Hagel Technologies
2011-02-26 11:51 . 2011-02-26 11:51 -------- d-----w- c:\program files\DU Meter
2011-02-26 05:13 . 2011-02-26 05:13 -------- d-----w- c:\program files\Down2Home
2011-02-26 05:03 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-26 05:03 . 2011-02-26 05:03 -------- d-----w- c:\program files\Axence
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\Luke\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-02-25 04:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-02-25 04:01 . 2011-03-20 10:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-25 03:37 . 2011-02-25 03:37 -------- d-----w- c:\program files\Trend Micro
2011-02-24 09:55 . 2011-02-24 09:55 -------- d-----w- c:\windows\system32\LogFiles
2011-02-24 06:00 . 2011-02-24 06:00 -------- d-----w- c:\windows\system32\Adobe
2011-02-22 14:37 . 2011-02-22 14:37 -------- d-----w- c:\documents and settings\Luke\Data aplikací\O2
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 19:44 . 2010-12-04 09:38 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-03-04 19:44 . 2010-12-04 09:38 133616 ------w- c:\windows\system32\pxafs.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 20:40 . 2010-11-28 18:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2010-11-28 18:28 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-01-23 09:01 . 2010-04-09 00:26 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-23 09:01 . 2010-04-09 00:25 94784 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-23 09:01 . 2010-04-09 00:25 27576 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-23 09:01 . 2010-04-09 00:25 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-23 09:01 . 2010-04-09 00:25 239368 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-21 14:42 . 2010-06-23 21:34 440832 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-07 14:09 . 2010-06-23 21:32 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 14:02 . 2010-06-23 21:34 1864064 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 09:39 . 2010-11-28 19:45 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-12-22 12:32 . 2010-06-23 21:32 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-22 11:29 . 2010-11-28 17:53 36864 ----a-w- c:\windows\system32\tsgqec.dll
2010-12-22 11:29 . 2010-11-28 17:52 2690560 ----a-w- c:\windows\system32\mstscax.dll
2010-12-22 11:29 . 2010-11-28 17:52 130560 ----a-w- c:\windows\system32\aaclient.dll
2010-12-21 11:26 . 2010-11-28 17:52 1034240 ----a-w- c:\windows\system32\mstsc.exe
2010-12-20 23:51 . 2010-06-23 21:34 919552 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:51 . 2010-06-23 21:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:51 . 2010-06-23 21:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:24 . 2010-06-23 21:33 729088 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:48 . 2010-06-23 21:32 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
.
[-] 2010-06-23 . 8F41FD1CC693054347C6FB7B0E618B07 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot_2011-03-20_10.37.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-03-20 12:35 . 2011-03-20 12:35 16384 c:\windows\temp\Perflib_Perfdata_6d0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"="c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE" [2010-02-28 519584]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-06 98304]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2009-05-04 354312]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2009-05-04 1572872]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2009-05-04 2817544]
"Cmaudio8788MixerMonitor"="c:\program files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe" [2007-09-07 90112]
"Cmaudio8788Hook"="c:\windows\system\ComHookMonitor.exe" [2007-08-10 20480]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-23 2548552]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2010-11-28 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-06-23 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mobiola Web Camera for S60\\webcam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"e:\\Miranda\\Wolf\\RobbeF1\\miranda32.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.12.2010 6:16 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.3.2011 6:36 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.3.2011 6:36 301528]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9.4.2010 1:25 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9.4.2010 1:25 27576]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.3.2011 6:36 19544]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO livePCsupport\CLPSLS.exe [19.2.2010 17:00 148744]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [26.2.2011 12:51 1382672]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [28.11.2010 20:44 10448]
R3 cmudaxp;ASUS Xonar D2 Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [12.12.2010 15:16 1839680]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link DGE-5xx Gigabit Ethernet Adapter;c:\windows\system32\drivers\m4cxw2k3.sys [3.3.2011 0:23 298752]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [23.6.2010 22:37 9472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [28.11.2010 19:01 130384]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [23.11.2009 17:37 19720]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [28.11.2010 21:01 14856]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [7.3.2011 21:54 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [7.3.2011 21:54 8576]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\drivers\yk51x86l.sys [22.9.2009 10:10 60928]
S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\drivers\yk51x86v.sys [27.8.2009 10:10 20992]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [23.6.2010 22:34 14848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\documents and settings\Luke\Data aplikací\Mozilla\Firefox\Profiles\40bb21pn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-20 13:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Xanthic\{290A6A8A-0F70-FC9A-A343-BE3AB91B8116}*_]
"fr"="078D556350544C"
"lr"="078D59765E5551"
DUMPHIVE0.003 (REGF)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(568)
c:\windows\system32\msi.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\program files\Logitech\GamePanel Software\Applets\LCDClock.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
c:\program files\Logitech\GamePanel Software\Applets\LCDRSS.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-03-20 13:40:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-20 12:40
ComboFix2.txt 2011-03-20 12:05
ComboFix3.txt 2011-03-20 10:41
ComboFix4.txt 2011-02-07 20:47
.
Před spuštěním: Volných bajtů: 288 697 155 584
Po spuštění: Volných bajtů: 288 680 890 368
.
- - End Of File - - 50C018951D928C83EB387480110E2A7D
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Preventivní kontrola
*PC se chová stabilněm, vypadá to že je i trošku svižnější
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:10, on 20.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
C:\WINDOWS\system\ComHookMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Cmaudio8788MixerMonitor] C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
O4 - HKLM\..\Run: [Cmaudio8788Hook] C:\WINDOWS\system\ComHookMonitor.exe Envoke
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)
--
End of file - 7757 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:09:10, on 20.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
C:\WINDOWS\system\ComHookMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Cmaudio8788MixerMonitor] C:\Program Files\ASUS Xonar D2 Audio\Customapp\Program\MixerMonitor.exe
O4 - HKLM\..\Run: [Cmaudio8788Hook] C:\WINDOWS\system\ComHookMonitor.exe Envoke
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)
--
End of file - 7757 bytes
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Fixni O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Jinak co se týče SW, tak to máš čisté. Pokud by to opět padalo, tak zkontroluj disk utilitou do výrobce, RAM memtestem a založ téma v HW sekci. Tady to můžeš zavřít
Jinak co se týče SW, tak to máš čisté. Pokud by to opět padalo, tak zkontroluj disk utilitou do výrobce, RAM memtestem a založ téma v HW sekci. Tady to můžeš zavřít
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Preventivní kontrola
Díky za ochotu a trpělivost, vše v pořádku
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 84 hostů