Hijack - prosím o kontrolu

[simonides2000]

No to v žádném případě... ale to se nedá nic dělat... vyzkoušet se má všechno... teď dělám tu opravu systému... tohle píšu z noťasu.... tak uvidím... nějak to ale moc nevidímj...

[bledulka]

Tak dej pak vědět.

[simonides2000]

15 min

[simonides2000]

Problémy se rojí.... Ozvu se zítra... myš mi ale funguje....

[bledulka]

Dobře, zítra tu přes den občas budu.

[simonides2000]

Bledulko hezký den :-) Tak jsem to všechno zinovoval (žádná sranda..). Myšítko jsem vyřešil, ale jinak problémy stejné. Už mi to spadlo dvakrát a o Shockwave flashi ani nemluvím. Pokud se jedná o flash, tak tam je problém hlavně v Google Chrome a Mozille. jsou to open source prohlížeče a Mozilla na odlišném jádře Gecko a s minimem pluginů, které naopak zamořují Internet Explorer....Pokud pracuji s MSIE, tak takové problémy s flash a pluginy kupodivu nemám... Tak nevím, jestli i tady není někde problém...Ta svině (omluva za tento výraz, ale nemám lepší) tam samozřejmě zůstává dál, i po bodu obnovení... Buď tedy je to taková mrcha, že je jí jedno, co se s počítačem děje a sedí někde přilepená ať se děje co se děje, nebo je v nějakém programu zakomponovaná. Ovšem to musí být v programu, který mám nainstalován již dlouho, protože pokud ani měsíc nazpět problém nevyřešil, tak pak bych tomu přestával rozumět. Je to ale spíš nějaká služba, nebo proces - jinak tomu nerozumím... Domluvíme se tedy tak, že toto je poslední možnost, jak se toho šmejda zbavit. Já jsem v koncích a pokud na to nepřijdeš ani ty a ani teď, tak to prostě přeinstaluji. Už to tu děláme skoro týden. Skoro už bych tě mohl pozvat na kávu, jak "dobře" se už známe... Zkusím se tedy zbavit toho rootkita a hodím ti sem ten požadovaný log.

[bledulka]

Udělej ten skript a uvidí se.
Osobně to vidím na totálně dokopaný systém, který si už žije svůj život.

[simonides2000]

Souhlas. Končíme. Díky za všechno.

[bledulka]

Ještě zkus ten skript.

[simonides2000]

Odinstaloval jsem natvrdo a násilně Trojan remover i TuneUp, celé to restartoval a zajímalo by mne teď po obnově systému log Hijacku kdyby ses na něj podívala, než udělám ten rootkit. Díky.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:33, on 6.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Milan\Dokumenty\Downloads\HijackThis.exe
C:\Documents and Settings\Milan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://register.scansoft.com/form-eng. ... H08-001002
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\Translat\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\Translat\WEBIE.DLL
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Namedate] C:\Program Files\Nezmeskej\nezmeskej.exe s s
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\Translat\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 1046446796
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4096294281
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\Skype4COM.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c9ec57704d342c) (gupdate1c9ec57704d342c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Program Files\Nero\Nero BackItUp 4\IoctlSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: Nepřerušitelný zdroj napájení (UPS) (UPS) - Unknown owner - C:\WINDOWS\System32\ups.exe (file missing)

--
End of file - 9054 bytes

[bledulka]

Mě hlavně zajímá ten skript, v HJT se toho moc nedovím .

[simonides2000]

Ten skript v Combofixu mi nešel udělat... Combofix proběhnul, ale log se mi vytvářel hodinu a deset minut a nic.... i když Combofix pracoval.... Nemůže to být tím, že adresář z toho skriptu už neexistuje? Myslím tím adresář Trojan remover v Program Files? Udělal jsem radikální čistku a na sílu odinstaloval jak TR, tak i TU... Posílám normální log z Combofixu a podívej se tedy, jestli script, který jsi mi poslala na rootkit je ještě platný...



ComboFix 10-08-05.06 - Milan 06.08.2010 15:54:56.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3582.3107 [GMT 2:00]
Spuštěný z: c:\documents and settings\Milan\Plocha\xyz.exe
AV: ESET NOD32 Antivirus 4.2 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\settings.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-06 do 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-06 12:31 . 2010-08-06 12:33 -------- d-----w- C:\xyz
2010-08-06 12:31 . 2010-08-06 12:31 389632 ----a-w- c:\windows\system32\CF3337.exe
2010-08-06 10:29 . 2006-06-14 09:00 82944 -c----w- c:\windows\system32\dllcache\wdmaud.sys
2010-08-06 10:29 . 2006-06-14 08:47 6400 -c----w- c:\windows\system32\dllcache\splitter.sys
2010-08-06 10:29 . 2006-06-14 08:47 172416 -c----w- c:\windows\system32\dllcache\kmixer.sys
2010-08-06 10:28 . 2006-06-01 18:49 27648 -c----w- c:\windows\system32\dllcache\jgpl400.dll
2010-08-06 10:28 . 2006-06-01 18:49 163840 -c----w- c:\windows\system32\dllcache\jgdw400.dll
2010-08-06 09:46 . 2009-12-30 10:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-08-06 09:28 . 2009-10-20 14:58 263552 -c----w- c:\windows\system32\dllcache\http.sys
2010-08-06 09:28 . 2009-11-27 16:40 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-08-06 09:28 . 2009-11-27 16:40 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-08-05 22:53 . 2003-10-02 10:48 53248 ----a-r- c:\windows\system32\P17CPI.dll
2010-08-05 22:53 . 2005-07-07 08:14 1389056 ----a-r- c:\windows\system32\drivers\P17.sys
2010-08-05 22:53 . 2005-06-13 05:03 137728 ----a-r- c:\windows\system32\P17res.dll
2010-08-05 22:53 . 2005-05-03 11:38 64512 ----a-r- c:\windows\system32\P17.dll
2010-08-05 22:53 . 2005-06-27 10:37 133632 ----a-r- c:\windows\system32\CtDvInst.dll
2010-08-05 22:52 . 2010-08-05 22:52 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-08-05 22:49 . 2009-11-27 17:35 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-08-05 22:49 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-08-05 22:48 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-08-05 22:48 . 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
2010-08-05 22:47 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-08-05 22:47 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-08-05 22:47 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-08-05 22:47 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-08-05 22:45 . 2010-08-05 22:45 15600 ----a-w- c:\windows\gdrv.sys
2010-08-05 22:30 . 2010-08-06 10:42 -------- d--h--w- c:\windows\$hf_mig$
2010-08-05 21:30 . 2004-08-18 12:00 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-08-05 21:28 . 2004-08-18 12:00 8704 -c--a-w- c:\windows\system32\dllcache\infoctrs.dll
2010-08-05 21:27 . 2004-08-18 12:00 8192 -c--a-w- c:\windows\system32\dllcache\staxmem.dll
2010-08-05 21:25 . 2004-08-18 12:00 99840 -c--a-w- c:\windows\system32\dllcache\helphost.exe
2010-08-05 21:25 . 2004-08-18 12:00 7168 -c--a-w- c:\windows\system32\dllcache\hcappres.dll
2010-08-05 21:25 . 2004-08-18 12:00 35328 -c--a-w- c:\windows\system32\dllcache\notiflag.exe
2010-08-05 21:25 . 2004-08-18 12:00 21504 -c--a-w- c:\windows\system32\dllcache\brpinfo.dll
2010-08-05 21:25 . 2004-08-18 12:00 11264 -c--a-w- c:\windows\system32\dllcache\atrace.dll
2010-08-05 21:25 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\atrace.dll
2010-08-05 21:25 . 2004-08-18 12:00 40960 -c--a-w- c:\windows\system32\dllcache\msinfo32.exe
2010-08-05 21:25 . 2004-08-18 12:00 12288 -c--a-w- c:\windows\system32\dllcache\wb32.exe
2010-08-05 21:25 . 2004-08-18 12:00 12288 -c--a-w- c:\windows\system32\dllcache\nmevtmsg.dll
2010-08-05 21:25 . 2004-08-18 12:00 12288 -c--a-w- c:\windows\system32\dllcache\cb32.exe
2010-08-05 21:25 . 2004-08-18 12:00 12288 ----a-w- c:\windows\system32\nmevtmsg.dll
2010-08-05 21:25 . 2004-08-18 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-08-05 20:58 . 2004-08-18 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-08-05 20:58 . 2004-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-08-05 20:58 . 2004-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-08-05 20:58 . 2004-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-08-05 18:17 . 2010-08-05 18:17 390144 ----a-w- c:\windows\system32\CF18442.exe
2010-08-05 17:31 . 2010-08-05 17:31 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-05 17:26 . 2010-08-05 17:26 -------- d-----w- c:\program files\Common Files\Skype
2010-08-05 13:56 . 2010-08-05 13:56 -------- d-----w- c:\program files\Google Chrome Backup
2010-08-03 14:49 . 2010-08-03 14:49 -------- d-----w- c:\program files\VS Revo Group
2010-08-03 09:05 . 2010-08-05 17:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-25 13:23 . 2010-07-25 13:23 -------- d-----w- c:\windows\system32\URTTEMP
2010-07-25 13:21 . 2004-08-18 12:00 726078 -c--a-w- c:\windows\system32\dllcache\srchui.dll
2010-07-25 13:21 . 2004-08-18 12:00 58434 -c--a-w- c:\windows\system32\dllcache\srchctls.dll
2010-07-25 13:21 . 2004-08-18 12:00 3166208 -c--a-w- c:\windows\system32\dllcache\msgr3en.dll
2010-07-25 13:19 . 2010-07-25 13:19 -------- d-----w- c:\windows\system32\winrm
2010-07-25 13:18 . 2010-01-14 15:06 158720 ----a-w- c:\windows\system32\rdpinit.exe
2010-07-25 13:18 . 2010-01-14 15:07 45056 ----a-w- c:\windows\system32\winlogonnotification.dll
2010-07-25 13:18 . 2010-01-14 15:07 223232 ----a-w- c:\windows\system32\wksprt.exe
2010-07-25 13:18 . 2010-01-14 15:07 12800 ----a-w- c:\windows\system32\wksprtps.dll
2010-07-25 13:18 . 2010-01-14 15:06 134144 ----a-w- c:\windows\system32\tspubwmi.dll
2010-07-25 13:18 . 2010-01-14 15:06 243200 ----a-w- c:\windows\system32\rdpshell.exe
2010-07-25 13:18 . 2010-01-14 15:06 46080 ----a-w- c:\windows\system32\tswbprxy.exe
2010-07-25 13:18 . 2010-01-14 15:04 44544 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2010-07-25 13:17 . 2010-07-25 13:17 -------- d-sh--w- c:\documents and settings\Default User\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-06 10:25 . 2008-10-16 18:59 -------- d-----w- c:\program files\Translat
2010-08-06 10:20 . 2010-08-06 10:19 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-05 22:52 . 2004-08-18 12:00 78052 ----a-w- c:\windows\system32\perfc005.dat
2010-08-05 22:52 . 2004-08-18 12:00 429024 ----a-w- c:\windows\system32\perfh005.dat
2010-08-05 22:40 . 2008-10-15 16:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-05 22:40 . 2008-10-15 17:00 -------- d-----w- c:\program files\Creative
2010-08-05 21:24 . 2008-10-15 16:26 22916 ----a-w- c:\windows\system32\emptyregdb.dat
2010-08-05 17:26 . 2009-03-10 13:58 -------- d-----w- c:\program files\ICQ6.5
2010-08-05 17:25 . 2008-10-29 15:46 -------- d-----w- c:\program files\Spyware Doctor
2010-08-05 13:59 . 2010-01-01 00:12 -------- d-----w- c:\program files\Replay Media Catcher
2010-08-05 12:20 . 2010-06-30 20:31 72 ---ha-w- c:\windows\popcreg.dat
2010-08-05 12:20 . 2010-06-30 20:31 24 ----a-w- c:\windows\popcinfot.dat
2010-07-25 13:20 . 2009-12-11 14:05 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-14 09:25 . 2008-10-15 18:06 -------- d-----w- c:\program files\Banka
2010-06-27 10:09 . 2009-02-07 23:33 -------- d-----w- c:\program files\Rapidshare
2010-06-22 11:12 . 2009-02-08 13:26 -------- d-----w- c:\program files\Share Rapid Uploader
2010-06-17 22:20 . 2010-06-17 22:20 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-17 16:44 . 2009-08-01 10:48 -------- d-----w- c:\program files\Opera
2010-06-16 10:04 . 2010-06-16 10:04 -------- d-----w- c:\program files\ESET
2010-06-14 14:30 . 2010-07-25 13:20 743936 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-13 18:24 . 2010-06-13 18:22 -------- d-----w- c:\program files\Sony
2010-06-13 18:15 . 2010-01-01 00:18 156672 ----a-w- c:\windows\system32\rmc_fixasf.exe
2010-06-13 18:15 . 2010-01-01 00:18 237568 ----a-w- c:\windows\system32\rmc_rtspdl.dll
2010-06-13 18:15 . 2010-01-01 00:13 323584 ----a-w- c:\windows\system32\AUDIOGENIE2.DLL
2010-06-08 21:43 . 2008-10-16 10:58 -------- d-----w- c:\program files\DreamCom
2006-06-15 18:33 . 2009-08-03 21:02 233472 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2006-05-25 16:43 . 2009-08-03 21:02 204895 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2005-09-29 12:41 . 2009-08-03 21:02 77824 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2006-06-19 11:10 . 2009-08-03 21:02 426081 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2005-02-02 10:19 . 2009-08-03 21:01 458752 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2006-04-10 16:35 . 2009-08-03 21:02 139264 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2005-11-09 09:10 . 2009-08-03 21:01 204800 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 09:42 . 2009-08-03 21:01 106496 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2006-01-04 09:22 . 2009-08-03 21:01 212992 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2006-01-04 09:21 . 2009-08-03 21:01 167936 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2009-08-03 21:02 . 2009-08-03 21:02 81 --sha-r- c:\windows\CT4CET.bin
2008-11-30 20:04 . 2008-11-30 20:04 23 -csha-w- c:\windows\system32\fdcebf2_z.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Namedate"="c:\program files\Nezmeskej\nezmeskej.exe" [2007-05-01 923136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-04-07 2145000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-18 44544]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\progra~1\DVDREG~1\DVDShell.dll" [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Milan^Nabídka Start^Programy^Po spuštění^siszyd32.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-06 22:46 57344 ----a-w- c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-18 12:00 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2008-03-17 16:06 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
2008-03-10 16:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2004-08-18 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2010-04-07 19:07 2145000 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-08-05 18:06 136176 ----atw- c:\documents and settings\Milan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2010-01-18 13:14 1286608 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Namedate]
2007-05-01 10:00 923136 ----a-w- c:\program files\Nezmeskej\nezmeskej.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-12-05 12:06 2254120 ----a-w- c:\program files\Nero\Nero BackItUp 4\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
2007-09-07 13:44 3100672 ----a-w- c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 -c--a-r- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
2005-05-03 11:38 64512 ----a-r- c:\windows\system32\P17.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2008-12-03 11:47 1205760 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-15 17:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-09-03 07:52 16841216 ------r- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2005-09-05 14:55 339968 ----a-w- c:\windows\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2004-04-23 13:28 77824 ----a-w- c:\program files\Logitech\Profiler\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-07-08 00:00 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2005-12-20 13:39 94208 ----a-w- c:\windows\tsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\update_vp]
2008-10-22 18:57 28672 ----a-w- c:\program files\Vyčistit Počítač\UUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\update_vs]
2008-06-24 13:21 28672 ----a-w- c:\program files\Vyčistit Soubory\UUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2005-03-02 12:21 278528 ----a-w- c:\program files\WinFast\WFTVFM\WFWIZ.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"CTSysVol"=c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"PAC7302_Monitor"=c:\windows\PixArt\PAC7302\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\BitSpirit\\BitSpirit.exe"=
"c:\\Program Files\\SecondLife\\SLVoice.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Documents and Settings\\Milan\\Data aplikací\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22467:TCP"= 22467:TCP:spport
"5940:TCP"= 5940:TCP:spport
"16388:TCP"= 16388:TCP:spport
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [10.5.2009 14:40 207280]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [7.4.2010 21:07 114984]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [7.4.2010 21:08 95872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.4.2010 21:07 810120]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27.12.2007 15:39 51816]
S2 gupdate1c9ec57704d342c;Google Update Service (gupdate1c9ec57704d342c);c:\program files\Google\Update\GoogleUpdate.exe [13.6.2009 20:47 133104]
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;c:\windows\system32\drivers\wf88vcap.sys [12.11.2008 16:30 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;c:\windows\system32\drivers\WF88XBAR.sys [12.11.2008 16:31 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;c:\windows\system32\drivers\wf88tune.sys [12.11.2008 16:31 34789]
S2 XJfiyjxqe;XJfiyjxqe;c:\windows\System32\svchost.exe -k netsvcs [18.8.2004 14:00 14336]
S3 ATE_PROCMON;ATE_PROCMON; [x]
S3 ICDUSB2;Sony IC Recorder (P);c:\windows\system32\drivers\IcdUsb2.sys [13.6.2010 20:23 39048]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [6.8.2010 11:46 27064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [29.10.2008 17:46 365280]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.4.2009 13:38 721904]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 09:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-08-06 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-03-18 18:44]

2010-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 18:47]

2010-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 18:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = https://register.scansoft.com/form-eng. ... H08-001002
IE: Download Using &BitSpirit - c:\program files\BitSpirit\bsurl.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\Translat\WEBIE.DLL
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/stati ... b?3,14,8,0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
MSConfigStartUp-PAC7302_Monitor - c:\windows\PixArt\PAC7302\Monitor.exe
MSConfigStartUp-TrojanScanner - c:\program files\Trojan Remover\Trjscan.exe
MSConfigStartUp-UpdReg - c:\windows\UpdReg.EXE



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="123304BFE11B718AC5314EFE1D9EFB17CC74CBA855FDC77BD432BF4B586C608D5AF104064F60240B319089FC6215A55651482FDABAA5EF40F855E564BEB091E09C9F27193790F505A57B35E7AE2194A5057BB36E2B166CF3954589523E625376C60D179A512B8B2CA40738295A54BA509F011DB849131A9CB6F9EAF3DA138E2B5ED030142832FDD948892D9215417CC8EF92637307DE4C657FA87E0C6C5A258378C5856E162DD7873CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667C038D530D6EB3452A2D97226D213B555D6018C4AC2071571CCA65C9150990C61D21E443ACEDE670D778A66C39378691A02FB643C08CCE5125BA9C29F2B9CE5618E75DAF912F3692CD7BA5AE47FE4AC6843FA5A4C8A9204D659CC0187568E49BB6021AFC557095173A7D94AC12A467CCF6AAB0A4A77F0CACEB8D7D920F03588947AA75018D12C8DBC7C49AD187518817F8EEF6FDB82F2B71D30C974911EC81DA255C32C3F3364AD752D21DA7C454E043807D86EF9DF976FF93AD2DC5B83F222B32C65185FB2A9672057AD125703CEF2D17232CDF0495138AE14D982CDCC56D7287C2DCCED8DE992CFDAED73631BF1DFB5B07737617D877E1DC077B7102806A0730A73E5B50305AC2F5A9403B17D8780E2E7D738413D94CDB5857A359AC78A869E5D4064D655D0D77BBF0BACA420D0AE6B02B94557CCC85B016D62953C62DEB4C5C0D32CC14D955606B56ABC74F98468742A34334278E57D1BC666D99533737A9842A18740B71192B3AD85E4AD094CCF3AD1953DF18CA330B2A2EFE29DF82CCD5B36CE9F6A6274997DDA5CB9AF4E45AA8930DC81AA5BAD908AD61CF99D75E1436733B508B021E39CF036A835ACCC8162C43BBE02073922E17A00BB4933EFDF192815E4B255CC79EE307A55B4AE8D098662B3A3A57100938CEDF85561D0B3E62E9E7B9EF96EBFC10C6FA98279901F54C66D98A9362C8F8A9AE36721343C8DA9875DC7DA19685A3D0FF8080229820FD0F9032E1FE24C4780B9EE2F8E1B8D5251CB0EA244AF008062B7289BDC4D0875621B56008ABEB90D65BE38F93F5034D67A476DF53744C919986D70324FD3F867DDC5ADD9A23E314B9C9FF8B706737177B2EACAF1C73EAB903D38D55B470C80058D3E62CCD4BCC4EE7C77811AEE87DB1180C90B0A3C69E0D5A1C4726BE8AC9EECAF6864AEC279576B4F04B416B6745B085B9AA6748FF678DC8BE3737A8A50A7437550B3183E15A2B355A98A664F05AF412EBB28AB6F7B531EB28A99E43A7243328522E766529733C2416F8E0B5C6969A8D9ABB170BE6EA914C5D1B9CAB4F56DE57AB02B3A3BE9EA173A7F5EC2BA34EE2CB20EF6C593AC073E64763E10701FF48E6071BCF9675C7CB1DBA9"
.
Celkový čas: 2010-08-06 16:01:39
ComboFix-quarantined-files.txt 2010-08-06 14:01
ComboFix2.txt 2010-08-05 18:36

Před spuštěním: Volných bajtů: 114 024 824 832
Po spuštění: Volných bajtů: 113 981 222 912

- - End Of File - - 3A0ECCD92ECE650F22C4AEF878FA9D8C