prosim o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 15 úno 2010 13:50

Chybí Ti tam soubor -ovladač c:\windows\system32\drivers\Ambfilt.sys , tak že smažu i zbytečnou službu:
Přeinstaluj si znovu-jedná se o Ambient filter audio driver system driver

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\SetupNodTrialReset.reg

Driver::
Ambfilt

DEQUARANTINE::
C:\Qoobox\Quarantine\c\windows\iun6002.exe.vir

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 15 úno 2010 15:22

Postup 2 jsem už udělal..Jakmile jsem uchopil ten soubor CFScript.txt a překryl ho nad červenou ikonkou ComboFix.exe a upustil ,tak se spustil program ComboFix.exe a dotazoval se ,co chci se souborem udělat "Spustit" nebo "Storno"(viz ss)

Obrázek


EDIT 2
PARDON OMYL TED JSEM SI UVEDOMIL ,ŽE SE JEDNÁ O DALŠÍ POSTUP..MOC SE OMLOUVAM
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 15 úno 2010 15:24

Dej spustit ( máš Combofix na ploše?).
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 15 úno 2010 21:12

Poslední dobou ,jak provádím činosti pŕes HJT a další čističky počítače ..tak mi často zamrzává PC. Zničeho nic když třeba kliknu na ikonku prohlížeče tak se to sekne a nejde pohnout ani myší.Nevíš náhodou Čím to může být způsobeno?
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 15 úno 2010 21:22

Kde máš ten log z CF?

Zkontroluj HDD na chyby a otestuj RAM.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 15 úno 2010 22:15

Nemám ho ještě...dělá mi teď starosti BSOD ..nejdřiv se mi podle Debugging Tools restartuje pc kvůli win32k.sys a pak jeste kvuli ntkrnlmp.exe..už bych to měl ,..kdyby nevyskočila BSOD nakonci skenování přes Combofix

EDIT 2 - Opět jsem to zkusil a vyskočila BSOD..příčina : Win32k.sys

Tady je vypis z Debugging Tools :

STACK_COMMAND: kb

FOLLOWUP_IP:
win32k!NtGdiModifyWorldTransform+225
bf8176d8 8b10 mov edx,dword ptr [eax]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: win32k!NtGdiModifyWorldTransform+225

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: win32k.sys

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------
Rád bych chtěl dosáhnout co nejčistčího počítače od všech virů co spomalují PC ..ale myslím ,že bych měl předtím vyřešít BSOD a zamrzávání PC tohle se předtím nestávalo!!(BSOD nebylo nikdy tak časté jako ted)
Při poslední kontrole přes Combofix došlo k BSOD a příčina ntkrnlmp.exe ..má to být něco ve složce C/WINDOWS ..Nemohlo to být způsobeno něco ,co jsi mi řekl ,abych smazal přes ten Combofix ? Nejsou tyto zásahy příliš riskantní ? Riskuji svůj počítač ,protože ti věřím.

Hezký večer
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 16 úno 2010 15:07

Už se mi to podařilo zde je LOG Z COMBOFIXU!

-------\Service_Ambfilt


((((((((((((((((((((((((( Soubory vytvořené od 2010-01-16 do 2010-02-16 )))))))))))))))))))))))))))))))
.

2010-02-16 07:03 . 2010-02-16 07:03 0 ----a-w- c:\windows\nsreg.dat
2010-02-16 07:02 . 2010-02-16 12:40 -------- d-----w- c:\documents and settings\Administrator
2010-02-15 20:46 . 2010-02-16 13:57 737280 ----a-w- c:\windows\iun6002.exe
2010-02-15 19:34 . 2010-02-16 11:36 -------- d-----w- c:\program files\Crawler
2010-02-15 16:34 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-02-15 16:34 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-02-15 16:34 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-02-15 16:34 . 2010-02-15 16:34 -------- d-----w- c:\program files\Avira
2010-02-14 18:55 . 2010-02-15 09:22 -------- d-----w- c:\program files\WinClamAVShield
2010-02-14 18:52 . 2010-02-14 18:52 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-14 18:52 . 2010-02-15 11:19 -------- d-----w- c:\program files\Spyware Terminator
2010-02-14 18:41 . 2010-02-15 19:33 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-02-14 16:09 . 2010-02-15 16:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-14 15:06 . 2010-02-14 15:06 -------- d-----w- c:\program files\TrendMicro
2010-02-14 09:03 . 2010-02-14 09:03 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-14 08:00 . 2009-10-23 17:53 41984 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-02-14 07:27 . 2010-02-14 07:27 -------- d-----w- c:\program files\VIA
2010-02-13 17:30 . 2010-02-15 19:31 -------- d-----w- c:\program files\Yahoo!
2010-02-12 21:53 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-02-12 16:23 . 2010-02-12 21:15 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-02-12 16:23 . 2010-02-12 21:15 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-02-12 14:33 . 2010-02-14 20:47 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-02-12 13:43 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-02-12 13:38 . 2007-07-03 15:58 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2010-02-12 13:38 . 2007-07-03 15:57 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2010-02-12 13:38 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2010-02-12 13:38 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2010-02-12 13:38 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2010-02-12 13:38 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2010-02-12 13:38 . 2007-07-03 15:54 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2010-02-12 13:38 . 2010-02-12 13:38 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-02-12 13:38 . 2010-02-12 13:38 -------- d-----w- c:\program files\Samsung
2010-02-12 13:33 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-12 13:33 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-02-12 13:31 . 2010-02-12 13:31 -------- d-----w- c:\program files\Microsoft Works
2010-02-12 13:31 . 2010-02-12 13:31 -------- d-----w- c:\program files\MSBuild
2010-02-12 13:26 . 2010-02-12 13:30 -------- d-----w- c:\windows\SHELLNEW
2010-02-12 13:26 . 2010-02-12 13:26 -------- d-----r- C:\MSOCache
2010-02-12 04:39 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-02-11 19:56 . 2010-02-12 21:10 -------- d-----w- c:\program files\Common Files\BinarySense
2010-02-11 17:49 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-11 17:49 . 2004-08-17 14:49 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-11 17:49 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-11 17:49 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-11 17:47 . 2010-02-15 22:06 -------- d-----w- c:\program files\Valve
2010-02-11 16:04 . 2010-02-15 21:29 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-02-11 15:47 . 2010-02-11 15:47 -------- d-----w- c:\program files\MediaCoder
2010-02-11 15:45 . 2010-02-11 15:46 -------- d-----w- c:\program files\QuickTime
2010-02-11 15:45 . 2010-02-11 15:45 -------- d-----w- c:\program files\Common Files\Apple
2010-02-11 15:45 . 2010-02-11 15:45 -------- d-----w- c:\program files\Apple Software Update
2010-02-11 15:32 . 2010-02-11 15:57 -------- d-----w- c:\program files\Common Files\Real
2010-02-10 22:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-02-10 18:53 . 2010-02-10 18:53 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-02-10 18:47 . 2010-02-10 18:48 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-10 06:05 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-02-10 06:01 . 2010-02-10 06:01 -------- d-s---w- c:\documents and settings\Butterfly\UserData
2010-02-09 22:06 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-02-09 22:05 . 2004-08-17 15:43 58240 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-02-09 22:05 . 2004-08-03 22:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2010-02-09 22:04 . 2004-08-17 15:44 52352 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-02-09 22:04 . 2004-08-03 23:07 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2010-02-09 22:03 . 2001-08-17 20:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-02-09 22:03 . 2004-08-17 15:49 75264 ----a-w- c:\windows\system32\usbui.dll
2010-02-09 22:02 . 2010-02-16 11:27 -------- d-sh--w- c:\windows\Installer
2010-02-09 22:02 . 2001-10-25 14:00 61440 -c--a-w- c:\windows\system32\dllcache\spcplui.dll
2010-02-09 22:02 . 2001-10-25 14:00 77824 -c--a-w- c:\windows\system32\dllcache\spcommon.dll
2010-02-09 22:02 . 2001-10-25 14:00 774144 -c--a-w- c:\windows\system32\dllcache\spttseng.dll
2010-02-09 22:02 . 2001-10-25 14:00 36864 -c--a-w- c:\windows\system32\dllcache\sapisvr.exe
2010-02-09 22:02 . 2004-08-17 13:49 741376 -c--a-w- c:\windows\system32\dllcache\sapi.dll
2010-02-09 22:02 . 2010-02-15 19:34 -------- d-----r- C:\Program Files
2010-02-09 22:02 . 2001-10-25 14:00 19456 -c--a-w- c:\windows\system32\dllcache\agt041f.dll
2010-02-09 22:00 . 2010-02-16 14:03 -------- d-----w- c:\windows\system32\CatRoot2
2010-02-09 22:00 . 2010-02-15 21:25 -------- d-----w- c:\windows\system32\CatRoot
2010-02-09 22:00 . 2010-02-15 19:31 -------- d--h--r- c:\documents and settings\All Users\Data aplikací
2010-02-09 22:00 . 2010-02-09 22:01 -------- d--h--r- c:\documents and settings\Default User\Data aplikací
2010-02-09 22:00 . 2010-02-16 07:02 -------- d-----w- C:\Documents and Settings
2010-02-09 22:00 . 2010-02-14 18:33 -------- d--h--w- c:\documents and settings\Default User
2010-02-09 22:00 . 2010-02-09 21:15 -------- d-----w- c:\documents and settings\All Users

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-15 16:35 . 2001-10-25 14:00 61056 ----a-w- c:\windows\system32\perfc005.dat
2010-02-15 16:35 . 2001-10-25 14:00 337152 ----a-w- c:\windows\system32\perfh005.dat
2010-02-14 08:00 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-14 07:27 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-12 21:17 . 2010-02-12 16:23 -------- d-----w- c:\program files\CyberLink
2010-02-12 21:17 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-02-12 21:15 . 2010-02-12 21:17 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-02-12 21:14 . 2010-02-12 21:14 -------- d-----w- c:\program files\AviSynth 2.5
2010-02-12 21:14 . 2010-02-12 21:14 -------- d-----w- c:\program files\eRightSoft
2010-02-12 21:12 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-02-10 18:07 . 2010-02-09 21:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-10 18:07 . 2010-02-09 21:16 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-10 18:06 . 2010-02-09 21:16 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-09 21:17 . 2010-02-09 21:17 -------- d-----w- c:\program files\microsoft frontpage
2010-02-09 21:12 . 2010-02-09 21:12 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-12 04:03 . 2010-02-10 18:46 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-12 04:03 . 2010-02-10 18:46 10276768 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-01-12 04:03 . 2010-02-10 18:46 4104192 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-12 04:03 . 2010-02-10 18:46 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-12 04:03 . 2010-02-10 18:46 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-12 04:03 . 2010-02-10 18:46 182888 ----a-w- c:\windows\system32\nvcodins.dll
2010-01-12 04:03 . 2010-02-10 18:46 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-12 04:03 . 2010-02-10 18:46 14458880 ----a-w- c:\windows\system32\nvoglnt.dll
2010-01-12 04:03 . 2010-02-10 18:46 11632640 ----a-w- c:\windows\system32\nvcompiler.dll
2010-01-12 04:03 . 2010-02-10 18:46 6359168 ----a-w- c:\windows\system32\nv4_disp.dll
2010-01-12 04:03 . 2010-02-10 18:46 2283526 ----a-w- c:\windows\system32\nvdata.bin
2006-05-03 09:06 . 2010-02-12 21:14 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2010-02-12 21:14 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2010-02-12 21:14 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-02-14_18.31.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-11 18:41 . 2009-07-11 18:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2001-10-25 14:00 . 2010-02-15 16:35 52104 c:\windows\system32\perfc009.dat
+ 2010-02-15 16:34 . 2009-05-11 08:12 28520 c:\windows\system32\drivers\ssmdrv.sys
+ 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2001-10-25 14:00 . 2010-02-15 16:35 339820 c:\windows\system32\perfh009.dat
+ 2010-02-14 18:39 . 2010-02-14 18:39 228352 c:\windows\Installer\1a4cde.msi
+ 2010-02-14 21:45 . 2010-02-14 21:45 424960 c:\windows\Installer\1889e1.msi
+ 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-02-15 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-15 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Valve\\cstrike.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [9.2.2010 22:30 13696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.2.2010 19:52 142592]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/12 22:17];c:\program files\CyberLink\PowerDVD9\000.fcl [28.2.2009 19:40 87536]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [15.2.2010 17:34 108289]
S2 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\Common Files\BinarySense\hldasvc.exe [19.8.2009 19:04 822936]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [10.2.2010 19:53 23456]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\Common Files\BinarySense\hlAPP.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\r22ydh4a.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60076&qkw=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-16 15:03
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3904)
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-02-16 15:05:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-16 14:04
ComboFix2.txt 2010-02-15 11:39
ComboFix3.txt 2010-02-14 18:33
C:\DeQuarantine.txt

Před spuštěním: Volných bajtů: 94 530 433 024
Po spuštění: Volných bajtů: 94 443 290 624

- - End Of File - - 27C26A949AC98938ED894D324714C61E
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod jaro3 » 16 úno 2010 16:03

Odinstaluj:
Crawler Toolbar


Ještě jeden script v CF:

Kód: Vybrat vše

File::
c:\windows\nsreg.dat
DDS::
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
Firefox::
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\r22ydh4a.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60076&qkw=


Postup stejný , potom logy z CF a HJT.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 18 úno 2010 21:37

Poslední dobou jsem moc neměl čas ,proto to dávám až dnes ;) Jinak děkuji za tvůj věnovaný čas.

Nevešlo se to do jednoho příspěvku tak to dávám do 2 ;)

LOG Z COMBOFIX - ČÁST PRVNÍ

ComboFix 10-02-18.03 - Butterfly 18.02.2010 21:24:06.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.697 [GMT 1:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}

FILE ::
"c:\windows\nsreg.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\SHELLLNK.TLB
.
---- Předchozí spuštění -------
.
c:\windows\nsreg.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 16:38 . 2010-02-18 16:38 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-18 14:35 . 2010-02-01 15:14 1247776 ----a-w- c:\windows\RtlExUpd.dll
2010-02-17 19:27 . 2006-02-23 10:39 11264 ----a-r- c:\windows\system32\drivers\xfilt.sys
2010-02-17 19:27 . 2006-02-23 10:38 9728 ----a-r- c:\windows\system32\drivers\videX32.sys
2010-02-17 19:26 . 2004-08-17 14:43 68736 ----a-w- c:\windows\system32\drivers\pci.sys
2010-02-17 19:26 . 2001-10-24 10:44 35840 ----a-w- c:\windows\system32\drivers\isapnp.sys
2010-02-17 19:25 . 2010-02-17 19:25 -------- d-----w- c:\program files\Tseries BIOS Update
2010-02-17 19:01 . 2010-02-17 19:14 -------- d-----w- c:\program files\Carambis
2010-02-17 18:52 . 2003-07-17 15:10 7040 ----a-w- c:\windows\system32\ntsim.sys
2010-02-17 18:52 . 2004-01-09 14:23 42496 ----a-w- c:\windows\system32\drivers\fetnd5b.sys
2010-02-17 18:37 . 2010-02-17 18:37 65109 ----a-w- c:\windows\BricoPackUninst.cmd
2010-02-17 18:31 . 2010-02-17 18:37 6120 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-02-17 18:30 . 2010-02-17 18:30 -------- d-----w- c:\windows\BricoPacks
2010-02-17 14:51 . 2007-08-16 09:09 3604 ----a-w- c:\windows\system32\drivers\BS_Flash.sys
2010-02-17 14:51 . 2008-06-16 08:02 17024 ----a-w- c:\windows\system32\drivers\BS_I2cIo.sys
2010-02-17 13:43 . 2010-02-18 20:12 -------- d-----w- c:\program files\Steam
2010-02-17 13:28 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-02-17 13:28 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-02-17 13:28 . 2010-02-17 13:28 -------- d-----w- c:\program files\Sunbelt Software
2010-02-17 13:02 . 2010-02-17 13:02 -------- d-----w- c:\program files\Ashampoo
2010-02-16 21:53 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-16 21:53 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-16 21:53 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-16 21:53 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-16 21:53 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-16 21:53 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-16 21:53 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-16 21:52 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-16 21:52 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-16 21:52 . 2010-02-16 21:52 -------- d-----w- c:\program files\Alwil Software
2010-02-16 20:52 . 2010-02-16 20:52 -------- d-----w- c:\program files\NVIDIA Corporation
2010-02-16 20:34 . 2010-02-16 21:04 -------- d-----w- c:\program files\7-Zip
2010-02-16 20:30 . 2010-02-16 20:30 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-15 20:46 . 2010-02-16 13:57 737280 ----a-w- c:\windows\iun6002.exe
2010-02-14 18:41 . 2010-02-15 19:33 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-02-14 16:09 . 2010-02-15 16:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-14 15:06 . 2010-02-14 15:06 -------- d-----w- c:\program files\TrendMicro
2010-02-14 09:03 . 2010-02-14 09:03 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-14 08:00 . 2009-12-08 10:29 48672 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-02-14 07:27 . 2010-02-14 07:27 -------- d-----w- c:\program files\VIA
2010-02-13 17:30 . 2010-02-15 19:31 -------- d-----w- c:\program files\Yahoo!
2010-02-12 21:53 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-02-12 16:23 . 2010-02-12 21:15 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-02-12 16:23 . 2010-02-12 21:15 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-02-12 14:33 . 2010-02-14 20:47 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-02-12 13:43 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-02-12 13:38 . 2007-07-03 15:58 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2010-02-12 13:38 . 2007-07-03 15:57 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2010-02-12 13:38 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2010-02-12 13:38 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2010-02-12 13:38 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2010-02-12 13:38 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2010-02-12 13:38 . 2007-07-03 15:54 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2010-02-12 13:38 . 2010-02-12 13:38 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2010-02-12 13:38 . 2010-02-12 13:38 -------- d-----w- c:\program files\Samsung
2010-02-12 13:33 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-12 13:33 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-02-12 13:31 . 2010-02-12 13:31 -------- d-----w- c:\program files\Microsoft Works
2010-02-12 13:31 . 2010-02-12 13:31 -------- d-----w- c:\program files\MSBuild
2010-02-12 13:26 . 2010-02-12 13:30 -------- d-----w- c:\windows\SHELLNEW
2010-02-12 13:26 . 2010-02-12 13:26 -------- d-----r- C:\MSOCache
2010-02-12 04:39 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-02-11 19:56 . 2010-02-12 21:10 -------- d-----w- c:\program files\Common Files\BinarySense
2010-02-11 17:49 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-11 17:49 . 2004-08-17 14:49 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-11 17:49 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-11 17:49 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-11 16:04 . 2010-02-16 20:55 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-02-11 15:47 . 2010-02-11 15:47 -------- d-----w- c:\program files\MediaCoder
2010-02-11 15:45 . 2010-02-11 15:46 -------- d-----w- c:\program files\QuickTime
2010-02-11 15:45 . 2010-02-11 15:45 -------- d-----w- c:\program files\Common Files\Apple
2010-02-11 15:45 . 2010-02-11 15:45 -------- d-----w- c:\program files\Apple Software Update
2010-02-11 15:32 . 2010-02-11 15:57 -------- d-----w- c:\program files\Common Files\Real
2010-02-10 22:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-02-10 18:53 . 2010-02-10 18:53 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-02-10 06:05 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-02-10 06:01 . 2010-02-10 06:01 -------- d-s---w- c:\documents and settings\Butterfly\UserData
2010-02-09 22:06 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-02-09 22:05 . 2004-08-17 15:43 58240 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-02-09 22:05 . 2004-08-03 22:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2010-02-09 22:04 . 2004-08-17 15:44 52352 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2010-02-09 22:04 . 2004-08-03 23:07 44672 ----a-w- c:\windows\system32\drivers\UAGP35.SYS
2010-02-09 22:03 . 2001-08-17 20:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-02-09 22:03 . 2004-08-17 15:49 75264 ----a-w- c:\windows\system32\usbui.dll
2010-02-09 22:02 . 2010-02-18 16:44 -------- d-sh--w- c:\windows\Installer
2010-02-09 22:02 . 2001-10-25 14:00 61440 -c--a-w- c:\windows\system32\dllcache\spcplui.dll
2010-02-09 22:02 . 2001-10-25 14:00 77824 -c--a-w- c:\windows\system32\dllcache\spcommon.dll
2010-02-09 22:02 . 2001-10-25 14:00 774144 -c--a-w- c:\windows\system32\dllcache\spttseng.dll
2010-02-09 22:02 . 2001-10-25 14:00 36864 -c--a-w- c:\windows\system32\dllcache\sapisvr.exe
2010-02-09 22:02 . 2004-08-17 13:49 741376 -c--a-w- c:\windows\system32\dllcache\sapi.dll
2010-02-09 22:02 . 2010-02-18 20:09 -------- d-----r- C:\Program Files
2010-02-09 22:02 . 2001-10-25 14:00 19456 -c--a-w- c:\windows\system32\dllcache\agt041f.dll
2010-02-09 22:00 . 2010-02-18 20:23 -------- d-----w- c:\windows\system32\CatRoot2
2010-02-09 22:00 . 2010-02-18 20:09 -------- d-----w- c:\windows\system32\CatRoot
2010-02-09 22:00 . 2010-02-17 19:01 -------- d--h--r- c:\documents and settings\All Users\Data aplikací
2010-02-09 22:00 . 2010-02-09 22:01 -------- d--h--r- c:\documents and settings\Default User\Data aplikací
2010-02-09 22:00 . 2010-02-16 07:02 -------- d-----w- C:\Documents and Settings
2010-02-09 22:00 . 2010-02-14 18:33 -------- d--h--w- c:\documents and settings\Default User
2010-02-09 22:00 . 2010-02-09 21:15 -------- d-----w- c:\documents and settings\All Users

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 20:09 . 2010-02-18 20:09 -------- d-----w- c:\program files\Realtek
2010-02-18 14:35 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-17 18:37 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-02-17 14:50 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-15 16:35 . 2001-10-25 14:00 61056 ----a-w- c:\windows\system32\perfc005.dat
2010-02-15 16:35 . 2001-10-25 14:00 337152 ----a-w- c:\windows\system32\perfh005.dat
2010-02-12 21:17 . 2010-02-12 16:23 -------- d-----w- c:\program files\CyberLink
2010-02-12 21:17 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-02-12 21:15 . 2010-02-12 21:17 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-02-12 21:14 . 2010-02-12 21:14 -------- d-----w- c:\program files\AviSynth 2.5
2010-02-12 21:14 . 2010-02-12 21:14 -------- d-----w- c:\program files\eRightSoft
2010-02-12 21:12 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-02-10 18:07 . 2010-02-09 21:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-10 18:07 . 2010-02-09 21:16 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-10 18:06 . 2010-02-09 21:16 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-09 21:17 . 2010-02-09 21:17 -------- d-----w- c:\program files\microsoft frontpage
2010-02-09 21:12 . 2010-02-09 21:12 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-12 04:03 . 2010-02-10 18:46 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-12 04:03 . 2010-02-10 18:46 10276768 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-01-12 04:03 . 2010-02-10 18:46 4104192 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-12 04:03 . 2010-02-10 18:46 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-12 04:03 . 2010-02-10 18:46 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-12 04:03 . 2010-02-10 18:46 182888 ----a-w- c:\windows\system32\nvcodins.dll
2010-01-12 04:03 . 2010-02-10 18:46 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-12 04:03 . 2010-02-10 18:46 14458880 ----a-w- c:\windows\system32\nvoglnt.dll
2010-01-12 04:03 . 2010-02-10 18:46 11632640 ----a-w- c:\windows\system32\nvcompiler.dll
2010-01-12 04:03 . 2010-02-10 18:46 1081344 ----a-w- c:\windows\system32\nvapi.dll
2010-01-12 04:03 . 2010-02-10 18:46 6359168 ----a-w- c:\windows\system32\nv4_disp.dll
2010-01-12 04:03 . 2010-02-10 18:46 2283526 ----a-w- c:\windows\system32\nvdata.bin
2009-12-08 10:29 . 2010-02-18 20:09 84512 ----a-w- c:\windows\SOUNDMAN.EXE
2009-12-08 10:29 . 2010-02-18 20:09 358944 ----a-w- c:\windows\vncutil.exe
2009-12-08 10:29 . 2010-02-18 20:09 1833504 ----a-w- c:\windows\SkyTel.exe
2009-12-08 10:29 . 2010-02-18 20:09 1489440 ----a-w- c:\windows\RtlUpd.exe
2009-12-08 10:29 . 2010-02-18 20:09 9721888 ----a-w- c:\windows\RTLCPL.EXE
2009-12-08 10:29 . 2010-02-18 20:09 129568 ----a-w- c:\windows\RtkAudioService.exe
2009-12-08 10:29 . 2010-02-18 20:09 18789920 ----a-w- c:\windows\RTHDCPL.EXE
2009-12-08 10:29 . 2010-02-18 20:09 2177568 ----a-w- c:\windows\MicCal.exe
2009-12-08 10:29 . 2010-02-18 20:09 2815520 ----a-w- c:\windows\ALCWZRD.EXE
2009-12-08 10:29 . 2010-02-18 20:09 64032 ----a-w- c:\windows\ALCMTR.EXE
2009-12-08 10:03 . 2010-02-18 20:09 6017568 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2006-05-03 09:06 . 2010-02-12 21:14 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 . 2010-02-12 21:14 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 . 2010-02-12 21:14 216064 --sh--r- c:\windows\system32\nbDX.dll
.
Naposledy upravil(a) martin.efres dne 18 úno 2010 21:43, celkem upraveno 2 x.
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 18 úno 2010 21:37

LOG Z COMBOFIX - ČÁST DRUHÁ

------- Sigcheck -------

[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\ERDNT\cache\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe

[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2004-08-17 . 292A052A6AE36CC512419DDCE6A9DD2F . 3444224 . . [6.00.2900.2180] . . c:\windows\system32\mshtml.dll
[-] 2004-08-17 . 292A052A6AE36CC512419DDCE6A9DD2F . 3444224 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\mshtml.dll

[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2004-08-17 . 321E734A0B91C43725463C509056B2AA . 691712 . . [6.00.2900.2180] . . c:\windows\system32\wininet.dll
[-] 2004-08-17 . 321E734A0B91C43725463C509056B2AA . 691712 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\wininet.dll

[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-02-14_18.31.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 01:19 . 2007-11-07 01:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 05:07 . 2008-07-29 05:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2009-07-12 00:07 . 2009-07-12 00:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-12 00:19 . 2009-07-12 00:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2009-07-11 18:41 . 2009-07-11 18:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 59392 c:\windows\system32\url.dll
+ 2010-02-17 19:51 . 2001-10-24 10:44 35840 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\isapnp.sys
+ 2010-02-17 18:52 . 2001-08-17 20:13 27165 c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\fetnd5.sys
+ 2010-02-17 19:30 . 2004-08-17 14:43 68736 c:\windows\system32\ReinstallBackups\0011\DriverFiles\i386\pci.sys
+ 2010-02-17 19:30 . 2009-05-05 08:59 22168 c:\windows\system32\ReinstallBackups\0009\DriverFiles\xfilt.sys
+ 2010-02-17 19:30 . 2009-05-05 08:58 13976 c:\windows\system32\ReinstallBackups\0009\DriverFiles\videX32.sys
+ 2010-02-17 19:30 . 2004-08-17 14:43 68736 c:\windows\system32\ReinstallBackups\0008\DriverFiles\i386\pci.sys
+ 2010-02-17 19:51 . 2004-08-17 14:43 68736 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\pci.sys
+ 2001-10-25 14:00 . 2010-02-15 16:35 52104 c:\windows\system32\perfc009.dat
+ 2004-08-17 13:49 . 2004-08-17 13:49 56320 c:\windows\system32\narrator.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 86016 c:\windows\system32\mydocs.dll
+ 2008-06-21 03:54 . 2008-06-21 03:54 66600 c:\windows\system32\drivers\sbhips.sys
+ 2004-08-17 13:49 . 2004-08-17 13:49 59392 c:\windows\system32\dllcache\url.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 56320 c:\windows\system32\dllcache\narrator.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 86016 c:\windows\system32\dllcache\mydocs.dll
+ 2001-10-25 14:00 . 2001-10-25 14:00 69632 c:\windows\system32\dllcache\console.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 82944 c:\windows\system32\dllcache\cabview.dll
+ 2001-10-25 14:00 . 2001-10-25 14:00 69632 c:\windows\system32\console.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 82944 c:\windows\system32\cabview.dll
+ 2010-02-17 13:28 . 2010-02-17 13:28 57344 c:\windows\Installer\{82B1150E-9B37-49FC-83EB-D52197D900D0}\NewShortcut4_C665E66BE8EF49DBB30B81BB5E60462C.exe
+ 2010-02-17 13:28 . 2010-02-17 13:28 18718 c:\windows\Installer\{82B1150E-9B37-49FC-83EB-D52197D900D0}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
+ 2010-02-17 13:28 . 2010-02-17 13:28 18718 c:\windows\Installer\{82B1150E-9B37-49FC-83EB-D52197D900D0}\ARPPRODUCTICON.exe
+ 2010-02-17 13:43 . 2010-02-17 13:43 27648 c:\windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C91.exe
+ 2006-05-21 07:43 . 2006-05-21 07:43 53248 c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
+ 2006-05-21 07:43 . 2006-05-21 07:43 35328 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\Uninst.exe
+ 2006-05-21 07:43 . 2006-05-21 07:43 65536 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
+ 2006-05-21 07:43 . 2006-05-21 07:43 57344 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iZoom\fx.dll
+ 2006-05-21 07:43 . 2006-05-21 07:43 53248 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\Plugins\iBounce\fx.dll
+ 2005-06-01 19:41 . 2005-06-01 19:41 65536 c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
+ 2006-05-21 07:49 . 2006-05-21 07:49 32610 c:\windows\BricoPacks\Vista Inspirat 2\Tools\refresh.exe
+ 2006-05-21 07:49 . 2006-05-21 07:49 11776 c:\windows\BricoPacks\Vista Inspirat 2\Tools\dialog.exe
+ 2007-03-18 22:04 . 2007-03-18 22:04 69632 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\Tools\Debug.exe
+ 2007-03-18 22:04 . 2007-03-18 22:04 69632 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
+ 2007-05-28 15:06 . 2007-05-28 15:06 15191 c:\windows\BricoPacks\Vista Inspirat 2\ResFiles\77_logonui.exe\UIFILE_1000.bin
+ 2010-02-17 18:31 . 2009-08-06 18:24 68832 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\73_wuauclt.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 59392 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\64_url.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 82944 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\6_cabview.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 28672 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\4_batmeter.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 56320 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\35_narrator.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 86016 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\34_mydocs.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 69632 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\11_console.dll
+ 2007-04-22 08:18 . 2007-04-22 08:18 98304 c:\windows\BricoPacks\Vista Inspirat 2\pack-it.exe
+ 2010-02-17 18:33 . 2010-02-17 18:33 33617 c:\windows\BricoPacks\Vista Inspirat 2\iColorFolder\uninstall.exe
+ 2001-10-18 21:51 . 2001-10-18 21:51 46592 c:\windows\BricoPacks\Vista Inspirat 2\iColorFolder\CMExt.dll
+ 2010-02-17 18:32 . 2004-08-17 13:49 60416 c:\windows\BricoPacks\SysFiles\80_msimn.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 64512 c:\windows\BricoPacks\SysFiles\8_cleanmgr.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 93184 c:\windows\BricoPacks\SysFiles\79_iexplore.exe
+ 2010-02-17 18:31 . 2009-08-06 18:24 53472 c:\windows\BricoPacks\SysFiles\73_wuauclt.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 37888 c:\windows\BricoPacks\SysFiles\64_url.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 84480 c:\windows\BricoPacks\SysFiles\6_cabview.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 96768 c:\windows\BricoPacks\SysFiles\44_occache.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 69632 c:\windows\BricoPacks\SysFiles\41_notepad.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 69632 c:\windows\BricoPacks\SysFiles\40_notepad.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 28672 c:\windows\BricoPacks\SysFiles\4_batmeter.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 54784 c:\windows\BricoPacks\SysFiles\35_narrator.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 90624 c:\windows\BricoPacks\SysFiles\34_mydocs.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 98304 c:\windows\BricoPacks\SysFiles\2_ahui.exe
+ 2010-02-17 18:31 . 2001-10-25 14:00 66560 c:\windows\BricoPacks\SysFiles\11_console.dll
+ 2006-05-21 07:43 . 2006-05-21 07:43 6144 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\Languages\LanguageID Finder.exe
+ 2007-01-01 15:24 . 2007-01-01 15:24 6144 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\Tools\LanguageID Finder.exe
+ 2008-07-29 07:05 . 2008-07-29 07:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 02:54 . 2008-07-29 02:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2009-07-12 00:12 . 2009-07-12 00:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-12 00:09 . 2009-07-12 00:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-12 00:08 . 2009-07-12 00:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 905728 c:\windows\system32\zipfldr.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 286720 c:\windows\system32\wuauclt1.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 292352 c:\windows\system32\winsrv.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 771072 c:\windows\system32\wiashext.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 885760 c:\windows\system32\wiaacmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 439808 c:\windows\system32\webcheck.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 537600 c:\windows\system32\usmt\migwiz.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 675328 c:\windows\system32\urlmon.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 388096 c:\windows\system32\themeui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 183808 c:\windows\system32\taskmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 182272 c:\windows\system32\sysocmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 147968 c:\windows\system32\stobject.dll
+ 2010-02-09 21:11 . 2001-10-25 14:00 152064 c:\windows\system32\sndvol32.exe
+ 2010-02-09 21:10 . 2004-08-17 13:49 180736 c:\windows\system32\sndrec32.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 498176 c:\windows\system32\shlwapi.dll
+ 2004-08-17 13:48 . 2004-08-17 13:48 673792 c:\windows\system32\shdoclc.dll
+ 2010-02-18 20:09 . 2009-12-08 10:29 137760 c:\windows\system32\RTCOM\RTLCPAPI.dll
+ 2010-02-18 20:09 . 2009-12-08 10:29 277024 c:\windows\system32\RTCOM\RTCOMDLL.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 742912 c:\windows\system32\printui.dll
+ 2001-10-25 14:00 . 2010-02-15 16:35 339820 c:\windows\system32\perfh009.dat
+ 2004-08-17 13:49 . 2004-08-17 13:49 147456 c:\windows\system32\occache.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 232448 c:\windows\system32\ntshrui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 155648 c:\windows\system32\notepad.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 413696 c:\windows\system32\newdev.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 146432 c:\windows\system32\netid.dll
+ 2010-02-09 21:10 . 2004-08-03 20:59 657408 c:\windows\system32\mstscax.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 322560 c:\windows\system32\mstask.dll
+ 2010-02-09 21:10 . 2004-08-17 13:49 440832 c:\windows\system32\mspaint.exe
+ 2004-08-17 13:48 . 2004-08-17 13:48 380416 c:\windows\system32\moricons.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 403968 c:\windows\system32\keymgr.dll
+ 2001-10-25 14:00 . 2001-10-25 14:00 285696 c:\windows\system32\inetcplc.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 159744 c:\windows\system32\hotplug.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 392704 c:\windows\system32\fontext.dll
+ 2010-02-09 22:00 . 2010-02-17 19:11 266208 c:\windows\system32\FNTCACHE.DAT
- 2010-02-09 22:00 . 2010-02-12 15:29 266208 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-17 13:49 . 2004-08-17 13:49 905728 c:\windows\system32\dllcache\zipfldr.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 286720 c:\windows\system32\dllcache\wuauclt1.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 292352 c:\windows\system32\dllcache\winsrv.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 771072 c:\windows\system32\dllcache\wiashext.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 885760 c:\windows\system32\dllcache\wiaacmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 439808 c:\windows\system32\dllcache\webcheck.dll
+ 2004-08-17 13:49 . 2010-02-17 18:37 219648 c:\windows\system32\dllcache\uxtheme.dll
- 2004-08-17 13:49 . 2004-08-17 13:49 219648 c:\windows\system32\dllcache\uxtheme.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 675328 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 388096 c:\windows\system32\dllcache\themeui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 183808 c:\windows\system32\dllcache\taskmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 182272 c:\windows\system32\dllcache\sysocmgr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 147968 c:\windows\system32\dllcache\stobject.dll
+ 2010-02-09 21:11 . 2001-10-25 14:00 152064 c:\windows\system32\dllcache\sndvol32.exe
+ 2010-02-09 21:10 . 2004-08-17 13:49 180736 c:\windows\system32\dllcache\sndrec32.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 498176 c:\windows\system32\dllcache\shlwapi.dll
+ 2004-08-17 13:48 . 2004-08-17 13:48 673792 c:\windows\system32\dllcache\shdoclc.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 225792 c:\windows\system32\dllcache\regedit.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 742912 c:\windows\system32\dllcache\printui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 147456 c:\windows\system32\dllcache\occache.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 232448 c:\windows\system32\dllcache\ntshrui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 155648 c:\windows\system32\dllcache\notepad.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 413696 c:\windows\system32\dllcache\newdev.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 146432 c:\windows\system32\dllcache\netid.dll
+ 2010-02-09 21:10 . 2004-08-03 20:59 657408 c:\windows\system32\dllcache\mstscax.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 322560 c:\windows\system32\dllcache\mstask.dll
+ 2010-02-09 21:10 . 2004-08-17 13:49 440832 c:\windows\system32\dllcache\mspaint.exe
+ 2010-02-09 21:13 . 2004-08-17 13:49 223744 c:\windows\system32\dllcache\msimn.exe
+ 2004-08-17 13:48 . 2004-08-17 13:48 380416 c:\windows\system32\dllcache\moricons.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 537600 c:\windows\system32\dllcache\migwiz.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 403968 c:\windows\system32\dllcache\keymgr.dll
+ 2001-10-25 14:00 . 2001-10-25 14:00 285696 c:\windows\system32\dllcache\inetcplc.dll
+ 2010-02-09 21:12 . 2004-08-17 13:49 832512 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 159744 c:\windows\system32\dllcache\hotplug.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 764928 c:\windows\system32\dllcache\helpctr.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 392704 c:\windows\system32\dllcache\fontext.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 188928 c:\windows\system32\dllcache\credui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 451072 c:\windows\system32\dllcache\cmdial32.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 416768 c:\windows\system32\dllcache\cmd.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 108544 c:\windows\system32\dllcache\cleanmgr.exe
+ 2010-02-09 21:11 . 2001-10-25 14:00 117760 c:\windows\system32\dllcache\calc.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 101376 c:\windows\system32\dllcache\ahui.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 188928 c:\windows\system32\credui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 451072 c:\windows\system32\cmdial32.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 416768 c:\windows\system32\cmd.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 108544 c:\windows\system32\cleanmgr.exe
+ 2010-02-09 21:11 . 2001-10-25 14:00 117760 c:\windows\system32\calc.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 101376 c:\windows\system32\ahui.exe
+ 2007-04-21 09:07 . 2007-04-21 09:07 894464 c:\windows\Resources\Themes\Inspirat2\Shell\ClassicXP\Shellstyle.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 225792 c:\windows\regedit.exe
+ 2010-02-09 21:13 . 2004-08-17 13:49 764928 c:\windows\pchealth\helpctr\binaries\helpctr.exe
+ 2010-02-09 22:01 . 2004-08-17 13:49 155648 c:\windows\notepad.exe
+ 2010-02-17 13:28 . 2010-02-17 13:28 481280 c:\windows\Installer\ad6da.msi
+ 2010-02-14 18:39 . 2010-02-14 18:39 228352 c:\windows\Installer\1a4cde.msi
+ 2010-02-14 21:45 . 2010-02-14 21:45 424960 c:\windows\Installer\1889e1.msi
+ 2006-05-21 07:43 . 2006-05-21 07:43 155648 c:\windows\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
+ 2007-05-28 15:06 . 2007-05-28 15:06 155417 c:\windows\BricoPacks\Vista Inspirat 2\Update.exe
+ 2006-05-21 07:43 . 2006-05-21 07:43 180224 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
+ 2007-03-18 22:05 . 2007-03-18 22:05 630784 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
+ 2007-03-04 07:48 . 2007-03-04 07:48 106496 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\Docklets\RocketClock\RocketClock.dll
+ 2006-05-21 07:49 . 2006-05-21 07:49 881664 c:\windows\BricoPacks\Vista Inspirat 2\ResHacker\ResHacker.exe
+ 2010-02-17 18:37 . 2010-02-17 18:37 153834 c:\windows\BricoPacks\Vista Inspirat 2\Remove.exe
+ 2007-04-22 10:31 . 2007-04-22 10:31 147456 c:\windows\BricoPacks\Vista Inspirat 2\Panel.exe
+ 2010-02-17 18:37 . 2010-02-17 18:37 219648 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\Ux_uxtheme.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 416768 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\9_cmd.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 223744 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\80_msimn.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 108544 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\8_cleanmgr.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 832512 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\79_iexplore.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 905728 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\77_zipfldr.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 286720 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\74_wuauclt1.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 292352 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\71_winsrv.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 117760 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\7_calc.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 691712 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\69_wininet.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 771072 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\68_wiashext.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 885760 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\67_wiaacmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 439808 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\66_webcheck.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 675328 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\65_urlmon.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 388096 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\62_themeui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 183808 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\60_taskmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 182272 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\58_sysocmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 147968 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\56_stobject.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 152064 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\55_sndvol32.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 180736 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\54_sndrec32.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 498176 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\53_shlwapi.dll
+ 2010-02-17 18:31 . 2004-08-17 13:48 673792 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\49_shdoclc.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 225792 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\48_regedit.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 742912 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\46_printui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 147456 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\44_occache.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 232448 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\42_ntshrui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 155648 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\41_notepad.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 155648 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\40_notepad.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 413696 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\39_newdev.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 146432 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\37_netid.dll
+ 2010-02-17 18:31 . 2004-08-03 20:59 657408 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\33_mstscax.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 322560 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\32_mstask.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 440832 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\31_mspaint.exe
+ 2010-02-17 18:31 . 2004-08-17 13:48 380416 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\28_moricons.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 537600 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\26_migwiz.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 403968 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\23_keymgr.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 285696 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\20_inetcplc.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 101376 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\2_ahui.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 159744 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\18_hotplug.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 764928 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\17_helpctr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 392704 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\15_fontext.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 974848 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\14_explorer.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 188928 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\12_credui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 451072 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\10_cmdial32.dll
+ 2005-06-09 22:08 . 2005-06-09 22:08 283294 c:\windows\BricoPacks\Vista Inspirat 2\iColorFolder\skins\Vista Inspirat\iColorFolder.dll
+ 2006-03-09 14:33 . 2006-03-09 14:33 405504 c:\windows\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.exe
+ 2010-02-17 18:33 . 2005-06-09 22:08 283294 c:\windows\BricoPacks\Vista Inspirat 2\iColorFolder\iColorFolder.dll
+ 2010-02-17 18:37 . 2004-08-17 13:49 219648 c:\windows\BricoPacks\SysFiles\Ux_uxtheme.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 389632 c:\windows\BricoPacks\SysFiles\9_cmd.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 515072 c:\windows\BricoPacks\SysFiles\78_logonui.exe
+ 2010-02-17 18:32 . 2004-08-17 13:49 338432 c:\windows\BricoPacks\SysFiles\77_zipfldr.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 166912 c:\windows\BricoPacks\SysFiles\74_wuauclt1.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 290816 c:\windows\BricoPacks\SysFiles\71_winsrv.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 114688 c:\windows\BricoPacks\SysFiles\7_calc.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 657408 c:\windows\BricoPacks\SysFiles\69_wininet.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 590336 c:\windows\BricoPacks\SysFiles\68_wiashext.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 433664 c:\windows\BricoPacks\SysFiles\67_wiaacmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 278528 c:\windows\BricoPacks\SysFiles\66_webcheck.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 601600 c:\windows\BricoPacks\SysFiles\65_urlmon.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 385536 c:\windows\BricoPacks\SysFiles\62_themeui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 137216 c:\windows\BricoPacks\SysFiles\60_taskmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 989184 c:\windows\BricoPacks\SysFiles\59_syssetup.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 106496 c:\windows\BricoPacks\SysFiles\58_sysocmgr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 122368 c:\windows\BricoPacks\SysFiles\56_stobject.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 138752 c:\windows\BricoPacks\SysFiles\55_sndvol32.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 131584 c:\windows\BricoPacks\SysFiles\54_sndrec32.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 473600 c:\windows\BricoPacks\SysFiles\53_shlwapi.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 439296 c:\windows\BricoPacks\SysFiles\52_shimgvw.dll
+ 2010-02-17 18:31 . 2004-08-17 13:48 557056 c:\windows\BricoPacks\SysFiles\49_shdoclc.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 147968 c:\windows\BricoPacks\SysFiles\48_regedit.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 662016 c:\windows\BricoPacks\SysFiles\47_rasdlg.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 563200 c:\windows\BricoPacks\SysFiles\46_printui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 143872 c:\windows\BricoPacks\SysFiles\42_ntshrui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 248832 c:\windows\BricoPacks\SysFiles\39_newdev.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 138240 c:\windows\BricoPacks\SysFiles\37_netid.dll
+ 2010-02-17 18:31 . 2004-08-03 20:59 655360 c:\windows\BricoPacks\SysFiles\33_mstscax.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 275968 c:\windows\BricoPacks\SysFiles\32_mstask.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 343552 c:\windows\BricoPacks\SysFiles\31_mspaint.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 993792 c:\windows\BricoPacks\SysFiles\29_msgina.dll
+ 2010-02-17 18:31 . 2004-08-17 13:48 216064 c:\windows\BricoPacks\SysFiles\28_moricons.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 239616 c:\windows\BricoPacks\SysFiles\26_migwiz.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 220672 c:\windows\BricoPacks\SysFiles\24_logon.scr
+ 2010-02-17 18:31 . 2004-08-17 13:49 151552 c:\windows\BricoPacks\SysFiles\23_keymgr.dll
+ 2010-02-17 18:31 . 2001-10-25 14:00 116224 c:\windows\BricoPacks\SysFiles\20_inetcplc.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 144384 c:\windows\BricoPacks\SysFiles\18_hotplug.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 768512 c:\windows\BricoPacks\SysFiles\17_helpctr.exe
+ 2010-02-17 18:31 . 2004-08-17 13:49 382976 c:\windows\BricoPacks\SysFiles\15_fontext.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 163840 c:\windows\BricoPacks\SysFiles\12_credui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 345600 c:\windows\BricoPacks\SysFiles\10_cmdial32.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 07:05 . 2008-07-29 07:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 19:46 . 2009-07-11 19:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2004-08-17 13:48 . 2004-08-17 13:48 3319296 c:\windows\system32\xpsp2res.dll
+ 2004-08-17 13:48 . 2004-08-17 13:48 1459200 c:\windows\system32\WINNTBBU.DLL
+ 2004-08-17 13:49 . 2004-08-17 13:49 1245184 c:\windows\system32\syssetup.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1788928 c:\windows\system32\shimgvw.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1763328 c:\windows\system32\shdocvw.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1233920 c:\windows\system32\rasdlg.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 2123264 c:\windows\system32\netshell.dll
+ 2004-02-23 08:00 . 2004-02-23 08:00 1386496 c:\windows\system32\msvbvm60.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1101824 c:\windows\system32\msgina.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 5650432 c:\windows\system32\logonui.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 3128320 c:\windows\system32\logon.scr
+ 2010-02-18 20:09 . 2009-11-17 23:17 1395800 c:\windows\system32\drivers\Monfilt.sys
+ 2010-02-18 20:09 . 2009-11-17 23:16 1691480 c:\windows\system32\drivers\Ambfilt.sys
+ 2004-08-17 13:48 . 2004-08-17 13:48 1459200 c:\windows\system32\dllcache\WINNTBBU.DLL
+ 2004-08-17 13:49 . 2004-08-17 13:49 1245184 c:\windows\system32\dllcache\syssetup.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1788928 c:\windows\system32\dllcache\shimgvw.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1763328 c:\windows\system32\dllcache\shdocvw.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1233920 c:\windows\system32\dllcache\rasdlg.dll
+ 2010-02-10 18:46 . 2004-08-17 14:49 4274816 c:\windows\system32\dllcache\nv4_disp.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 2123264 c:\windows\system32\dllcache\netshell.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1101824 c:\windows\system32\dllcache\msgina.dll
+ 2010-02-09 21:13 . 2004-08-17 13:49 3676160 c:\windows\system32\dllcache\moviemk.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 5650432 c:\windows\system32\dllcache\logonui.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 3128320 c:\windows\system32\dllcache\logon.scr
+ 2004-08-17 13:49 . 2004-08-17 13:49 1015296 c:\windows\system32\dllcache\browseui.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 1015296 c:\windows\system32\browseui.dll
+ 2005-08-20 11:48 . 2005-08-20 11:48 1201664 c:\windows\Resources\Themes\Vista\Shell\VISTA22\shellstyle.dll
+ 2005-08-20 09:30 . 2005-08-20 09:30 2085888 c:\windows\Resources\Themes\Vista\Shell\VISTA2\shellstyle.dll
+ 2005-08-20 11:48 . 2005-08-20 11:48 1201664 c:\windows\Resources\Themes\Vista\Shell\VISTA12\shellstyle.dll
+ 2005-08-20 09:30 . 2005-08-20 09:30 2085888 c:\windows\Resources\Themes\Vista\Shell\NormalColor\shellstyle.dll
+ 2007-04-20 17:16 . 2007-04-20 17:16 1117184 c:\windows\Resources\Themes\Inspirat2\Shell\NormalColor\Shellstyle.dll
+ 2007-04-20 17:16 . 2007-04-20 17:16 1117184 c:\windows\Resources\Themes\Inspirat2\Shell\AeroBlue\Shellstyle.dll
+ 2007-04-20 17:16 . 2007-04-20 17:16 1117184 c:\windows\Resources\Themes\Inspirat2\Shell\AeroBlack\Shellstyle.dll
+ 2010-02-17 13:43 . 2010-02-17 13:43 1094144 c:\windows\Installer\c8351.msi
+ 2006-05-21 07:43 . 2006-05-21 07:43 1645320 c:\windows\BricoPacks\Vista Inspirat 2\UberIcon\gdiplus.dll
+ 2007-01-01 15:23 . 2007-01-01 15:23 1645320 c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\gdiplus.dll
+ 2010-02-17 18:32 . 2004-08-17 13:49 3676160 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\82_moviemk.exe
+ 2010-02-17 18:32 . 2004-08-17 13:48 2482176 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\81_msoeres.dll
+ 2010-02-17 18:32 . 2004-08-17 13:49 5650432 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\78_logonui.exe
+ 2010-02-17 18:32 . 2004-08-17 13:48 3319296 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\76_xpsp2res.dll
+ 2010-02-17 18:31 . 2004-08-17 13:48 1459200 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\70_WINNTBBU.DLL
+ 2010-02-17 18:31 . 2004-08-17 13:49 1245184 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\59_syssetup.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1788928 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\52_shimgvw.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1763328 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\50_shdocvw.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1015296 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\5_browseui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1233920 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\47_rasdlg.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 2123264 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\38_netshell.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 3444224 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\30_mshtml.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1101824 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\29_msgina.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 3128320 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\24_logon.scr
+ 2010-02-17 18:32 . 2004-08-17 13:49 3555328 c:\windows\BricoPacks\SysFiles\82_moviemk.exe
+ 2010-02-17 18:32 . 2004-08-17 13:48 2482176 c:\windows\BricoPacks\SysFiles\81_msoeres.dll
+ 2010-02-17 18:32 . 2004-08-17 13:48 2927616 c:\windows\BricoPacks\SysFiles\76_xpsp2res.dll
+ 2010-02-17 18:31 . 2004-08-17 13:48 1459712 c:\windows\BricoPacks\SysFiles\70_WINNTBBU.DLL
+ 2010-02-17 18:31 . 2004-08-17 13:49 8388096 c:\windows\BricoPacks\SysFiles\51_shell32.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1483776 c:\windows\BricoPacks\SysFiles\50_shdocvw.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1016832 c:\windows\BricoPacks\SysFiles\5_browseui.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1707520 c:\windows\BricoPacks\SysFiles\38_netshell.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 3003392 c:\windows\BricoPacks\SysFiles\30_mshtml.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 1032704 c:\windows\BricoPacks\SysFiles\14_explorer.exe
+ 2004-08-17 13:49 . 2004-08-17 13:49 12802048 c:\windows\system32\shell32.dll
+ 2004-08-17 13:49 . 2004-08-17 13:49 12802048 c:\windows\system32\dllcache\shell32.dll
+ 2010-02-17 18:31 . 2004-08-17 13:49 12802048 c:\windows\BricoPacks\Vista Inspirat 2\PackFiles\51_shell32.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2010-02-17 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"RTHDCPL"="RTHDCPL.EXE" [2009-12-08 18789920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD Cinema\\PowerDVDCinema.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.2.2010 22:53 162512]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [9.2.2010 22:30 13696]
R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [17.2.2010 15:51 17024]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [17.2.2010 14:28 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/12 22:17];c:\program files\CyberLink\PowerDVD9\000.fcl [28.2.2009 19:40 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.2.2010 22:53 19024]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [17.2.2010 14:28 65576]
S2 HDDlife HDD Access service;HDDlife HDD Access service;c:\program files\Common Files\BinarySense\hldasvc.exe [19.8.2009 19:04 822936]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18.2.2010 21:09 1691480]
S3 BS_Flash;BS_Flash;c:\program files\Tseries BIOS Update\Award\BS_Flash.sys [17.2.2010 20:25 3604]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [10.2.2010 19:53 23456]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\program files\Common Files\BinarySense\hlAPP.dll
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\r22ydh4a.default\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-nwiz - nwiz.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 21:30
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\BUTTER~1\LOCALS~1\Temp\ASFWHide"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
Celkový čas: 2010-02-18 21:32:58
ComboFix-quarantined-files.txt 2010-02-18 20:32
ComboFix2.txt 2010-02-16 14:05
ComboFix3.txt 2010-02-15 11:39
ComboFix4.txt 2010-02-14 18:33

Před spuštěním: Volných bajtů: 90 674 438 144
Po spuštění: Volných bajtů: 90 646 880 256

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 7ABAF1CA2DB798828FB761A4AF5274D9
Nahoru
martin.efres
Level 2
Level 2
Příspěvky: 204
Registrován: prosinec 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod martin.efres » 18 úno 2010 21:41

LOG Z HIJACKTHIS :

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 21:40:19, on 18.2.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe

--
End of file - 4624 bytes
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu  Vyřešeno

Příspěvekod jaro3 » 18 úno 2010 22:08

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\windows\SxsCaPendDel

File::
c:\windows\system32\d3d9caps.dat


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Logy dávat nemusíš.
////////////
Odinstaluj Crawler Toolbar


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076



Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix


/////////////////////////////////////

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Tady je to vše, vrať do předešlého tématu.
http://pc-help.cz/viewtopic.php?f=7&t=50310&start=12
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů