ComboFix 11-09-30.04 - pavla 30.09.2011 19:28:33.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1024.506 [GMT 2:00]
Spuštěný z: c:\documents and settings\pavla\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\documents and settings\pavla\Oblíbené položky\ccsetup307.exe
c:\documents and settings\pavla\Oblíbené položky\FarmingSimulator2011Patch2.2EN.exe
c:\documents and settings\pavla\Oblíbené položky\install_icq7.exe
c:\documents and settings\pavla\Oblíbené položky\KingofKings3_05062011_Downloader.exe
c:\documents and settings\pavla\Oblíbené položky\Vypínač na dobrou noc verze 2.0.exe
c:\documents and settings\pavla\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\system\BCBSMP35.BPL
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_PASSWORD
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-30 )))))))))))))))))))))))))))))))
.
.
2011-09-30 16:32 . 2011-09-30 16:32 -------- d-----w- c:\program files\Defraggler
2011-09-30 15:56 . 2011-09-30 15:56 -------- d-----w- C:\_OTM
2011-09-30 14:58 . 2011-09-30 17:16 -------- d-----w- c:\program files\trend micro
2011-09-30 14:58 . 2011-09-30 14:59 -------- d-----w- C:\rsit
2011-09-30 10:47 . 2011-09-30 10:52 -------- d-----w- c:\program files\Valve
2011-09-30 10:30 . 2011-09-30 10:30 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-09-30 10:30 . 2003-09-03 00:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-09-30 10:30 . 2003-09-03 00:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-09-30 10:30 . 2003-09-03 00:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-09-30 10:30 . 2003-09-03 00:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-09-30 10:30 . 2003-09-03 00:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-09-30 10:30 . 2011-09-30 10:30 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-09-30 09:56 . 2011-09-30 09:56 -------- d-----w- c:\program files\Counter-Strike 1.6 Patch Version 26
2011-09-29 12:57 . 2011-09-29 13:11 -------- d-----w- c:\program files\Paradox Interactive
2011-09-28 08:19 . 2011-09-28 08:19 278728 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-09-28 08:19 . 2011-09-28 08:19 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-09-28 08:12 . 2011-09-28 08:12 -------- d-----w- c:\program files\PLAYLOGIC
2011-09-27 19:43 . 2011-09-30 16:00 66520 ----a-w- c:\program files\Mozilla Firefox\plugins\npnul32.dll
2011-09-27 19:43 . 2011-09-30 16:00 140248 ----a-w- c:\program files\Mozilla Firefox\components\brwsrcmp.dll
2011-09-27 19:43 . 2011-09-30 16:00 25048 ----a-w- c:\program files\Mozilla Firefox\components\browserdirprovider.dll
2011-09-27 19:43 . 2011-09-30 16:00 505816 ----a-w- c:\program files\Mozilla Firefox\sqlite3.dll
2011-09-27 19:43 . 2011-09-30 16:00 1015256 ----a-w- c:\program files\Mozilla Firefox\js3250.dll
2011-09-26 17:14 . 2011-09-26 17:14 -------- d-----w- c:\program files\Conduit
2011-09-26 17:14 . 2011-09-30 13:34 -------- d-----w- c:\documents and settings\pavla\Local Settings\Data aplikací\MyAshampoo
2011-09-26 17:14 . 2011-09-30 13:34 -------- d-----w- c:\documents and settings\pavla\Local Settings\Data aplikací\ConduitEngine
2011-09-26 17:14 . 2011-09-30 15:57 -------- d-----w- c:\program files\MyAshampoo
2011-09-22 16:14 . 2011-09-22 16:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
2011-09-22 16:00 . 2011-09-27 19:41 -------- d-----w- c:\documents and settings\pavla\Data aplikací\GetRightToGo
2011-09-18 13:35 . 2011-09-21 16:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TrackMania
2011-09-15 15:51 . 2011-09-15 15:52 -------- d-----w- c:\program files\Rockstar Games
2011-09-15 15:51 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-09-15 15:51 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-09-15 15:51 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-09-15 15:51 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-09-15 15:51 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-09-15 15:50 . 2011-09-15 15:50 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-09-15 15:50 . 2011-09-15 15:50 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-09-07 09:37 . 2011-09-07 09:37 -------- d-----w- c:\program files\Gameforge4D
2011-09-03 18:37 . 2011-09-08 14:23 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-09-03 18:37 . 2011-09-08 14:23 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-09-03 18:37 . 2011-09-08 14:23 478168 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-09-03 18:37 . 2011-09-08 14:23 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-09-03 18:37 . 2011-09-08 14:23 785368 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-09-03 18:37 . 2011-09-08 14:23 1846232 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-09-03 18:37 . 2011-08-30 19:40 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-09-03 18:37 . 2011-08-30 19:40 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-30 16:05 . 2011-05-15 15:24 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-21 12:31 . 2009-08-18 09:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-09-21 12:31 . 2009-08-18 09:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-29 05:08 . 2008-11-30 00:22 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-31 23:37 . 2011-02-08 17:26 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-31 23:37 . 2011-02-08 17:26 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-19 03:05 . 2011-01-29 16:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-19 00:40 . 2011-07-13 09:24 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-15 13:29 . 2008-04-14 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2008-04-14 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-08 14:23 . 2011-09-03 18:37 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Anvshell"="anvshell.exe" [2003-03-13 348160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-24 281768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-02-10 22:32 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Diablo II\\Diablo II.exe"=
"c:\\Documents and Settings\\pavla\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"c:\\Documents and Settings\\pavla\\Plocha\\hry\\AoE3\\age3.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Quake III Arena\\Quake3\\quake3.exe"=
"c:\\Program Files\\Microsoft Games\\Gears of War\\Binaries\\WarGame-G4WLive.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\pavla\\Plocha\\Terraria Beta\\Terraria.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Steam\\steamapps\\kolda22\\team fortress 2\\hl2.exe"=
"c:\\Documents and Settings\\pavla\\Plocha\\hry\\Borderlands\\Binaries\\Borderlands.exe"=
"c:\\Documents and Settings\\pavla\\Plocha\\hry\\Kane and Lynch Dead Men\\kaneandlynch.exe"=
"c:\\Documents and Settings\\pavla\\Plocha\\Terraria Beta\\TerrariaServer.exe"=
"c:\\Documents and Settings\\pavla\\Dokumenty\\Stažené soubory\\HKO quick start v19366.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Valve\\cstrike.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"86:TCP"= 86:TCP:BroadCam Web Server
"4000:TCP"= 4000:TCP:c:\\Diablo II\\Diablo II.exe
"57114:TCP"= 57114:TCP:Pando Media Booster
"57114:UDP"= 57114:UDP:Pando Media Booster
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [14.6.2009 20:53 136360]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [4.8.2011 14:34 1361288]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [29.6.2009 19:09 47360]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 ANVIOCTL;ANVIOCTL;c:\windows\system32\drivers\anvioctl.sys [29.11.2008 18:15 232480]
S1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [5.3.2011 16:57 115968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [24.5.2010 23:36 136176]
S3 cpuz130;cpuz130;\??\c:\docume~1\pavla\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\pavla\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout pomocí FlashGet
IE: Stáhnout vše pomocí FlashGet
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\documents and settings\pavla\Data aplikací\Mozilla\Firefox\Profiles\b9dyzcta.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://
www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
FF - Ext: Conduit Engine :
engine@conduit.com - %profile%\extensions\
engine@conduit.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: MyAshampoo Community Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - %profile%\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter:
jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file)
AddRemove-Gears of War_is1 - .:\gears of war\unins000.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\documents and settings\pavla\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-09-30 19:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\???]?%[??????([??([???????????????? ?%[??%[PJ????([$?????%[????????????{?%[??????????%[$?<~????(????~7~??<~?????~7~??<~??%[@???????d?????&[%?%[x?([??????%[,>%[??'[v?7~Z|%[{3%[?2%[????st.I????G?&[????d????<%[?I%[
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-606747145-1326574676-1644491937-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:d6,80,38,a3,ea,e2,2c,d2,8f,33,cd,58,66,6b,a5,76,17,90,aa,33,35,36,b2,
e2,af,6c,3d,33,60,e3,60,82,4c,b0,fd,a7,91,fd,dd,69,78,bf,70,33,f2,51,34,f0,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-606747145-1326574676-1644491937-1004\Software\SecuROM\License information*]
"datasecu"=hex:b1,63,6a,08,d1,59,a0,b7,6e,fe,a1,f4,a1,e2,1e,35,70,eb,26,9f,76,
58,6e,68,60,93,3e,6a,61,fc,94,c3,c3,bb,a2,e8,f7,1e,55,6f,e9,c9,9b,b6,c7,15,\
"rkeysecu"=hex:e7,02,50,f4,0c,ab,4b,63,e2,01,fb,7b,61,70,2e,a4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3968)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
c:\program files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-09-30 19:45:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-30 17:45
.
Před spuštěním: Volných bajtů: 35 791 507 456
Po spuštění: Volných bajtů: 35 609 280 512
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - EBA0DBC7D0D15370CB92EE048B7C22A1
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Přispějete na provoz fóra?
