Explorer.exe padá

[Mankind]

ComboFix 12-07-20.01 - Administrator 20.07.2012 14:16:59.2.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2013.1648 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\documents and settings\Jurneeka\Nabídka Start\Programy\Po spuštiní\Registration Brothers In Arms.LNK -"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\ServicePackFiles\i386\regsvc.dll --> c:\windows\System32\regsvc.dll
c:\windows\ServicePackFiles\i386\schedsvc.dll --> c:\windows\System32\schedsvc.dll
c:\windows\ServicePackFiles\i386\ssdpsrv.dll --> c:\windows\System32\ssdpsrv.dll
c:\windows\ServicePackFiles\i386\termsrv.dll --> c:\windows\System32\termsrv.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-20 do 2012-07-20 )))))))))))))))))))))))))))))))
.
.
2012-07-20 12:16 . 2008-04-14 06:52 71680 ----a-w- c:\windows\system32\ssdpsrv.dll
2012-07-20 12:16 . 2008-04-14 06:52 295936 ----a-w- c:\windows\system32\termsrv.dll
2012-07-20 12:16 . 2008-04-14 06:51 59904 ----a-w- c:\windows\system32\regsvc.dll
2012-07-20 12:16 . 2008-04-14 06:51 192512 ----a-w- c:\windows\system32\schedsvc.dll
2012-07-20 10:13 . 2008-04-14 06:52 171008 ----a-w- c:\windows\system32\srsvc.dll
2012-07-20 10:05 . 2008-04-14 05:42 52480 ----a-w- c:\windows\system32\drivers\Volsnap.sys
2012-07-20 09:12 . 2012-07-20 09:13 -------- d-----w- c:\documents and settings\Administrator
2012-07-20 00:41 . 2012-07-20 00:41 -------- dc----w- C:\_OTM
2012-07-12 20:46 . 2012-07-12 20:46 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-07-12 08:40 . 2012-07-12 08:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-12 08:40 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-12 08:00 . 2012-05-11 14:44 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-07-12 08:00 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2012-07-12 07:59 . 2012-05-11 18:14 11111424 ------w- c:\windows\system32\dllcache\ieframe.dll
2012-07-12 07:59 . 2012-05-11 14:44 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2012-07-12 07:59 . 2012-05-11 14:44 629760 ------w- c:\windows\system32\dllcache\msfeeds.dll
2012-07-12 07:59 . 2012-05-11 14:44 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-07-12 07:59 . 2012-05-11 14:44 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2012-07-12 07:59 . 2012-05-11 14:44 2000384 ------w- c:\windows\system32\dllcache\iertutil.dll
2012-07-12 07:59 . 2012-05-11 14:44 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2012-07-12 07:58 . 2012-07-12 07:59 -------- dc-h--w- c:\windows\ie8
2012-07-04 19:10 . 2012-07-20 09:27 -------- d-----w- c:\program files\trend micro
2012-07-04 19:10 . 2012-07-04 19:11 -------- dc----w- C:\rsit
2012-07-03 15:43 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2012-07-03 15:43 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2012-07-03 15:43 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2012-07-03 15:43 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2012-07-03 15:43 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2012-07-03 15:43 . 2012-07-03 15:43 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-07-03 15:43 . 2012-07-03 15:43 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-07-01 18:47 . 2012-07-01 18:47 -------- d-----w- c:\program files\uTorrent
2012-06-29 21:04 . 2012-06-29 21:05 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-29 21:02 . 2012-06-29 21:04 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-06-29 20:47 . 2012-06-29 21:02 477240 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-06-29 16:53 . 2012-06-29 16:53 -------- d-----w- c:\program files\Webteh
2012-06-28 19:10 . 2012-06-28 19:11 -------- d-----w- c:\windows\system32\XPSViewer
2012-06-28 19:10 . 2012-06-28 19:10 -------- d-----w- c:\program files\Reference Assemblies
2012-06-28 19:10 . 2007-03-22 18:24 28160 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-06-28 19:10 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2012-06-28 15:49 . 2010-08-27 08:03 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2012-06-28 15:49 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2012-06-28 15:49 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2012-06-28 15:47 . 2011-04-30 03:00 758784 ----a-w- c:\windows\system32\dllcache\vgx.dll
2012-06-28 08:08 . 2008-04-14 06:52 152064 ----a-w- c:\windows\system32\irftp.exe
2012-06-28 08:08 . 2008-04-14 06:52 152064 ----a-w- c:\windows\system32\dllcache\irftp.exe
2012-06-28 08:08 . 2008-04-14 06:52 8192 ----a-w- c:\windows\system32\wshirda.dll
2012-06-28 08:08 . 2008-04-14 06:52 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll
2012-06-28 08:08 . 2008-04-14 06:51 27648 ----a-w- c:\windows\system32\irmon.dll
2012-06-28 08:08 . 2008-04-14 06:51 27648 ----a-w- c:\windows\system32\dllcache\irmon.dll
2012-06-28 07:42 . 2010-07-16 11:58 219136 ------w- c:\windows\system32\dllcache\wordpad.exe
2012-06-28 07:41 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2012-06-28 07:41 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2012-06-28 07:41 . 2011-07-15 13:29 456320 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2012-06-28 07:41 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2012-06-28 07:41 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2012-06-28 07:40 . 2010-11-02 15:17 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2012-06-28 07:40 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2012-06-28 07:40 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2012-06-28 07:40 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe
2012-06-28 07:40 . 2009-03-06 14:23 284160 ------w- c:\windows\system32\dllcache\pdh.dll
2012-06-28 07:40 . 2009-02-09 11:25 111104 ------w- c:\windows\system32\dllcache\services.exe
2012-06-28 07:40 . 2009-02-09 10:56 401408 ------w- c:\windows\system32\dllcache\rpcss.dll
2012-06-28 07:40 . 2009-02-09 10:56 684032 ------w- c:\windows\system32\dllcache\advapi32.dll
2012-06-28 07:40 . 2009-02-09 10:56 473600 ------w- c:\windows\system32\dllcache\fastprox.dll
2012-06-28 07:40 . 2009-02-06 10:39 35328 ------w- c:\windows\system32\dllcache\sc.exe
2012-06-28 07:40 . 2009-02-09 10:56 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll
2012-06-28 07:39 . 2009-06-21 21:48 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2012-06-28 07:39 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys
2012-06-28 07:39 . 2012-06-05 15:49 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2012-06-28 07:39 . 2008-05-01 14:37 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2012-06-28 07:38 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2012-06-28 07:37 . 2008-10-15 16:38 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2012-06-28 07:37 . 2012-05-05 03:14 2150400 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2012-06-28 07:37 . 2010-12-09 15:15 713216 ------w- c:\windows\system32\dllcache\ntdll.dll
2012-06-28 07:37 . 2012-05-05 03:14 2194816 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2012-06-28 07:37 . 2012-05-05 03:14 2071296 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2012-06-28 07:37 . 2012-05-05 03:14 2028544 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2012-06-28 07:37 . 2011-07-08 14:02 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
2012-06-28 07:37 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-06-28 07:37 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-06-28 07:36 . 2010-08-16 08:45 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2012-06-27 17:04 . 2012-07-18 04:39 136672 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-06-27 15:15 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2012-06-27 15:15 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2012-06-27 15:15 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-06-27 15:15 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-06-27 15:15 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-06-27 15:10 . 2012-07-18 21:57 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-27 15:10 . 2012-07-18 21:57 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-27 14:49 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2012-06-27 14:49 . 2008-04-14 05:44 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2012-06-27 14:48 . 2008-04-14 06:52 75264 ----a-w- c:\windows\system32\usbui.dll
2012-06-27 14:44 . 2012-06-27 15:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS
2012-06-27 14:44 . 2012-06-27 12:55 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
2012-06-27 13:45 . 2012-06-27 13:44 737280 ----a-w- c:\windows\iun6002.exe
2012-06-27 13:45 . 2012-06-27 13:45 -------- d-----w- c:\program files\Codec Pack - All In 1
2012-06-27 13:27 . 2012-06-27 13:27 -------- d-----w- c:\windows\msagent
2012-06-27 13:21 . 2008-04-14 06:51 33792 ------w- c:\windows\system32\dllcache\custsat.dll
2012-06-27 13:09 . 2008-04-13 22:15 6272 ----a-w- c:\windows\system32\drivers\splitter.sys
2012-06-27 13:08 . 2009-01-07 16:20 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2012-06-27 13:04 . 2010-06-17 10:02 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-06-27 12:59 . 2012-07-12 13:02 -------- d-----w- c:\documents and settings\Doma
2012-06-27 12:57 . 2012-06-27 12:57 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY
2012-06-27 12:56 . 2012-06-27 12:56 -------- d-sh--w- c:\documents and settings\NetworkService.NT AUTHORITY
2012-06-27 12:52 . 2001-10-25 11:00 44544 ----a-w- c:\windows\system32\hticons.dll
2012-06-27 08:34 . 2012-06-27 08:34 -------- d-----w- c:\program files\AVAST Software
2012-06-27 07:56 . 2012-06-29 10:25 -------- d-----w- c:\windows\system32\KB905474
2012-06-27 07:47 . 2012-06-27 07:47 -------- d-----w- c:\program files\MSXML 4.0
2012-06-26 07:21 . 2012-07-13 01:00 -------- d--h--w- c:\windows\$hf_mig$
2012-06-25 17:32 . 2012-06-25 17:32 -------- d-----w- c:\documents and settings\Jurnečka\Data aplikací\LolClient2
2012-06-25 16:14 . 2012-06-27 16:45 -------- d-----w- c:\windows\Logs
2012-06-25 16:04 . 2012-06-27 11:27 -------- d-----w- c:\documents and settings\Jurnečka\Local Settings\Data aplikací\PMB Files
2012-06-25 16:01 . 2012-06-25 16:01 -------- d-----w- c:\program files\Pando Networks
2012-06-25 15:07 . 2012-06-27 13:09 -------- d-----w- c:\windows\system32\RTCOM
2012-06-25 15:05 . 2012-06-25 15:05 -------- d-----w- c:\program files\microsoft frontpage
2012-06-25 13:14 . 2012-06-25 13:15 -------- d-----w- c:\documents and settings\Jurnečka\Data aplikací\DAEMON Tools Lite
2012-06-25 12:23 . 2012-06-25 12:23 -------- d-----w- c:\documents and settings\Jurnečka\Local Settings\Data aplikací\Temp
2012-06-25 12:01 . 2012-06-25 12:01 -------- d-----w- c:\documents and settings\Jurnečka\Local Settings\Data aplikací\SlimWare Utilities Inc
2012-06-25 11:46 . 2012-06-25 11:46 -------- d-----w- c:\windows\system32\Lang
2012-06-25 11:45 . 2006-02-07 13:40 204800 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-06-25 11:45 . 2006-02-07 13:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-06-25 11:45 . 2006-02-07 13:40 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-06-25 11:45 . 2005-11-13 21:19 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-06-25 11:45 . 2006-02-07 13:45 757760 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-06-25 11:45 . 2012-06-25 11:45 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-13 13:55 . 2005-11-09 17:11 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2004-08-17 13:49 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-17 13:49 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2012-06-02 13:19 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2004-08-17 13:49 97304 ----a-w- c:\windows\system32\cdm.dll
2012-05-31 13:22 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2004-08-17 13:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 14:44 . 2004-08-17 13:49 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 11:38 . 2004-08-17 13:44 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-05 03:14 . 2004-08-17 13:45 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2006-02-05 15:31 . 2006-02-05 15:31 3531370 -c--a-w- c:\program files\DCPlusPlus-0.68.exe
2005-11-30 11:33 . 2005-11-30 11:33 4277840 -c--a-w- c:\program files\icq5-instalace.exe
2002-10-04 05:06 . 2005-11-15 14:42 274432 -c--a-w- c:\program files\eauninstall.exe
2002-10-04 05:06 . 2005-11-15 14:42 487424 -c--a-w- c:\program files\AutoRun.exe
2002-10-04 04:44 . 2005-11-15 14:42 1105920 -c--a-w- c:\program files\AutoRunGUI.dll
2002-10-03 21:19 . 2005-11-15 14:42 45056 -c--a-w- c:\program files\setup.exe
2002-09-12 16:12 . 2005-11-15 14:42 12464 -c--a-w- c:\program files\SECDRV.SYS
2001-05-06 09:02 . 2001-05-06 09:02 4096 -c--a-w- c:\program files\RegSetup.exe
2012-07-18 04:39 . 2012-06-27 17:04 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2012-04-24 20065896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-27 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-27 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-27 150040]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\documents and settings\Jurnečka\Nabídka Start\Programy\Po spuštění\
Registration Brothers In Arms.LNK - f:\support\Register\RegistrationReminder.exe [N/A]
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Hry\\Company of Heroes\\CoH game\\RelicCOH.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56298:TCP"= 56298:TCP:Pando Media Booster
"56298:UDP"= 56298:UDP:Pando Media Booster
"57840:TCP"= 57840:TCP:Pando Media Booster
"57840:UDP"= 57840:UDP:Pando Media Booster
"58597:TCP"= 58597:TCP:Pando Media Booster
"58597:UDP"= 58597:UDP:Pando Media Booster
"56410:TCP"= 56410:TCP:Pando Media Booster
"56410:UDP"= 56410:UDP:Pando Media Booster
"59042:TCP"= 59042:TCP:Pando Media Booster
"59042:UDP"= 59042:UDP:Pando Media Booster
"58304:TCP"= 58304:TCP:Pando Media Booster
"58304:UDP"= 58304:UDP:Pando Media Booster
"56106:TCP"= 56106:TCP:Pando Media Booster
"56106:UDP"= 56106:UDP:Pando Media Booster
"59153:TCP"= 59153:TCP:Pando Media Booster
"59153:UDP"= 59153:UDP:Pando Media Booster
"56494:TCP"= 56494:TCP:Pando Media Booster
"56494:UDP"= 56494:UDP:Pando Media Booster
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [29.6.2012 23:04 242240]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.7.2012 10:40 655944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.7.2012 10:40 22344]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27.6.2012 17:10 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [27.6.2012 15:08 1691480]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [12.7.2012 22:46 40776]
S3 MozillaMaintenance;Mozilla Maintenance Service;"c:\program files\Mozilla Maintenance Service\maintenanceservice_tmp.exe" --> c:\program files\Mozilla Maintenance Service\maintenanceservice_tmp.exe [?]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\e07mjeac.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-20 14:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1200)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2012-07-20 14:26:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-20 12:26
ComboFix2.txt 2012-07-20 10:18
.
Před spuštěním: Volných bajtů: 15 370 145 792
Po spuštění: Volných bajtů: 15 378 345 984
.
- - End Of File - - 2F8CA0CC12358B8468088DEFA8FF976C

[stell]

ok, podla tohto navodu od kolegu odinstaluj :
Combofix a vycisti pc CCleanerom , a napis ako sa chova pc.
http://forum.viry.cz/viewtopic.php?f=13 ... 9#p1127740

[Mankind]

OK zatím se zdá, že problém je vyřešen, takže mockrát děkuji. Kdyby se to zase projevilo, doufám že ne, tak bych sem zase napsal, pokud by to nevadilo. A chtěl jsem se zeptat, že mi někdy zamrzl PC při startu a vyřešit se to dalo jen přes F8 a Poslední známá funkční konfigurace.Ten problém jste taky vyřešil? A mohl by jste v jedné větě napsat v čem byl problém? Moc tomu nerozumím, což jste si určitě všiml.

[stell]

Kdyby se to zase projevilo, doufám že ne, tak bych sem zase napsal, pokud by to nevadilo.

Ano treba poriadne odskusat , a ak nieco tak napis.

A chtěl jsem se zeptat, že mi někdy zamrzl PC při startu a vyřešit se to dalo jen přes F8 a Poslední známá funkční konfigurace.Ten problém jste taky vyřešil? A mohl by jste v jedné větě napsat v čem byl problém?

Ano problem by mal by byt vyrieseny, pretoze mal si infikovany systemovy subor a kopec dalsich systemovych suborov bolo zmazane, okrem toho mal si tam aj zopar smejdov.

Ttak ako som pisal odskusat a zajtra pozajtra napis ci vsetko ok.

[Mankind]

Ok kdyby něco tak napíšu, děkuju mockrát za pomoc

[stell]

Nemas zaco.