ComboFix 12-12-17.02 - Martini 18.12.2012 22:20:34.1.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1786 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martini\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regedit.com
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\SET360.tmp
c:\windows\system32\SET364.tmp
c:\windows\system32\SET365.tmp
c:\windows\system32\SET36C.tmp
c:\windows\system32\swctl.dll
c:\windows\system32\taskmgr.com
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-18 do 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-13 19:54 . 2012-12-13 19:54 -------- d---a-w- c:\windows\rundll16.exe
2012-12-13 19:54 . 2012-12-13 19:54 -------- d---a-w- c:\windows\logo1_.exe
2012-12-09 22:15 . 2012-06-02 14:18 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-12-09 19:11 . 2012-12-13 20:24 512 ----a-w- C:\PhysicalMBR.bin
2012-12-09 13:24 . 2012-12-09 13:24 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2012-12-09 12:28 . 2012-12-09 12:28 -------- d-----w- c:\program files\VS Revo Group
2012-12-09 10:27 . 2012-12-09 10:27 -------- d-----w- C:\rsit
2012-12-09 10:27 . 2012-12-09 10:27 -------- d-----w- c:\program files\trend micro
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\URE
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\readmes
2012-12-08 20:10 . 2012-12-09 10:34 -------- d-----w- c:\program files\program
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\share
2012-12-08 20:10 . 2012-12-08 20:10 -------- d-----w- c:\program files\Basis
2012-12-08 19:56 . 2012-12-08 19:56 -------- d-----w- c:\documents and settings\Martini\Local Settings\Data aplikací\Secunia PSI
2012-12-08 19:56 . 2012-12-08 19:56 -------- d-----w- c:\program files\Secunia
2012-12-01 13:58 . 2012-12-01 13:58 -------- d-----w- c:\documents and settings\Vanda\Data aplikací\Xilisoft
2012-11-27 13:30 . 2012-11-27 13:30 -------- d-----w- c:\documents and settings\Vanda\Local Settings\Data aplikací\Aimersoft
2012-11-24 22:30 . 2012-11-24 22:30 -------- d-----w- c:\program files\Verbatim
2012-11-24 15:06 . 2012-11-24 15:06 -------- d-----w- c:\documents and settings\Pája.MA\Local Settings\Data aplikací\Aimersoft
2012-11-24 12:43 . 2009-04-22 06:20 216576 ----a-w- c:\windows\system32\fwpuclnt.dll
2012-11-24 12:31 . 2012-11-24 12:31 -------- d-----w- c:\documents and settings\Martini\Data aplikací\Xilisoft
2012-11-24 12:30 . 2012-11-24 12:30 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Xilisoft
2012-11-24 08:46 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-24 08:46 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-11-24 08:45 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-23 23:16 . 2012-11-23 23:16 -------- d-----w- c:\documents and settings\Martini\Local Settings\Data aplikací\Aimersoft
2012-11-23 23:16 . 2012-11-23 23:16 -------- d-----w- c:\program files\Common Files\Aimersoft
2012-11-23 21:14 . 2012-11-23 21:14 -------- d-----w- C:\DVDTemp
2012-11-23 21:14 . 2008-10-04 09:22 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2012-11-23 21:13 . 2012-11-24 09:17 -------- d-----w- c:\program files\Free DVD Creator
2012-11-23 21:01 . 2012-11-23 21:02 -------- d-----w- c:\documents and settings\Martini\Data aplikací\DVD Flick
2012-11-23 20:34 . 2007-08-31 17:36 36864 ----a-w- c:\windows\system32\trayicon_handler.ocx
2012-11-23 20:34 . 2003-01-26 12:41 40960 ----a-w- c:\windows\system32\ssubtmr6.dll
2012-11-23 20:34 . 2012-11-23 20:34 -------- d-----w- c:\program files\DVD Flick
2012-11-23 20:34 . 2008-08-31 12:27 28672 ----a-w- c:\windows\system32\mousewheel.ocx
16512-12-06 21:44 . 16512-12-06 21:44 -------- d-----w- c:\documents and settings\filmy\Local Settings\Data aplikací\Aimersoft
16512-10-24 18:34 . 16512-10-24 18:35 -------- d-----w- c:\documents and settings\Administrator.MA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 08:07 . 2012-03-29 20:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-15 08:07 . 2012-01-21 21:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-13 11:55 . 2006-03-02 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 00:41 . 2006-03-02 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-02 02:03 . 2006-03-02 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:12 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:12 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-01 12:12 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-10-20 22:32 . 2012-10-20 22:32 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-20 22:32 . 2012-10-20 22:32 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-20 22:32 . 2012-04-04 20:48 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-20 22:32 . 2010-04-29 20:55 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 18:04 . 2006-03-02 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2008-08-19 22:22 . 2008-08-19 22:21 284248 ----a-w- c:\program files\npmusicn.dll
2012-12-01 20:12 . 2012-12-01 20:12 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCWinTray"="c:\windows\Tray\wintmr.exe" [2008-12-03 5926328]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-03-17 61440]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-08-14 352256]
"tsnp325"="c:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-06-05 273544]
"ChicoSys"="c:\windows\system32\cc32\webtmr.exe" [2008-12-03 4976056]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-31 307200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Aimersoft Helper Compact.exe"="c:\program files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" [2012-02-20 1666560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Pája\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 2.2.lnk - i:\program files\OpenOffice.org 2.2\program\quickstart.exe [N/A]
.
c:\documents and settings\Pája.MA\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\filmy\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\Guest\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [N/A]
.
c:\documents and settings\Martini\Nabídka Start\Programy\Po spuštění\
Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2007-5-15 479232]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Farming Simulator 2011\\FarmingSimulator2011.exe"=
"c:\\Program Files\\Farming Simulator 2011\\game.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 phylock;phylock;c:\windows\system32\drivers\phylock.sys [8.3.2009 19:38 8064]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [18.11.2007 20:40 33792]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.8.2010 9:55 436792]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [27.3.2012 19:47 21992]
S2 RVIEGVST;VSC VST Engine;c:\program files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys [26.4.2009 15:49 188276]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S2 Windows-CCHook-Service;Windows-CCHook-Service;c:\windows\system32\cchservice.exe [13.12.2011 23:20 967344]
S3 CLAVIAUSB;CLAVIAUSB;c:\windows\system32\drivers\ClaviaUSB.sys [5.8.2008 17:52 19712]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [27.9.2009 8:55 47360]
S3 Saffire;Saffire;c:\windows\system32\drivers\Saffire.sys [15.6.2012 20:35 169056]
S3 SaffireAudio;Saffire Audio;c:\windows\system32\drivers\SaffireAudio.sys [15.6.2012 20:35 32992]
S3 SaffireMidi;Saffire MIDI;c:\windows\system32\drivers\SaffireMidi.sys [15.6.2012 20:35 40672]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [7.5.2009 18:27 10251904]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [13.8.2012 12:10 104280]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-18 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1123561945-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-12-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1123561945-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.google.com
mSearch Bar = hxxp://
www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Martini\Data aplikací\Mozilla\Firefox\Profiles\ej6dd3j1.default\
FF - prefs.js: browser.startup.homepage - hxxp://
www.seznam.cz/
FF - prefs.js: network.proxy.http - 123.122.56.55
FF - prefs.js: network.proxy.http_port - 56
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2009-09-05 10:11; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-pdfSaver3 - (no file)
.
.
.
**************************************************************************
.
disk not found C:\
.
please note that you need administrator rights to perform deep scan
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1123561945-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{73AE5928-E9B8-9725-7498-2AD79C533D5B}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(208)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-12-18 22:38:23
ComboFix-quarantined-files.txt 2012-12-18 21:38
.
Před spuštěním: 9 945 833 472
Po spuštění: Volných bajtů: 11 746 250 752
.
- - End Of File - - D662C500A6FB3562E2D364672F7D7E23
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
od 1. února 2011.
Přispějete na provoz fóra?