ComboFix 13-12-26.01 - Patizooon 28.12.2013 19:32:56.10.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.526 [GMT 1:00]
Spuštěný z: c:\documents and settings\Patizooon\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patizooon\Plocha\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: AVG update module *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\jwbwlod7tjw.lnk"
"c:\documents and settings\Patizooon\Nabídka Start\Programy\Po spuštění\jwbwlod7tjw.lnk"
.
file zipped: c:\documents and settings\All Users\Data aplikací\jwbwlod7tjw.reg
file zipped: c:\documents and settings\All Users\Data aplikací\wjt7dolwbwj.jss
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Documents
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\DEBUG.log
c:\windows\system32\drivers\etc\hosts.ics
.
---- Předchozí spuštění -------
.
c:\documents and settings\Patizooon\Plocha\Nahod oblek
c:\documents and settings\Patizooon\Plocha\Nahod oblek
c:\windows\msmqinst.log
c:\windows\regopt.log
c:\windows\system32\Cache\0c80c8177ea7d45f.fb
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\35b4a224dd76fe21.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\44f502ba0f119883.fb
c:\windows\system32\Cache\52d77a928c445404.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\8a62deef6af74104.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\abbbab31994e0885.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\dd115d7ac413707a.fb
c:\windows\system32\Cache\dd8c4a98faba8773.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\e69482a32435f56a.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\frapsvid.dll
c:\windows\unin0405.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Legacy_SSHNAS
-------\Legacy_NPF
-------\Legacy_SSHNAS
-------\Legacy_NPF
-------\Legacy_SSHNAS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-28 )))))))))))))))))))))))))))))))
.
.
2013-12-27 13:25 . 2013-12-27 13:25 -------- d-----w- c:\documents and settings\Administrator
2013-12-27 12:31 . 2013-09-20 09:49 18968 ----a-w- c:\windows\system32\sdnclean.exe
2013-12-27 12:31 . 2013-12-27 12:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-12-27 12:31 . 2013-12-27 12:32 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-12-26 13:37 . 2013-12-26 13:37 -------- d-----w- C:\$AVG-SHREDDER-TMP-dbce6b0e-9652-483b-9d54-6c6518f17e16
2013-12-26 13:21 . 2013-12-26 13:21 -------- d-sh--w- c:\documents and settings\Katka\IECompatCache
2013-12-26 13:10 . 2013-12-26 13:10 -------- d-sh--w- c:\documents and settings\Patizooon\IECompatCache
2013-12-26 13:10 . 2013-12-28 17:31 411 ----a-w- c:\documents and settings\All Users\Data aplikací\jwbwlod7tjw.reg
2013-12-26 13:08 . 2013-12-26 13:08 225280 ----a-w- c:\documents and settings\All Users\Data aplikací\wjt7dolwbwj.jss
2013-12-19 11:24 . 2013-12-19 11:24 -------- d-----w- c:\program files\Seznam.cz
2013-12-19 11:23 . 2013-12-28 17:36 -------- d-----w- c:\documents and settings\Patizooon\Data aplikací\Seznam.cz
2013-12-18 16:41 . 2013-12-18 16:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG 1213b Campaign
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 11:22 . 2008-05-21 14:24 324096 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-11-05 20:50 . 2013-09-25 19:57 120600 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-11-04 20:57 . 2012-12-10 02:28 209176 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-10-31 22:00 . 2011-10-07 05:23 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-10-31 21:30 . 2013-09-02 09:28 222520 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-10-24 21:28 . 2012-04-19 02:50 147768 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-10-13 11:42 . 2004-08-17 13:49 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-13 07:12 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-10-13 07:12 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-13 07:12 . 2004-08-17 13:49 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-13 06:57 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2013-10-12 15:57 . 2004-08-17 13:49 279552 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:13 . 2004-08-17 13:49 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 11:00 . 2004-08-17 13:49 606208 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 01:42 . 2008-05-05 05:25 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-09-30 23:49 . 2011-08-08 05:08 102712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2006-05-21 02:16 . 2006-05-21 02:16 370176 ----a-w- c:\program files\samp.exe
2006-04-05 13:55 . 2006-04-05 13:55 147456 ----a-w- c:\program files\samp_debug.exe
2006-03-24 17:04 . 2006-03-24 17:04 49152 ----a-w- c:\program files\rcon.exe
2004-07-09 02:08 . 2004-07-09 02:08 472576 ----a-w- c:\program files\dxsetup.exe
2004-07-09 02:08 . 2004-07-09 02:08 2242560 ----a-w- c:\program files\dsetup32.dll
2004-07-09 01:03 . 2004-07-09 01:03 62976 ----a-w- c:\program files\DSETUP.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\MICROSOFT ACTIVESYNC\wcescomm.exe" [2006-11-13 1289000]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"cz.seznam.software.autoupdate"="c:\documents and settings\Patizooon\Data aplikací\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\documents and settings\Patizooon\Data aplikací\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
"snpstd"="c:\windows\vsnpstd.exe" [2006-08-23 339968]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-11-07 4956176]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
jwbwlod7tjw.lnk - c:\windows\system32\rundll32.exe c:\docume~1\ALLUSE~1\DATAAP~1\wjt7dolwbwj.jss,GGF0 [2004-8-17 33280]
Think Green Weather.lnk - c:\program files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe [2011-2-25 728576]
.
c:\documents and settings\Patizooon\Nabídka Start\Programy\Po spuštění\
jwbwlod7tjw.lnk - c:\windows\system32\rundll32.exe c:\docume~1\ALLUSE~1\DATAAP~1\wjt7dolwbwj.jss,GGF0 [2004-8-17 33280]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
c:\documents and settings\Default User\Nabídka Start\Programy\Po spuštění\
Think Green Weather.lnk - c:\program files\Stardock\DesktopGadgets\Think Green Weather\Think Green Weather.exe [2011-2-25 728576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 22:34 24576 -c--a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\fastload.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0autocheck OODBS\0c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 12:39 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-08-30 06:04 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
c:\program files\avg secure search\vprot.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Hry\\Valve\\hl.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\{9FEF1A18-8F26-4F49-A5A4-956C12210624}\\setup\\hpznui01.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Steam\\steamapps\\sweet267\\half-life\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\sweet267\\counter-strike\\hl.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Half-Life\\hl.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59038:TCP"= 59038:TCP:Pando P2P TCP Listening Port
"59038:UDP"= 59038:UDP:Pando P2P UDP Listening Port
"56333:TCP"= 56333:TCP:Pando P2P TCP Listening Port
"56333:UDP"= 56333:UDP:Pando P2P UDP Listening Port
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19.4.2012 3:50 147768]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2.9.2013 10:28 222520]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13.9.2011 6:30 27448]
R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [27.7.2008 19:36 15172]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [25.9.2013 20:57 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [10.12.2012 3:28 209176]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23.12.2011 12:32 22840]
R1 AvgTdiX;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11.7.2011 1:14 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [30.8.2012 16:30 33112]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [24.9.2013 1:33 348008]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [27.12.2013 13:31 1042272]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S1 AvgLdx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.10.2011 6:23 176952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [11.11.2013 22:02 3478544]
S2 gupdate1c9eb5d49123c2c;Služba Google Update (gupdate1c9eb5d49123c2c);c:\program files\Google\Update\GoogleUpdate.exe [17.2.2010 18:43 135664]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [27.12.2013 13:31 3921880]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [27.12.2013 13:31 171416]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.2.2013 16:55 1691480]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\PATIZO~1\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\PATIZO~1\LOCALS~1\Temp\CFcatchme.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [17.10.2012 21:21 83168]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [11.1.2010 15:51 41120]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [20.6.2013 18:37 31872]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [20.6.2013 18:37 143264]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [20.6.2013 18:37 32800]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [17.10.2012 21:21 181344]
S3 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [19.3.2012 12:38 2666880]
S3 WinRing0_1_2_0;WinRing0_1_2_0;\??\c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys --> c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-16 17:34]
.
2013-12-28 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-12-27 09:57]
.
2013-12-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-12-27 09:49]
.
2013-12-28 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-12-27 09:51]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.google.com
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\documents and settings\Patizooon\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 10.1.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2013-12-28 20:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(676)
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
c:\program files\Stardock\Object Desktop\WindowBlinds\fastload.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'explorer.exe'(2284)
c:\documents and settings\Patizooon\Data aplikací\Seznam.cz\bin\3949libfoxloader.dll
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\Stardock\MCPCore.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\COMMON~1\Stardock\SDMCP.exe
c:\program files\AVG\AVG2014\avgnsx.exe
c:\windows\RTHDCPL.EXE
c:\progra~1\MICROS~4\rapimgr.exe
c:\documents and settings\Patizooon\Data aplikací\Seznam.cz\bin\szndesktop.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\docume~1\PATIZO~1\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Celkový čas: 2013-12-28 20:12:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-28 19:11
ComboFix2.txt 2013-12-28 17:37
.
Před spuštěním: 9 488 510 976
Po spuštění: 9 417 248 768
.
- - End Of File - - 8B2D7FA9E29B4FA680EB2B6A5F355398
413FC2A0C716421B3158746D63736515
díky
Přispějete na provoz fóra?