OK.zde log...
ComboFix 10-02-11.04 - Libas 12.02.2010 19:03:59.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1023.425 [GMT 1:00]
Spuštěný z: c:\users\Libas\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-3912559354-1635511067-2486957974-1000
c:\program files\ICQ6.5\ICQLRun.exe
c:\users\Libas\AppData\Roaming\inst.exe
c:\windows\system32\AutoRun.inf
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-12 do 2010-02-12 )))))))))))))))))))))))))))))))
.
2010-02-12 18:10 . 2010-02-12 18:10 -------- d-----w- c:\users\Libas\AppData\Local\temp
2010-02-12 18:10 . 2010-02-12 18:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-12 11:43 . 2010-02-12 11:43 -------- d-----w- C:\rsit
2010-02-12 11:43 . 2010-02-12 11:43 -------- d-----w- c:\program files\trend micro
2010-02-12 11:06 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-12 11:06 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-12 11:06 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-12 11:06 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-12 11:06 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-02-12 11:05 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-12 11:05 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-02-10 14:40 . 2010-02-10 14:40 -------- d-----w- c:\program files\CCleaner
2010-02-09 09:27 . 2010-02-12 11:05 -------- d-----w- c:\program files\Alwil Software
2010-02-07 15:03 . 2010-02-12 11:01 -------- d-----w- c:\programdata\Alwil Software
2010-02-04 23:01 . 2010-02-02 11:18 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-02-04 23:01 . 2010-02-02 11:18 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-01-31 15:52 . 2010-01-31 15:52 4263936 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Zebras.tls.dll
2010-01-31 15:40 . 2010-02-02 11:24 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-01-31 15:40 . 2010-02-04 23:00 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-01-27 18:05 . 2010-01-27 18:05 9158 ----a-r- c:\users\Libas\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\DIFX
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\USB TV
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\users\Libas\AppData\Roaming\InstallShield
2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\programdata\ATI
2010-01-27 17:58 . 2010-01-27 17:58 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-27 16:53 . 2010-01-27 16:53 -------- d-----w- C:\ATI
2010-01-27 14:06 . 2010-01-27 14:07 52224 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-27 14:05 . 2010-02-12 12:23 117760 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-27 14:04 . 2010-01-27 14:04 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 16:29 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-25 16:25 . 2008-11-19 18:22 25216 ----a-w- c:\windows\system32\drivers\tap0901.sys
2010-01-25 16:25 . 2010-01-25 16:25 -------- d-----w- c:\program files\S.A.D
2010-01-25 16:04 . 2010-01-25 16:04 -------- d-----w- c:\program files\Common Files\McAfee
2010-01-25 16:04 . 2010-02-02 15:18 -------- d-----w- c:\program files\McAfee
2010-01-21 16:09 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-21 16:09 . 2010-01-21 16:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-21 16:09 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-19 19:45 . 2010-01-19 19:45 -------- d-----w- c:\users\Libas\AppData\Roaming\ATI
2010-01-19 19:45 . 2010-01-19 19:45 -------- d-----w- c:\users\Libas\AppData\Local\ATI
2010-01-19 19:20 . 2010-01-19 19:20 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 11:46 . 2010-02-04 19:05 -------- d-----w- c:\users\Libas\AppData\Roaming\skypePM
2010-01-18 11:45 . 2010-02-04 19:07 -------- d-----w- c:\users\Libas\AppData\Roaming\Skype
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\program files\Common Files\Skype
2010-01-18 11:44 . 2010-01-21 15:50 -------- d-----r- c:\program files\Skype
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\programdata\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-12 18:10 . 2009-11-15 21:37 -------- d-----w- c:\program files\ICQ6.5
2010-02-10 21:23 . 2009-11-15 14:10 -------- d-----w- c:\users\Libas\AppData\Roaming\Vso
2010-02-10 09:55 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-04 11:01 . 2009-11-17 11:20 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 2
2010-01-31 15:40 . 2009-12-09 15:43 -------- d-----w- c:\programdata\TuneUp Software
2010-01-27 18:13 . 2007-01-08 21:09 598600 ----a-w- c:\windows\system32\perfh005.dat
2010-01-27 18:13 . 2007-01-08 21:09 114808 ----a-w- c:\windows\system32\perfc005.dat
2010-01-27 18:05 . 2007-05-10 10:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-27 18:02 . 2009-11-14 23:45 -------- d-----w- c:\program files\ATI Technologies
2010-01-25 16:04 . 2009-11-20 06:57 -------- d-----w- c:\programdata\McAfee
2010-01-18 11:46 . 2010-01-18 11:46 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-14 10:12 . 2009-11-15 01:17 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-02 21:35 . 2009-12-28 17:07 -------- d-----w- c:\programdata\TrackMania
2010-01-02 06:38 . 2010-01-23 10:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 10:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 10:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 10:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-11 11:43 . 2010-02-10 09:52 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 09:52 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 09:52 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 09:52 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 09:52 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 09:52 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-04 18:30 . 2010-02-10 09:52 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 09:52 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 09:52 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 09:52 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 09:52 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 09:52 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 09:52 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 09:52 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 09:52 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 09:52 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 09:52 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-16 19:47 . 2009-11-16 19:32 153846 ----a-w- c:\windows\HPHins15.dat
2009-11-15 22:28 . 2009-11-15 14:10 47360 ----a-w- c:\users\Libas\AppData\Roaming\pcouffin.sys
2009-11-15 22:28 . 2009-11-15 14:10 47360 ----a-w- c:\users\Libas\AppData\Roaming\pcouffin.sys
2009-11-15 21:03 . 2009-11-14 23:43 70104 ----a-w- c:\users\Libas\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-15 19:49 . 2009-11-15 19:49 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-15 17:57 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-15 14:10 . 2009-11-15 14:10 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-11-15 13:31 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-11-15 13:31 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-11-15 05:28 . 2009-11-15 05:28 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-11-15 05:27 . 2009-11-15 05:27 270848 ----a-w- c:\windows\system32\schannel.dll
2009-11-15 03:35 . 2009-11-15 03:35 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-11-15 03:35 . 2009-11-15 03:35 272896 ----a-w- c:\windows\system32\polstore.dll
2009-11-15 03:30 . 2009-11-15 03:30 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-11-15 03:30 . 2009-11-15 03:30 17920 ----a-w- c:\windows\system32\netevent.dll
2009-11-15 03:30 . 2009-11-15 03:30 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-11-15 03:30 . 2009-11-15 03:30 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-11-15 03:30 . 2009-11-15 03:30 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-11-15 03:30 . 2009-11-15 03:30 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-11-15 03:30 . 2009-11-15 03:30 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-11-15 03:30 . 2009-11-15 03:30 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-11-15 03:30 . 2009-11-15 03:30 10240 ----a-w- c:\windows\system32\finger.exe
2009-11-15 03:26 . 2009-11-15 03:26 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-11-15 03:26 . 2009-11-15 03:26 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2009-11-15 03:26 . 2009-11-15 03:26 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-11-15 03:26 . 2009-11-15 03:26 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-11-15 03:26 . 2009-11-15 03:26 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-11-15 03:26 . 2009-11-15 03:26 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-11-15 03:26 . 2009-11-15 03:26 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2009-11-15 03:24 . 2009-11-15 03:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-11-15 03:24 . 2009-11-15 03:24 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-11-15 03:24 . 2009-11-15 03:24 23552 ----a-w- c:\windows\system32\lpk.dll
2009-11-15 03:24 . 2009-11-15 03:24 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-11-15 03:23 . 2009-11-15 03:23 9728 ----a-w- c:\windows\system32\lsass.exe
2009-11-15 03:23 . 2009-11-15 03:23 72704 ----a-w- c:\windows\system32\secur32.dll
2009-11-15 03:23 . 2009-11-15 03:23 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-11-15 03:23 . 2009-11-15 03:23 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-15 03:23 . 2009-11-15 03:23 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-11-15 03:23 . 2009-11-15 03:23 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-11-15 03:20 . 2009-11-15 03:20 98816 ----a-w- c:\windows\system32\mfps.dll
2009-11-15 03:20 . 2009-11-15 03:20 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2009-11-15 03:20 . 2009-11-15 03:20 2868224 ----a-w- c:\windows\system32\mf.dll
2009-11-15 03:20 . 2009-11-15 03:20 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-11-15 03:20 . 2009-11-15 03:20 2048 ----a-w- c:\windows\system32\mferror.dll
2009-11-15 03:13 . 2009-11-15 03:13 71680 ----a-w- c:\windows\system32\atl.dll
2009-11-15 03:04 . 2009-11-15 03:04 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-11-15 03:03 . 2009-11-15 03:03 136192 ----a-w- c:\windows\system32\aaclient.dll
2009-11-15 03:03 . 2009-11-15 03:03 53248 ----a-w- c:\windows\system32\tsgqec.dll
2009-11-15 03:03 . 2009-11-15 03:03 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-11-15 03:01 . 2009-11-15 03:01 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-11-15 02:50 . 2009-11-15 02:50 623616 ----a-w- c:\windows\system32\localspl.dll
2009-11-15 02:49 . 2009-11-15 02:49 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-11-15 02:37 . 2009-11-15 02:37 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-11-15 02:27 . 2009-11-15 02:27 37888 ----a-w- c:\windows\system32\printcom.dll
2009-11-15 02:26 . 2009-11-15 02:26 2036736 ----a-w- c:\windows\system32\win32k.sys
2009-11-15 02:25 . 2009-11-15 02:25 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-11-15 02:24 . 2009-11-15 02:24 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-11-15 01:52 . 2009-11-15 01:52 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-15 01:41 . 2009-11-15 01:41 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-11-15 01:41 . 2009-11-15 01:41 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2009-11-15 01:41 . 2009-11-15 01:41 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2009-11-15 01:41 . 2009-11-15 01:41 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2009-11-15 01:41 . 2009-11-15 01:41 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2009-11-15 01:41 . 2009-11-15 01:41 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2009-11-15 01:41 . 2009-11-15 01:41 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-11-15 01:41 . 2009-11-15 01:41 1696768 ----a-w- c:\windows\system32\gameux.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-10 200812]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-27 14:23 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk]
backup=c:\windows\pss\BDARemote.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Libas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
2007-01-24 08:27 319488 ----a-w- c:\acer\Empowering Technology\SysMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 16:39 151552 ----a-w- c:\acer\AcerTour\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-03-23 11:04 4423680 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-03-16 07:06 1822720 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e2,64,76,0c,12,66,ca,01
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [12.2.2010 12:06 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [28.4.2009 11:33 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [28.4.2009 11:33 74480]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [10.5.2007 11:44 266343]
R2 Acer TV Share Service;Acer TV Share Service;c:\program files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [15.11.2009 0:52 269424]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [12.2.2010 12:06 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [12.2.2010 12:05 53328]
R2 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [25.1.2010 17:25 2211328]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [25.1.2010 17:04 93320]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2.2.2010 12:21 1043784]
R3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\System32\drivers\Ph3xIB32.sys [3.4.2007 10:43 1131136]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S2 0056631265123892mcinstcleanup;McAfee Application Installer Cleanup (0056631265123892);c:\windows\TEMP\005663~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\windows\TEMP\005663~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [15.11.2009 14:13 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [28.4.2009 11:33 7408]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-02-12 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-27 12:51]
2010-02-12 c:\windows\Tasks\User_Feed_Synchronization-{EB858ADB-24C2-4180-B438-FDADE570BFEE}.job
- c:\windows\system32\msfeedssync.exe [2010-01-23 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Libas\AppData\Roaming\Mozilla\Firefox\Profiles\gexu1c6m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox 3.6 Beta 2\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "
http://www.firefox.com");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox 3.6 Beta 2\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-02-12 19:10
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-02-12 19:13:57
ComboFix-quarantined-files.txt 2010-02-12 18:13
Před spuštěním: Volných bajtů: 220 342 620 160
Po spuštění: Volných bajtů: 220 295 892 992
- - End Of File - - F54EDA28098DC01F655849B8C0732503