Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Skype - vir - rozesílá nevyžádanou poštu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Skype - vir - rozesílá nevyžádanou poštu
Na Skype mi přišlo od kámošky - " is this you on pic? Odkaz "- a od té doby se toto rozesílá na všechny adresy. Avast a ani Spybot nic nenašly, ale asi nějaký vir tam bude. Prosím o radu a proto, že sám jsem nedokázal napsat ani tento příspěvek, prosím vyjadřujte se jako když mluvíte s počítačovým analfabetem. Děkuji
Naposledy upravil(a) Caroprd111 dne 12 zář 2010 15:55, celkem upraveno 1 x.
Důvod: Upraven odkaz.
Důvod: Upraven odkaz.
Re: Skype - vir - rozesílá nevyžádanou poštu
Zdravim,
Stahnete OTL
spustte, oznacte "Pro vsechny uzivatele,30 dnů zmente na 7,kliknete na Prohledat,
po skonceni skenu sem vlozte obsah logu z OTL.txt.
Stahnete OTLspustte, oznacte "Pro vsechny uzivatele,30 dnů zmente na 7,kliknete na Prohledat,
po skonceni skenu sem vlozte obsah logu z OTL.txt.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
Také zdravím, díky za odpověď. A teď co je OTL a kde to najdu?
Re: Skype - vir - rozesílá nevyžádanou poštu
Také zdravím, díky za odpověď. A teď co je OTL a kde to najdu?
Re: Skype - vir - rozesílá nevyžádanou poštu
Klepnete na cervene OTL v mem postu,a postupujte dle mych predchozich instrukci.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
Ahá, tak už to mám!
OTL logfile created on: 12.9.2010 18:58:10 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\LADA\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,36 Gb Total Space | 0,33 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Drive D: | 45,16 Gb Total Space | 32,76 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AAA-0FA705C44BE
Current User Name: LADA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.12 18:57:30 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LADA\Dokumenty\Downloads\OTL.exe
PRC - [2010.09.11 19:36:51 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
PRC - [2010.09.09 13:49:02 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.09.09 13:48:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.03 02:58:56 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010.06.23 17:07:02 | 012,315,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2010.05.20 15:19:06 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.11.17 14:50:28 | 000,946,176 | ---- | M] () -- C:\Documents and Settings\LADA\Dokumenty\Atlantis\Atlantis.exe
PRC - [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.04.19 12:41:44 | 000,016,384 | ---- | M] () -- C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.07 15:35:36 | 000,716,800 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2005.05.20 03:11:06 | 000,925,696 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2005.03.11 11:33:28 | 000,147,456 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2005.03.07 21:33:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2003.10.14 19:03:50 | 001,883,199 | ---- | M] (ICQ Inc.) -- C:\Program Files\ICQ\Icq.exe
PRC - [2001.12.20 09:42:00 | 000,035,328 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2001.11.07 11:36:36 | 000,086,016 | ---- | M] (MusicMatch) -- C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
========== Modules (SafeList) ==========
MOD - [2010.09.12 18:57:30 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LADA\Dokumenty\Downloads\OTL.exe
MOD - [2008.04.19 12:41:44 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\LADA\Local Settings\Temp\IadHide3.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2001.12.20 09:42:00 | 000,006,656 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.12.10 22:00:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.09.27 14:05:10 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.19 12:51:32 | 000,027,924 | ---- | M] (MusicMatch, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2005.10.05 11:21:10 | 000,141,312 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005.08.30 01:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005.08.30 01:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005.08.30 01:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005.08.11 07:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004.10.27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001.12.19 12:12:00 | 000,067,694 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.sys -- (LMouFlt2)
DRV - [2001.12.19 12:12:00 | 000,039,932 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.Sys -- (LHidUsb)
DRV - [2001.12.19 12:12:00 | 000,022,206 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.sys -- (LHidFlt2)
DRV - [2001.12.19 12:12:00 | 000,005,838 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys -- (LKbdFlt2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://i24search.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?ei=UT ... f-divxd&p="
FF - prefs.js..browser.search.selectedEngine: "JuicyAccess"
FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://www.juicyaccess.com/search.do?de ... y&keyword="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.09 13:49:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.09 13:49:06 | 000,000,000 | ---D | M]
[2008.08.28 22:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Extensions
[2010.09.12 10:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions
[2010.06.25 09:40:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.09.26 22:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.07.23 08:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\fastdial@telega.phpnet.us
[2010.09.12 11:37:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.26 11:23:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.22 11:33:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.12 18:08:22 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.12 18:08:22 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.12 18:08:22 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.12 18:08:22 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.12 18:08:22 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.09.09 13:58:39 | 000,000,851 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKLM..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe ()
O4 - HKLM..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe (MusicMatch)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe (Matthew Curland writing for Addison-Wesley Professional Publishing)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKCU..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe (Matthew Curland writing for Addison-Wesley Professional Publishing)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.17 17:50:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 7 Days ==========
[2010.09.12 14:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.09.12 14:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Dokumenty\Downloads
[2010.09.12 14:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\Temp
[2010.09.12 14:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2010.09.12 14:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\Google
[2010.09.12 14:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.09.12 14:31:42 | 000,947,592 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\LADA\Plocha\SkypeSetup.exe
[2010.09.12 09:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Plocha\Nepoužívané odkazy plochy
[2010.09.11 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\McAfee
[2010.09.11 19:36:51 | 000,062,976 | RHS- | C] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
[2010.09.11 19:36:41 | 000,062,976 | RHS- | C] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe
[2010.09.09 13:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2010.04.10 18:39:46 | 000,842,376 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WM9Codecs.exe
[2008.08.04 21:23:40 | 000,382,352 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\xpiinstall.exe
[2008.04.17 19:02:43 | 022,690,600 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe
[2008.04.17 19:00:03 | 005,850,032 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.13.exe
[2008.04.17 18:35:12 | 010,050,902 | ---- | C] (http://www.codecpack.com) -- C:\Program Files\Codecs6030_allin1.exe
[2008.04.17 18:29:16 | 009,722,720 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.12 18:38:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.12 17:00:08 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010.09.12 14:38:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 14:35:47 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.09.12 14:31:43 | 000,947,592 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\LADA\Plocha\SkypeSetup.exe
[2010.09.12 12:25:51 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.12 12:25:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.12 12:25:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.12 12:24:04 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\LADA\NTUSER.DAT
[2010.09.12 12:24:04 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\LADA\ntuser.ini
[2010.09.12 09:54:30 | 000,000,655 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.09.12 01:55:33 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.11 19:36:51 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
[2010.09.11 19:36:42 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe
[2010.09.11 17:52:16 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\LADA\intlname.ols
[2010.09.09 13:58:39 | 000,000,851 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.12 14:35:47 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.09.12 14:33:32 | 000,000,936 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.12 14:33:32 | 000,000,932 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.06.27 18:15:26 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009.05.14 16:15:07 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.02.28 20:20:03 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008.12.19 00:02:25 | 000,000,378 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.10 22:13:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.27 20:37:14 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.11.27 20:37:06 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.11.27 20:37:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.11.27 20:37:00 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.09.27 14:26:31 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.27 14:25:28 | 000,000,655 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.27 14:05:09 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.19 23:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.09.19 23:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008.08.09 23:54:23 | 000,000,851 | ---- | C] () -- C:\Program Files\Get OpenOffice.org.lnk
[2008.05.26 18:56:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2008.05.26 18:54:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.05.02 12:37:19 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.19 14:07:17 | 000,000,265 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008.04.19 12:35:22 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2008.04.19 12:35:21 | 000,109,056 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2008.04.17 19:06:48 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.17 18:48:37 | 000,378,310 | ---- | C] () -- C:\Program Files\ICQ_2003b_build_3916_CZ.zip
[2008.04.17 18:45:12 | 000,000,457 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008.04.17 18:44:19 | 004,610,480 | ---- | C] () -- C:\Program Files\icqpro2003b.exe
[2008.04.17 18:16:39 | 021,624,696 | ---- | C] () -- C:\Program Files\setupcze.exe
[2008.04.17 18:10:11 | 000,018,842 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.04.17 18:10:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008.04.17 18:10:05 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.04.17 18:04:35 | 001,644,474 | ---- | C] () -- C:\Program Files\DSL-584T_QIG_final.pdf
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
< End of report >
Ještě jednou díky za ochotu!
OTL logfile created on: 12.9.2010 18:58:10 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\LADA\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,36 Gb Total Space | 0,33 Gb Free Space | 1,13% Space Free | Partition Type: NTFS
Drive D: | 45,16 Gb Total Space | 32,76 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: AAA-0FA705C44BE
Current User Name: LADA
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.09.12 18:57:30 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LADA\Dokumenty\Downloads\OTL.exe
PRC - [2010.09.11 19:36:51 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
PRC - [2010.09.09 13:49:02 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010.09.09 13:48:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.03 02:58:56 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010.06.23 17:07:02 | 012,315,992 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
PRC - [2010.05.20 15:19:06 | 000,196,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009.03.30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.11.17 14:50:28 | 000,946,176 | ---- | M] () -- C:\Documents and Settings\LADA\Dokumenty\Atlantis\Atlantis.exe
PRC - [2008.07.24 17:02:06 | 000,490,952 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2008.04.19 12:41:44 | 000,016,384 | ---- | M] () -- C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.07 15:35:36 | 000,716,800 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2005.05.20 03:11:06 | 000,925,696 | R--- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2005.03.11 11:33:28 | 000,147,456 | ---- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2005.03.07 21:33:28 | 000,053,248 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2003.10.14 19:03:50 | 001,883,199 | ---- | M] (ICQ Inc.) -- C:\Program Files\ICQ\Icq.exe
PRC - [2001.12.20 09:42:00 | 000,035,328 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
PRC - [2001.11.07 11:36:36 | 000,086,016 | ---- | M] (MusicMatch) -- C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
========== Modules (SafeList) ==========
MOD - [2010.09.12 18:57:30 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LADA\Dokumenty\Downloads\OTL.exe
MOD - [2008.04.19 12:41:44 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\LADA\Local Settings\Temp\IadHide3.dll
MOD - [2008.04.14 05:19:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 22:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
MOD - [2001.12.20 09:42:00 | 000,006,656 | ---- | M] (Logitech Inc. ) -- C:\Program Files\Logitech\MouseWare\system\LGMOUSHK.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.03.30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008.07.29 19:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
========== Driver Services (SafeList) ==========
DRV - [2009.11.25 00:50:59 | 000,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.11.25 00:47:54 | 000,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2008.12.10 22:00:10 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.09.27 14:05:10 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.19 12:51:32 | 000,027,924 | ---- | M] (MusicMatch, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2005.10.05 11:21:10 | 000,141,312 | R--- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2005.08.30 01:49:38 | 000,094,000 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdm.sys -- (ssm_mdm)
DRV - [2005.08.30 01:49:34 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_mdfl.sys -- (ssm_mdfl)
DRV - [2005.08.30 01:47:38 | 000,058,320 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssm_bus.sys -- (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM)
DRV - [2005.08.11 07:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004.10.27 15:21:30 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2001.12.19 12:12:00 | 000,067,694 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFlt2.sys -- (LMouFlt2)
DRV - [2001.12.19 12:12:00 | 000,039,932 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsb.Sys -- (LHidUsb)
DRV - [2001.12.19 12:12:00 | 000,022,206 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFlt2.sys -- (LHidFlt2)
DRV - [2001.12.19 12:12:00 | 000,005,838 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys -- (LKbdFlt2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://i24search.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?ei=UT ... f-divxd&p="
FF - prefs.js..browser.search.selectedEngine: "JuicyAccess"
FF - prefs.js..browser.startup.homepage: "chrome://fastdial/content/fastdial.html"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.23b2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://www.juicyaccess.com/search.do?de ... y&keyword="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.09 13:49:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.09 13:49:06 | 000,000,000 | ---D | M]
[2008.08.28 22:00:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Extensions
[2010.09.12 10:03:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions
[2010.06.25 09:40:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.09.26 22:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.07.23 08:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\extensions\fastdial@telega.phpnet.us
[2010.09.12 11:37:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.26 11:23:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.22 11:33:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.12 18:08:22 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.12 18:08:22 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.12 18:08:22 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.12 18:08:22 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.12 18:08:22 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.09.09 13:58:39 | 000,000,851 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [EM_EXEC] C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc. )
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKLM..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe ()
O4 - HKLM..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe (MusicMatch)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe (Matthew Curland writing for Addison-Wesley Professional Publishing)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKCU..\Run: [NVIDIA driver monitor] C:\WINDOWS\nvsvc32.exe (Matthew Curland writing for Addison-Wesley Professional Publishing)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220 208.67.222.222
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.17 17:50:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 7 Days ==========
[2010.09.12 14:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2010.09.12 14:37:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Dokumenty\Downloads
[2010.09.12 14:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\Temp
[2010.09.12 14:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2010.09.12 14:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\Google
[2010.09.12 14:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.09.12 14:31:42 | 000,947,592 | ---- | C] (Skype Technologies S.A.) -- C:\Documents and Settings\LADA\Plocha\SkypeSetup.exe
[2010.09.12 09:51:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LADA\Plocha\Nepoužívané odkazy plochy
[2010.09.11 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\McAfee
[2010.09.11 19:36:51 | 000,062,976 | RHS- | C] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
[2010.09.11 19:36:41 | 000,062,976 | RHS- | C] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe
[2010.09.09 13:54:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2010.04.10 18:39:46 | 000,842,376 | ---- | C] (Microsoft Corporation) -- C:\Program Files\WM9Codecs.exe
[2008.08.04 21:23:40 | 000,382,352 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files\xpiinstall.exe
[2008.04.17 19:02:43 | 022,690,600 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files\SkypeSetup.exe
[2008.04.17 19:00:03 | 005,850,032 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 2.0.0.13.exe
[2008.04.17 18:35:12 | 010,050,902 | ---- | C] (http://www.codecpack.com) -- C:\Program Files\Codecs6030_allin1.exe
[2008.04.17 18:29:16 | 009,722,720 | ---- | C] (Safer Networking Limited ) -- C:\Program Files\spybotsd152.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 7 Days ==========
[2010.09.12 18:38:00 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.12 17:00:08 | 000,000,436 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2010.09.12 14:38:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 14:35:47 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.09.12 14:31:43 | 000,947,592 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\LADA\Plocha\SkypeSetup.exe
[2010.09.12 12:25:51 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.09.12 12:25:26 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.12 12:25:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.12 12:24:04 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\LADA\NTUSER.DAT
[2010.09.12 12:24:04 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\LADA\ntuser.ini
[2010.09.12 09:54:30 | 000,000,655 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2010.09.12 01:55:33 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.11 19:36:51 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\WINDOWS\nvsvc32.exe
[2010.09.11 19:36:42 | 000,062,976 | RHS- | M] (Matthew Curland writing for Addison-Wesley Professional Publishing) -- C:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe
[2010.09.11 17:52:16 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\LADA\intlname.ols
[2010.09.09 13:58:39 | 000,000,851 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.12 14:35:47 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.09.12 14:33:32 | 000,000,936 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.12 14:33:32 | 000,000,932 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.06.27 18:15:26 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009.05.14 16:15:07 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.02.28 20:20:03 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2008.12.19 00:02:25 | 000,000,378 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.12.10 22:13:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.27 20:37:14 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2008.11.27 20:37:06 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.11.27 20:37:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008.11.27 20:37:00 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.09.27 14:26:31 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.09.27 14:25:28 | 000,000,655 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.09.27 14:05:09 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.09.19 23:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008.09.19 23:55:10 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008.08.09 23:54:23 | 000,000,851 | ---- | C] () -- C:\Program Files\Get OpenOffice.org.lnk
[2008.05.26 18:56:45 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2008.05.26 18:54:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.05.02 12:37:19 | 000,032,768 | ---- | C] () -- C:\Documents and Settings\LADA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.19 14:07:17 | 000,000,265 | ---- | C] () -- C:\WINDOWS\ChssBase.ini
[2008.04.19 12:35:22 | 000,000,488 | ---- | C] () -- C:\WINDOWS\Cmousecc.ini
[2008.04.19 12:35:21 | 000,109,056 | ---- | C] () -- C:\WINDOWS\System32\LGUICOM.DLL
[2008.04.17 19:06:48 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2008.04.17 18:48:37 | 000,378,310 | ---- | C] () -- C:\Program Files\ICQ_2003b_build_3916_CZ.zip
[2008.04.17 18:45:12 | 000,000,457 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008.04.17 18:44:19 | 004,610,480 | ---- | C] () -- C:\Program Files\icqpro2003b.exe
[2008.04.17 18:16:39 | 021,624,696 | ---- | C] () -- C:\Program Files\setupcze.exe
[2008.04.17 18:10:11 | 000,018,842 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.04.17 18:10:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008.04.17 18:10:05 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.04.17 18:04:35 | 001,644,474 | ---- | C] () -- C:\Program Files\DSL-584T_QIG_final.pdf
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
< End of report >
Ještě jednou díky za ochotu!
Re: Skype - vir - rozesílá nevyžádanou poštu
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
Tak snad jsem to zvláďl! Jen PC naběhl bez ikonek vpravo dole (Avast, Box,...) Mohu už zase spustit štít?
ComboFix 10-09-11.04 - LADA 12.09.2010 19:46:03.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1471.1056 [GMT 2:00]
Spuštěný z: c:\documents and settings\LADA\Dokumenty\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100912-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\stb06759.tmp
c:\documents and settings\LADA\System
c:\documents and settings\LADA\System\win_qs8.jqx
c:\program files\INSTALL.LOG
C:\setup.exe
c:\windows\nvsvc32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-12 do 2010-09-12 )))))))))))))))))))))))))))))))
.
2010-09-12 12:33 . 2010-09-12 12:36 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-12 09:34 . 2008-04-17 16:44 -------- d-----w- c:\program files\ICQ
2010-09-08 06:21 . 2010-06-15 19:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-22 09:33 . 2008-08-04 19:24 -------- d-----w- c:\program files\Common Files\Java
2010-08-22 09:33 . 2008-08-04 19:25 -------- d-----w- c:\program files\Java
2010-08-16 09:04 . 2004-08-18 10:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 09:04 . 2004-08-18 10:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-08-16 08:06 . 2008-04-18 19:57 -------- d-----w- c:\program files\SPMT
2010-07-22 11:10 . 2008-04-17 22:17 -------- d-----w- c:\program files\STRS
2010-07-17 03:00 . 2010-04-26 09:23 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-18 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:19 . 2006-03-04 03:35 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:19 . 2004-08-18 10:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:19 . 2004-08-18 10:00 17408 ------w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-08-18 10:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-18 10:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-18 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 19:32 . 2010-06-15 19:32 6259064 ----a-w- c:\documents and settings\LADA\Silverlight.exe
2010-04-10 16:39 . 2010-04-10 16:39 842376 ----a-w- c:\program files\WM9Codecs.exe
2008-08-04 19:26 . 2008-08-09 21:54 851 ----a-w- c:\program files\Get OpenOffice.org.lnk
2008-08-04 19:23 . 2008-08-04 19:23 382352 ----a-w- c:\program files\xpiinstall.exe
2008-04-17 17:02 . 2008-04-17 17:02 22690600 ----a-w- c:\program files\SkypeSetup.exe
2008-04-17 17:00 . 2008-04-17 17:00 5850032 ----a-w- c:\program files\Firefox Setup 2.0.0.13.exe
2008-04-17 16:48 . 2008-04-17 16:48 378310 ----a-w- c:\program files\ICQ_2003b_build_3916_CZ.zip
2008-04-17 16:44 . 2008-04-17 16:44 4610480 ----a-w- c:\program files\icqpro2003b.exe
2008-04-17 16:35 . 2008-04-17 16:35 10050902 ----a-w- c:\program files\Codecs6030_allin1.exe
2008-04-17 16:29 . 2008-04-17 16:29 9722720 ----a-w- c:\program files\spybotsd152.exe
2008-04-17 16:16 . 2008-04-17 16:16 21624696 ----a-w- c:\program files\setupcze.exe
2006-06-28 02:08 . 2008-04-17 16:04 1644474 -c--a-w- c:\program files\DSL-584T_QIG_final.pdf
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LDM"="c:\program files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-04-19 16384]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe" [2010-01-27 256280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-07 53248]
"VTTrayp"="VTtrayp.exe" [2005-03-11 147456]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Mirabilis ICQ"="c:\progra~1\ICQ\ICQNet.exe" [2003-10-14 38984]
"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-12-20 35328]
"LDM"="c:\program files\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [2008-04-19 16384]
"MMTray"="c:\program files\MusicMatch\MusicMatch Jukebox\mm_tray.exe" [2001-11-07 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - c:\program files\Desktop Messenger\8876480\Program\LDMConf.exe [2008-4-19 156160]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ\\Icq.exe"=
"c:\\Program Files\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\LADA\\Plocha\\PIC675799074533-JPG-www.facebook.com.exe"= c:\\WINDOWS\\nvsvc32.exe
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17.4.2008 18:19 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.4.2008 18:19 20560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.9.2010 14:33 136176]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2008 14:05 717296]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 12:33]
2010-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 12:33]
2010-09-12 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]
2009-01-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://i24search.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {A6F703EB-6FBF-44FD-82C6-358CD1C478D7} = 208.67.220.220,208.67.222.222
FF - ProfilePath - c:\documents and settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-divxd&p=
FF - prefs.js: browser.search.selectedEngine - JuicyAccess
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
FF - prefs.js: keyword.URL - hxxp://www.juicyaccess.com/search.do?desktopsmiley&keyword=
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-NVIDIA driver monitor - c:\windows\nvsvc32.exe
HKLM-Run-NVIDIA driver monitor - c:\windows\nvsvc32.exe
AddRemove-JuicyAccess Toolbar - c:\documents and settings\All Users\Data aplikací\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe
AddRemove-{1D975A5E-1126-4F46-A423-41781934A63E} - c:\documents and settings\All Users\Data aplikací\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-12 19:53
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MMTray = c:\program files\MusicMatch\MusicMatch Jukebox\mm_tray.exe??)@??????0y?w????????????????~y?w?????????????????? ?????????P????????????!???H?g???g2???f+?g????????(???????)??gP??????gP????<U??:U?????????????Q???2???????0?@???T???T???????????????????U?????Z?O?????
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-09-12 19:55:18
ComboFix-quarantined-files.txt 2010-09-12 17:55
Před spuštěním: 3 007 483 904
Po spuštění: 3 189 964 800
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - A6F283E353B727BDC37B2EC655158B1D
ComboFix 10-09-11.04 - LADA 12.09.2010 19:46:03.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1471.1056 [GMT 2:00]
Spuštěný z: c:\documents and settings\LADA\Dokumenty\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100912-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_DailyVideo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Game.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Logo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Option.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Search.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_Config.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Smiley_TellAFriend.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Wallpaper.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\Module_Web.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\pixel.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ProductInfo.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\profile.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\SearchEngineList.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\tbcore.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\ToolbarLayout.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentre.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\UpdateCentreBk.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLDynamic.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Data\URLStatic.mx
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\About.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Component_ComboBox.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_DailyVideo.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Game.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Logo.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Option.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Search.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Smiley.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Wallpaper.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\Module_Web.mg
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDefault.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnDisplay20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnGlitters20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnOption.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnSmiley20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnTellFd20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink.png
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink18.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Icons\TBBtnWink20.bmp
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin1.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin2.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin3.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\myskin4.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\TellafriendSkin_s.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\TDF\Skins\ToastSkin.skf
c:\documents and settings\LADA\Local Settings\Temporary Internet Files\stb06759.tmp
c:\documents and settings\LADA\System
c:\documents and settings\LADA\System\win_qs8.jqx
c:\program files\INSTALL.LOG
C:\setup.exe
c:\windows\nvsvc32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-12 do 2010-09-12 )))))))))))))))))))))))))))))))
.
2010-09-12 12:33 . 2010-09-12 12:36 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-12 09:34 . 2008-04-17 16:44 -------- d-----w- c:\program files\ICQ
2010-09-08 06:21 . 2010-06-15 19:33 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-22 09:33 . 2008-08-04 19:24 -------- d-----w- c:\program files\Common Files\Java
2010-08-22 09:33 . 2008-08-04 19:25 -------- d-----w- c:\program files\Java
2010-08-16 09:04 . 2004-08-18 10:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 09:04 . 2004-08-18 10:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-08-16 08:06 . 2008-04-18 19:57 -------- d-----w- c:\program files\SPMT
2010-07-22 11:10 . 2008-04-17 22:17 -------- d-----w- c:\program files\STRS
2010-07-17 03:00 . 2010-04-26 09:23 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-30 12:33 . 2004-08-18 10:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:19 . 2006-03-04 03:35 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:19 . 2004-08-18 10:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:19 . 2004-08-18 10:00 17408 ------w- c:\windows\system32\corpol.dll
2010-06-24 09:02 . 2004-08-18 10:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-18 10:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-18 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 19:32 . 2010-06-15 19:32 6259064 ----a-w- c:\documents and settings\LADA\Silverlight.exe
2010-04-10 16:39 . 2010-04-10 16:39 842376 ----a-w- c:\program files\WM9Codecs.exe
2008-08-04 19:26 . 2008-08-09 21:54 851 ----a-w- c:\program files\Get OpenOffice.org.lnk
2008-08-04 19:23 . 2008-08-04 19:23 382352 ----a-w- c:\program files\xpiinstall.exe
2008-04-17 17:02 . 2008-04-17 17:02 22690600 ----a-w- c:\program files\SkypeSetup.exe
2008-04-17 17:00 . 2008-04-17 17:00 5850032 ----a-w- c:\program files\Firefox Setup 2.0.0.13.exe
2008-04-17 16:48 . 2008-04-17 16:48 378310 ----a-w- c:\program files\ICQ_2003b_build_3916_CZ.zip
2008-04-17 16:44 . 2008-04-17 16:44 4610480 ----a-w- c:\program files\icqpro2003b.exe
2008-04-17 16:35 . 2008-04-17 16:35 10050902 ----a-w- c:\program files\Codecs6030_allin1.exe
2008-04-17 16:29 . 2008-04-17 16:29 9722720 ----a-w- c:\program files\spybotsd152.exe
2008-04-17 16:16 . 2008-04-17 16:16 21624696 ----a-w- c:\program files\setupcze.exe
2006-06-28 02:08 . 2008-04-17 16:04 1644474 -c--a-w- c:\program files\DSL-584T_QIG_final.pdf
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"LDM"="c:\program files\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-04-19 16384]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe" [2010-01-27 256280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2005-03-07 53248]
"VTTrayp"="VTtrayp.exe" [2005-03-11 147456]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Mirabilis ICQ"="c:\progra~1\ICQ\ICQNet.exe" [2003-10-14 38984]
"EM_EXEC"="c:\progra~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2001-12-20 35328]
"LDM"="c:\program files\Desktop Messenger\8876480\Program\backWeb-8876480.exe" [2008-04-19 16384]
"MMTray"="c:\program files\MusicMatch\MusicMatch Jukebox\mm_tray.exe" [2001-11-07 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - c:\program files\Desktop Messenger\8876480\Program\LDMConf.exe [2008-4-19 156160]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ\\Icq.exe"=
"c:\\Program Files\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\LADA\\Plocha\\PIC675799074533-JPG-www.facebook.com.exe"= c:\\WINDOWS\\nvsvc32.exe
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [17.4.2008 18:19 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.4.2008 18:19 20560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.9.2010 14:33 136176]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.9.2008 14:05 717296]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 12:33]
2010-09-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 12:33]
2010-09-12 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]
2009-01-22 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2008-04-21 21:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://i24search.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {A6F703EB-6FBF-44FD-82C6-358CD1C478D7} = 208.67.220.220,208.67.222.222
FF - ProfilePath - c:\documents and settings\LADA\Data aplikací\Mozilla\Firefox\Profiles\1ew1ktf8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://uk.search.yahoo.com/search?ei=UTF-8&fr=ytff-divxd&p=
FF - prefs.js: browser.search.selectedEngine - JuicyAccess
FF - prefs.js: browser.startup.homepage - chrome://fastdial/content/fastdial.html
FF - prefs.js: keyword.URL - hxxp://www.juicyaccess.com/search.do?desktopsmiley&keyword=
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-NVIDIA driver monitor - c:\windows\nvsvc32.exe
HKLM-Run-NVIDIA driver monitor - c:\windows\nvsvc32.exe
AddRemove-JuicyAccess Toolbar - c:\documents and settings\All Users\Data aplikací\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe
AddRemove-{1D975A5E-1126-4F46-A423-41781934A63E} - c:\documents and settings\All Users\Data aplikací\{11AE5274-ACE4-48DC-8781-BA074146E52A}\Setup.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-12 19:53
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
MMTray = c:\program files\MusicMatch\MusicMatch Jukebox\mm_tray.exe??)@??????0y?w????????????????~y?w?????????????????? ?????????P????????????!???H?g???g2???f+?g????????(???????)??gP??????gP????<U??:U?????????????Q???2???????0?@???T???T???????????????????U?????Z?O?????
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-09-12 19:55:18
ComboFix-quarantined-files.txt 2010-09-12 17:55
Před spuštěním: 3 007 483 904
Po spuštění: 3 189 964 800
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - A6F283E353B727BDC37B2EC655158B1D
Re: Skype - vir - rozesílá nevyžádanou poštu
Stahnete si OTM , spustte (pokud mate vistu spuste run as administrator) a do leveho policka se zlutym hornim okrajem Paste Instructions for Items to be Moved zkopirujte toto:
Kód: Vybrat vše
:processes
explorer.exe
:files
c:\WINDOWS\nvsvc32.exe
c:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe
:services
:reg
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe"=-
:commands
[emptytemp]
[resethosts]
[start explorer]
[reboot]
Kliknete na MoveIt, v okne se zelenym hornim okrajem Results se objevi vysledek,obsah okna zkopirujte sem. Kdyby OTMoveIt vyzadoval restart - povolit. Nasledujici log najdete v C:\_OTMoveIt\MovedFiles\xxxxx.log (x je zastupny znak) ktery otevrete v poznamkovem bloku.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\WINDOWS\nvsvc32.exe not found.
c:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LADA
->Temp folder emptied: 562806 bytes
->Temporary Internet Files folder emptied: 781228694 bytes
->Java cache emptied: 81882986 bytes
->FireFox cache emptied: 118733959 bytes
->Google Chrome cache emptied: 22389029 bytes
->Flash cache emptied: 159957 bytes
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2167051 bytes
%systemroot%\System32 .tmp files removed: 9815496 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33251 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 970,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.16.0 log created on 09122010_205533
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5d0.dat moved successfully.
Registry entries deleted on Reboot...
Snad je to správné...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\WINDOWS\nvsvc32.exe not found.
c:\Documents and Settings\LADA\Plocha\PIC675799074533-JPG-www.facebook.com.exe moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: LADA
->Temp folder emptied: 562806 bytes
->Temporary Internet Files folder emptied: 781228694 bytes
->Java cache emptied: 81882986 bytes
->FireFox cache emptied: 118733959 bytes
->Google Chrome cache emptied: 22389029 bytes
->Flash cache emptied: 159957 bytes
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2167051 bytes
%systemroot%\System32 .tmp files removed: 9815496 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33251 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 970,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.16.0 log created on 09122010_205533
Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_5d0.dat moved successfully.
Registry entries deleted on Reboot...
Snad je to správné...
Re: Skype - vir - rozesílá nevyžádanou poštu
Ok,jak se chova pc nyni?
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
No, vlastně nevím, protože jsem ten skype ještě nenainstaloval. Myslíš, že už to bude v pohodě a že už nic rozesílat nebude?
Mám ty programy zase všechny smazat, nebo ne?
Láďa
Mám ty programy zase všechny smazat, nebo ne?
Láďa
Re: Skype - vir - rozesílá nevyžádanou poštu
Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho.
Stahnete OTCspustte a klepnete na CleanUp.
Vycistete pc Ccleanerem.Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.
Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich
(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo
)Aplikace-u prohlizecu internetu odskrtnout Historii internetu.
Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy
(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).
Taktez 2x-3x po sobe.
Pote nainstalujte Skype a po prihlaseni v nem zmente pristupove heslo.A hotovo.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Skype - vir - rozesílá nevyžádanou poštu
V posledních bodech jsem se ztratil, ale Skype jsem nahodil a zatím nic neodeslal. Za to moc díky. A nyní trochu jasněji - mám ty programy smazat či ne? L.
Re: Skype - vir - rozesílá nevyžádanou poštu
Jak jsem psal v predchozim postu - stahnete OTC,poklepte na nej a klepnete na Clean Up - to vam vycisti pc od zbylych souborech po odvirovacich utilitach.
Manualne odebirat odvirovaci programy neni idealni,proto na to jsou specialni utility.
Manualne odebirat odvirovaci programy neni idealni,proto na to jsou specialni utility.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Přispějete na provoz fóra?