ComboFix 10-10-04.02 - Milka 05.10.2010 18:26:18.1.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.2046.1322 [GMT 2:00]
Running from: c:\documents and settings\Milka\Desktop\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Start Menu\HP Image Zone .lnk
c:\documents and settings\All Users\Start Menu\Programs\Startup\services.exe
c:\windows\system32\tmp.reg
.
((((((((((((((((((((((((( Files Created from 2010-09-05 to 2010-10-05 )))))))))))))))))))))))))))))))
.
2010-09-27 16:26 . 2010-09-27 16:26 -------- d-----w- c:\documents and settings\Milka\Local Settings\Application Data\OLYMPUS
2010-09-27 16:23 . 2010-09-27 16:23 -------- d-----w- c:\program files\Olympus
2010-09-27 16:21 . 2010-09-27 16:21 36864 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{89A43E80-AC6C-4DA8-9800-F4B30ED577C0}\PostBuild.exe
2010-09-27 16:18 . 2010-09-27 16:18 93783440 ----a-w- c:\documents and settings\All Users\Application Data\OLYMPUS\ib\CameraBackup\000J6Q218683\SETUP.EXE
2010-09-27 16:18 . 2010-09-27 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\OLYMPUS
2010-09-27 16:17 . 2009-09-10 13:58 29328 ----a-w- c:\windows\system32\OlyClsInstCC.dll
2010-09-27 16:17 . 2009-09-10 13:58 21648 ----a-w- c:\windows\system32\drivers\OlyCamComm.sys
2010-09-15 12:35 . 2010-09-15 12:35 -------- d-----w- c:\documents and settings\Milka\Application Data\Gamelab
2010-09-10 18:10 . 2010-10-05 16:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Barbie Fashion Show
2010-09-10 18:09 . 2010-09-10 18:09 -------- d-----w- c:\program files\Barbie(TM)
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-05 16:17 . 2009-07-07 18:26 -------- d-----w- c:\documents and settings\Milka\Application Data\Desktop Sidebar
2010-10-05 16:17 . 2009-06-27 14:24 -------- d-----w- c:\documents and settings\Milka\Application Data\Free Download Manager
2010-10-05 16:07 . 2009-07-07 18:51 -------- d-----w- c:\program files\Google
2010-10-05 16:07 . 2010-10-05 16:06 -------- d-----w- c:\documents and settings\Milka\Application Data\CyberLink
2010-10-05 16:06 . 2010-06-17 19:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-10-05 16:06 . 2010-10-05 16:06 -------- d-----w- c:\program files\DIFX
2010-10-05 16:05 . 2010-10-05 16:05 -------- d-----w- c:\program files\City Interactive
2010-09-28 04:18 . 2009-07-29 13:00 -------- d-----w- c:\documents and settings\Milka\Application Data\Vso
2010-09-27 16:28 . 2009-06-24 21:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-16 18:10 . 2009-07-17 14:53 -------- d-----w- c:\documents and settings\Milka\Application Data\Skype
2010-09-16 17:25 . 2009-07-17 14:54 -------- d-----w- c:\documents and settings\Milka\Application Data\skypePM
2010-09-15 12:13 . 2009-10-29 21:12 -------- d-----w- c:\documents and settings\Milka\Application Data\Wildfire
2010-09-11 11:15 . 2009-06-26 20:14 -------- d-----w- c:\documents and settings\Milka\Application Data\ICQ
2010-08-31 15:34 . 2009-06-29 16:44 -------- d-----w- c:\program files\Electronic Arts
2010-08-31 15:31 . 2010-07-26 19:27 -------- d-----w- c:\program files\AGEIA Technologies
2010-08-11 18:05 . 2009-09-11 18:53 -------- d-----w- c:\program files\upnito.sk manager
2010-08-09 16:19 . 2010-08-07 11:37 -------- d-----w- c:\program files\ICQ6.5
2010-08-09 14:37 . 2009-06-26 20:14 -------- d-----w- c:\program files\ICQ6Toolbar
2010-08-07 11:26 . 2010-08-07 11:23 -------- d-----w- c:\program files\ICQ7.2
2010-08-07 09:43 . 2009-06-26 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2010-07-25 18:19 . 2010-08-15 18:20 52224 ----a-w- c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
2010-07-25 18:19 . 2010-08-15 18:20 101376 ----a-w- c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
2010-07-15 15:37 . 2010-07-15 15:36 71 ----a-w- c:\windows\UUpoad00C026881744aHR0cDp1cGxvYWRlcnZlcnNhbHNvZnRjb21VcGxvYWRlckRlbW9VcGxvYWREZWFsYXM=.dat
2010-07-11 16:12 . 2010-07-11 16:12 503808 ----a-w- c:\documents and settings\Milka\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-61e47107-n\msvcp71.dll
2010-07-11 16:12 . 2010-07-11 16:12 499712 ----a-w- c:\documents and settings\Milka\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-61e47107-n\jmc.dll
2010-07-11 16:12 . 2010-07-11 16:12 348160 ----a-w- c:\documents and settings\Milka\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-61e47107-n\msvcr71.dll
2009-10-05 17:34 . 2009-12-26 15:47 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2009-01-02 3399727]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"SIDEBAR"="c:\program files\Desktop Sidebar\dsidebar.exe" [2006-07-09 1777664]
"Google Update"="c:\documents and settings\Milka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-04 135664]
"Olympus ib"="c:\program files\Olympus\ib\olycamdetect.exe" [2010-02-04 93376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-06-24 949376]
"RTHDCPL"="RTHDCPL.EXE" [2008-11-17 17676288]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Six Engine"="c:\program files\ASUS\Six Engine\SixEngine.exe" [2008-11-13 5974528]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-03 524632]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-22 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2010-01-09 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2010-01-09 1655552]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"MDS_Menu"="c:\program files\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
c:\documents and settings\Milka\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2009-7-7 3581680]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [24.6.2009 23:12 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [8.7.2009 6:16 64160]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [13.10.2005 15:46 35328]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [9.1.2010 19:05 87056]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9.1.2010 19:05 24208]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [24.6.2009 23:15 15424]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [26.6.2009 22:14 222968]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 1029456]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28.3.2010 8:56 136176]
S3 FlrnUSB;Leadtek USB Network Interface;c:\windows\system32\drivers\LtkUSB.sys [31.5.2010 17:29 41907]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [27.9.2010 18:17 21648]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [24.6.2009 23:12 160640]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.6.2009 14:59 721904]
.
Contents of the 'Scheduled Tasks' folder
2010-10-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 05:16]
2010-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-28 06:56]
2010-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-28 06:56]
2010-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1454471165-839522115-1003Core.job
- c:\documents and settings\Milka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-04 15:08]
2010-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-1454471165-839522115-1003UA.job
- c:\documents and settings\Milka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-04 15:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uInternet Settings,ProxyOverride = *.local
IE: Prevziať pomocou FDM - file://c:\program files\Free Download Manager\dllink.htm
IE: Prevziať video pomocou FDM - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Prevziať vybrané pomocou FDM - file://c:\program files\Free Download Manager\dlselected.htm
IE: Prevziať všetko pomocou FDM - file://c:\program files\Free Download Manager\dlall.htm
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
FF - prefs.js: keyword.URL - hxxp://ws.infospace.com/coolchaser_game/ws/redir?_iceUrl=true&user_id=35640223&tool_id=60531&qkw=
FF - component: c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}\components\Engine.dll
FF - component: c:\documents and settings\Milka\Application Data\Mozilla\Firefox\Profiles\pezygbh1.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll
FF - plugin: c:\documents and settings\Milka\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Milka\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(848)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(904)
c:\windows\system32\imon.dll
- - - - - - - > 'explorer.exe'(3112)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
.
**************************************************************************
.
Completion time: 2010-10-05 18:35:31 - machine was rebooted
ComboFix-quarantined-files.txt 2010-10-05 16:35
Pre-Run: 35 639 537 664 bytes free
Post-Run: 12 adresárov, 35 492 802 560 voľných bajtov
- - End Of File - - 75E0EC81BEB5405747A281CE239E5609
Tu je log - zatiaľ to ide lepšie - ak by opäť vyskočilo to okno - napíšem. 
Přispějete na provoz fóra?