Re: prosim o kontrolu logu - zasekany pc
Napsal: 07 dub 2011 18:41
Soubory smažte. Já mohu hodnotit pouze logy, je klidně možné, že se někam něco schová, ale není to aktivní. Pokud by soubory nešly smazat, dejte vědět.
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
prosim o kontrolu logu - zasekany pc
Stránka 2 z 2
Re: prosim o kontrolu logu - zasekany pc
Napsal: 20 dub 2011 13:10
z avastu jsem smazal ale nevim s tim riskware - Monitor.Win32.Amplusnet - C:\Documents and Settings\All Users.Windows\Data aplikací\SystemKey\SysScrCap.exe ,jen ten SysScrCap.exe nebo celou slozku ? nechci udelat spatnej krok aby me kvuli temu pak nesel pc nebo tak podobne
Re: prosim o kontrolu logu - zasekany pc
Napsal: 20 dub 2011 17:06
Otestujte ten soubor na www.virustotal.com . Výsledek oznamte.
Re: prosim o kontrolu logu - zasekany pc
Napsal: 20 dub 2011 21:03
Re: prosim o kontrolu logu - zasekany pc
Napsal: 20 dub 2011 21:09
Je to šmejd. Odstraníme ho takto. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.Collect::
C:\Documents and Settings\All Users.Windows\Data aplikací\SystemKey\SysScrCap.exe
Re: prosim o kontrolu logu - zasekany pc
Napsal: 20 dub 2011 22:50
tak tady to je po mensi rozepre s pc ,trochu trvalo -
ComboFix 11-04-20.01 - Tester 20.04.2011 23:01:27.13.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.304 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tester\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tester\Plocha\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
file zipped: c:\documents and settings\All Users.Windows\Data aplikací\SystemKey\SysScrCap.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-20 do 2011-04-20 )))))))))))))))))))))))))))))))
.
.
2011-04-20 06:13 . 2011-04-20 06:13 -------- d-----w- c:\program files\Firefly Studios
2011-04-20 06:12 . 2004-10-22 00:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-04-20 06:12 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-04-20 06:12 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-04-20 06:12 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-04-20 06:12 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-04-20 06:12 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-04-20 06:12 . 2011-04-20 06:12 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-04-20 06:12 . 2011-04-20 06:12 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-04-19 22:15 . 2011-04-19 22:15 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Prison Break
2011-04-19 22:14 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-04-19 22:14 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-04-19 22:14 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-04-19 22:14 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-04-19 22:14 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-04-19 22:14 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-04-19 22:14 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-04-19 22:14 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-04-19 22:12 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2011-04-19 22:10 . 2011-04-19 22:11 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-19 22:10 . 2011-04-19 22:10 -------- d-----w- c:\windows\Logs
2011-04-19 20:39 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2011-04-19 20:39 . 2011-04-20 12:36 -------- d-----w- c:\program files\Cheat Engine
2011-04-19 11:31 . 2011-04-19 11:32 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\vlc
2011-04-18 09:42 . 2011-04-18 18:16 -------- d-----w- c:\program files\SpeedFan
2011-04-12 16:24 . 2011-04-12 16:24 -------- d-----w- c:\program files\VstPlugins
2011-04-12 16:24 . 2011-04-12 16:24 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Publish Providers
2011-04-12 16:22 . 2011-04-12 16:22 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Sony
2011-04-11 12:26 . 2011-04-11 12:26 -------- d-----w- c:\program files\uTorrent
2011-04-11 09:43 . 2010-01-13 10:28 155648 ----a-w- c:\windows\system32\igfxCoIn_v5218.dll
2011-04-11 09:43 . 2011-04-11 09:43 -------- d-----w- C:\Intel
2011-04-11 09:40 . 2011-04-11 09:40 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-11 08:25 . 2011-04-19 20:51 -------- d-----w- c:\program files\Warcraft III
2011-04-05 16:55 . 2011-04-05 16:55 -------- d-----w- C:\found.000
2011-04-04 19:31 . 2011-04-04 19:31 -------- d-----w- c:\program files\EA Sports
2011-04-04 19:30 . 2007-04-30 14:29 49152 ----a-w- c:\program files\Mozilla Firefox\plugins\np32dsw.dll
2011-04-04 19:22 . 2011-04-04 19:22 -------- d--h--r- c:\documents and settings\Tester\Data aplikací\SecuROM
2011-04-04 16:49 . 2011-04-04 16:49 -------- d-----w- c:\program files\GameSpy Arcade
2011-04-04 16:33 . 2011-04-04 16:33 -------- d-----w- c:\program files\Aspyr
2011-04-04 14:04 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-04 14:04 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-04 14:04 . 2011-04-18 17:18 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-04-04 14:03 . 2011-04-18 17:17 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-04-04 14:03 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-04 14:03 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-04 14:03 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-04 14:03 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-04 14:03 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-04 14:03 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-04 14:01 . 2011-02-23 12:34 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-04-04 14:01 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-04 14:01 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-04 13:59 . 2011-04-04 13:59 -------- d-----w- c:\program files\AVAST Software
2011-04-04 13:59 . 2011-04-04 13:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2011-04-04 13:48 . 2011-04-04 13:48 -------- d-----w- c:\documents and settings\Tester\Local Settings\Data aplikací\Nokia
2011-04-04 10:09 . 2011-04-04 10:09 -------- d-----w- c:\program files\Astroburn Toolbar
2011-04-04 10:09 . 2011-04-04 10:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Astroburn Lite
2011-04-04 10:08 . 2011-04-04 10:09 -------- d-----w- c:\program files\Astroburn Lite
2011-04-04 09:46 . 2011-04-04 10:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-04 09:45 . 2011-04-20 10:35 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-04-04 09:44 . 2011-04-04 09:46 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-04-04 09:44 . 2011-04-04 10:06 -------- d-----w- c:\documents and settings\Tester\Data aplikací\DAEMON Tools Lite
2011-04-04 09:44 . 2011-04-04 09:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
2011-04-03 22:48 . 2011-04-11 21:15 -------- d-----w- c:\documents and settings\Tester\Data aplikací\vlc
2011-04-03 22:27 . 2011-04-20 09:38 -------- d-----w- c:\program files\World of Warcraft
2011-04-03 19:23 . 2011-04-03 19:23 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\ESET
2011-04-01 08:51 . 2011-04-01 08:51 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY\Local Settings\Data aplikací\ESET
2011-04-01 08:50 . 2011-04-01 08:50 -------- d-----w- c:\documents and settings\Tester\Local Settings\Data aplikací\ESET
2011-03-31 12:55 . 2011-04-06 20:52 -------- d-----w- c:\documents and settings\Tester\Users - new
2011-03-31 09:17 . 2011-03-31 09:17 -------- d-----w- c:\documents and settings\Tester\Data aplikací\DDMSettings
2011-03-31 09:07 . 2011-04-11 09:21 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-03-30 23:53 . 2011-04-01 07:57 -------- d-----w- c:\program files\ArtisanDVDPlayer
2011-03-30 08:13 . 2011-03-30 08:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\SystemKey
2011-03-30 07:21 . 2011-04-03 21:19 -------- d-----w- c:\program files\DSE
2011-03-30 00:05 . 2011-03-30 00:05 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\DDMSettings
2011-03-29 23:42 . 2011-03-29 23:43 -------- d-----w- c:\documents and settings\Tomáš\Local Settings\Data aplikací\Temp
2011-03-29 17:18 . 2011-03-29 17:19 -------- d-----w- c:\program files\coolpro2
2011-03-29 13:49 . 2011-03-29 13:49 -------- d-----w- c:\documents and settings\Tester\Data aplikací\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-12-05 16:00 . 2005-12-05 16:00 74448 ------w- c:\program files\DSETUP.dll
2005-12-05 16:00 . 2005-12-05 16:00 484560 ------w- c:\program files\DXSETUP.exe
2005-12-05 16:00 . 2005-12-05 16:00 2247888 ------w- c:\program files\dsetup32.dll
2006-05-03 09:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 -csh--r- c:\windows\system32\msfDX.dll
.
.
------- Sigcheck -------
.
[-] 2008-06-12 . C71BB4782833750BF4C02AC30ED670B7 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-08-15 30003200]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Spyware Doctor"="c:\program files\Spyware Doctor\swdoctor.exe" [2006-09-06 2128016]
.
c:\documents and settings\eva\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Media Player.lnk - [N/A]
Registration Open Season.LNK - c:\program files\Ubisoft\Open Season Demo\RegistrationReminder\RegistrationReminder.exe [N/A]
Stardock ObjectDock.lnk - c:\windows\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe [N/A]
Y'z ToolBar.lnk - c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [N/A]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^DynDNS Updater Tray Icon.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-13 18:53 136176 ----atw- c:\documents and settings\Tester\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-01-13 09:46 134656 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\documents and settings\Tester\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 06:16 528384 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-08 19:59 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
2006-04-07 07:58 339968 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\SystemKey\SystemKey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-05-18 18:40 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Tester\\QIP\\qip.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"6112:TCP"= 6112:TCP:Warcraft III
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [4.4.2011 16:01 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [4.4.2011 16:03 192984]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [4.4.2011 16:04 102232]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.4.2011 16:03 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4.4.2011 16:04 307288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4.4.2011 11:46 218688]
R1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [10.11.2006 15:08 24064]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.4.2011 16:04 19544]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [4.4.2011 16:00 121000]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.11.2009 12:10 845184]
S2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.4.2010 18:19 103800]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 11:58 11336]
S3 fsbl;F-Secure BlackLight Engine Driver;\??\c:\program files\F-Secure\Anti-Virus\fsbldrv.sys --> c:\program files\F-Secure\Anti-Virus\fsbldrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7.2.2010 20:10 36608]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 22:22 34064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1644491937-1177238915-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1644491937-1177238915-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1644491937-1177238915-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1644491937-1177238915-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\User_Feed_Synchronization-{C9CF8B0A-117E-4894-B44F-6AF8EDF5C2CD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = astroburn-search.com
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {D565CCAF-82C2-40AF-87DA-241A93E820F1} = 216.146.35.35,216.146.36.36
FF - ProfilePath - c:\documents and settings\Tester\Data aplikací\Mozilla\Firefox\Profiles\zwlq49d7.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-20 23:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3700)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-04-20 23:44:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-20 21:44
ComboFix2.txt 2011-04-20 13:39
ComboFix3.txt 2011-04-05 20:36
ComboFix4.txt 2010-08-26 22:30
ComboFix5.txt 2011-04-20 20:50
.
Před spuštěním: Volných bajtů: 21 149 614 080
Po spuštění: Volných bajtů: 21 029 253 120
.
- - End Of File - - 5886357597AE32AF9C091F5023A58FF1
Nahr nˇ probŘhlo ŁspŘçnŘ
ComboFix 11-04-20.01 - Tester 20.04.2011 23:01:27.13.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.304 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tester\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tester\Plocha\CFScript.txt
AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
file zipped: c:\documents and settings\All Users.Windows\Data aplikací\SystemKey\SysScrCap.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-20 do 2011-04-20 )))))))))))))))))))))))))))))))
.
.
2011-04-20 06:13 . 2011-04-20 06:13 -------- d-----w- c:\program files\Firefly Studios
2011-04-20 06:12 . 2004-10-22 00:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-04-20 06:12 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-04-20 06:12 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-04-20 06:12 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-04-20 06:12 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-04-20 06:12 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-04-20 06:12 . 2011-04-20 06:12 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-04-20 06:12 . 2011-04-20 06:12 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-04-19 22:15 . 2011-04-19 22:15 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Prison Break
2011-04-19 22:14 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2011-04-19 22:14 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2011-04-19 22:14 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2011-04-19 22:14 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2011-04-19 22:14 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-04-19 22:14 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2011-04-19 22:14 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2011-04-19 22:14 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2011-04-19 22:14 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2011-04-19 22:12 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2011-04-19 22:10 . 2011-04-19 22:11 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-19 22:10 . 2011-04-19 22:10 -------- d-----w- c:\windows\Logs
2011-04-19 20:39 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2011-04-19 20:39 . 2011-04-20 12:36 -------- d-----w- c:\program files\Cheat Engine
2011-04-19 11:31 . 2011-04-19 11:32 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\vlc
2011-04-18 09:42 . 2011-04-18 18:16 -------- d-----w- c:\program files\SpeedFan
2011-04-12 16:24 . 2011-04-12 16:24 -------- d-----w- c:\program files\VstPlugins
2011-04-12 16:24 . 2011-04-12 16:24 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Publish Providers
2011-04-12 16:22 . 2011-04-12 16:22 -------- d-----w- c:\documents and settings\Tester\Data aplikací\Sony
2011-04-11 12:26 . 2011-04-11 12:26 -------- d-----w- c:\program files\uTorrent
2011-04-11 09:43 . 2010-01-13 10:28 155648 ----a-w- c:\windows\system32\igfxCoIn_v5218.dll
2011-04-11 09:43 . 2011-04-11 09:43 -------- d-----w- C:\Intel
2011-04-11 09:40 . 2011-04-11 09:40 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-11 08:25 . 2011-04-19 20:51 -------- d-----w- c:\program files\Warcraft III
2011-04-05 16:55 . 2011-04-05 16:55 -------- d-----w- C:\found.000
2011-04-04 19:31 . 2011-04-04 19:31 -------- d-----w- c:\program files\EA Sports
2011-04-04 19:30 . 2007-04-30 14:29 49152 ----a-w- c:\program files\Mozilla Firefox\plugins\np32dsw.dll
2011-04-04 19:22 . 2011-04-04 19:22 -------- d--h--r- c:\documents and settings\Tester\Data aplikací\SecuROM
2011-04-04 16:49 . 2011-04-04 16:49 -------- d-----w- c:\program files\GameSpy Arcade
2011-04-04 16:33 . 2011-04-04 16:33 -------- d-----w- c:\program files\Aspyr
2011-04-04 14:04 . 2011-04-18 17:17 307288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-04-04 14:04 . 2011-04-18 17:12 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-04 14:04 . 2011-04-18 17:18 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2011-04-04 14:03 . 2011-04-18 17:17 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2011-04-04 14:03 . 2011-04-18 17:13 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-04-04 14:03 . 2011-04-18 17:16 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-04-04 14:03 . 2011-04-18 17:17 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-04 14:03 . 2011-04-18 17:16 102488 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-04-04 14:03 . 2011-04-18 17:16 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-04-04 14:03 . 2011-04-18 17:13 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-04-04 14:01 . 2011-02-23 12:34 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys
2011-04-04 14:01 . 2011-04-18 17:25 40112 ----a-w- c:\windows\avastSS.scr
2011-04-04 14:01 . 2011-04-18 17:25 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-04-04 13:59 . 2011-04-04 13:59 -------- d-----w- c:\program files\AVAST Software
2011-04-04 13:59 . 2011-04-04 13:59 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\AVAST Software
2011-04-04 13:48 . 2011-04-04 13:48 -------- d-----w- c:\documents and settings\Tester\Local Settings\Data aplikací\Nokia
2011-04-04 10:09 . 2011-04-04 10:09 -------- d-----w- c:\program files\Astroburn Toolbar
2011-04-04 10:09 . 2011-04-04 10:09 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\Astroburn Lite
2011-04-04 10:08 . 2011-04-04 10:09 -------- d-----w- c:\program files\Astroburn Lite
2011-04-04 09:46 . 2011-04-04 10:03 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-04 09:45 . 2011-04-20 10:35 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-04-04 09:44 . 2011-04-04 09:46 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-04-04 09:44 . 2011-04-04 10:06 -------- d-----w- c:\documents and settings\Tester\Data aplikací\DAEMON Tools Lite
2011-04-04 09:44 . 2011-04-04 09:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\DAEMON Tools Lite
2011-04-03 22:48 . 2011-04-11 21:15 -------- d-----w- c:\documents and settings\Tester\Data aplikací\vlc
2011-04-03 22:27 . 2011-04-20 09:38 -------- d-----w- c:\program files\World of Warcraft
2011-04-03 19:23 . 2011-04-03 19:23 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Data aplikací\ESET
2011-04-01 08:51 . 2011-04-01 08:51 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY\Local Settings\Data aplikací\ESET
2011-04-01 08:50 . 2011-04-01 08:50 -------- d-----w- c:\documents and settings\Tester\Local Settings\Data aplikací\ESET
2011-03-31 12:55 . 2011-04-06 20:52 -------- d-----w- c:\documents and settings\Tester\Users - new
2011-03-31 09:17 . 2011-03-31 09:17 -------- d-----w- c:\documents and settings\Tester\Data aplikací\DDMSettings
2011-03-31 09:07 . 2011-04-11 09:21 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-03-30 23:53 . 2011-04-01 07:57 -------- d-----w- c:\program files\ArtisanDVDPlayer
2011-03-30 08:13 . 2011-03-30 08:13 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Data aplikací\SystemKey
2011-03-30 07:21 . 2011-04-03 21:19 -------- d-----w- c:\program files\DSE
2011-03-30 00:05 . 2011-03-30 00:05 -------- d-----w- c:\documents and settings\Tomáš\Data aplikací\DDMSettings
2011-03-29 23:42 . 2011-03-29 23:43 -------- d-----w- c:\documents and settings\Tomáš\Local Settings\Data aplikací\Temp
2011-03-29 17:18 . 2011-03-29 17:19 -------- d-----w- c:\program files\coolpro2
2011-03-29 13:49 . 2011-03-29 13:49 -------- d-----w- c:\documents and settings\Tester\Data aplikací\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-12-05 16:00 . 2005-12-05 16:00 74448 ------w- c:\program files\DSETUP.dll
2005-12-05 16:00 . 2005-12-05 16:00 484560 ------w- c:\program files\DXSETUP.exe
2005-12-05 16:00 . 2005-12-05 16:00 2247888 ------w- c:\program files\dsetup32.dll
2006-05-03 09:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 -csh--r- c:\windows\system32\msfDX.dll
.
.
------- Sigcheck -------
.
[-] 2008-06-12 . C71BB4782833750BF4C02AC30ED670B7 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-04-18 17:25 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2008-08-15 30003200]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-04-18 3460784]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-13 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-13 135680]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Spyware Doctor"="c:\program files\Spyware Doctor\swdoctor.exe" [2006-09-06 2128016]
.
c:\documents and settings\eva\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Media Player.lnk - [N/A]
Registration Open Season.LNK - c:\program files\Ubisoft\Open Season Demo\RegistrationReminder\RegistrationReminder.exe [N/A]
Stardock ObjectDock.lnk - c:\windows\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe [N/A]
Y'z ToolBar.lnk - c:\windows\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [N/A]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^DynDNS Updater Tray Icon.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-04-13 18:53 136176 ----atw- c:\documents and settings\Tester\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-01-13 09:46 134656 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]
2009-01-08 13:44 70936 ----a-w- c:\documents and settings\Tester\Data aplikací\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 03:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 06:16 528384 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-08 19:59 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
2006-04-07 07:58 339968 ----a-w- c:\documents and settings\All Users.WINDOWS\Data aplikací\SystemKey\SystemKey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-05-18 18:40 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Tester\\QIP\\qip.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Legends\\StrongholdLegends.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"6112:TCP"= 6112:TCP:Warcraft III
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
.
R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [4.4.2011 16:01 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [4.4.2011 16:03 192984]
R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [4.4.2011 16:04 102232]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [4.4.2011 16:03 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4.4.2011 16:04 307288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [4.4.2011 11:46 218688]
R1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [10.11.2006 15:08 24064]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [30.7.2008 7:51 277736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.4.2011 16:04 19544]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [4.4.2011 16:00 121000]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [6.11.2009 12:10 845184]
S2 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.4.2010 18:19 103800]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 11:58 11336]
S3 fsbl;F-Secure BlackLight Engine Driver;\??\c:\program files\F-Secure\Anti-Virus\fsbldrv.sys --> c:\program files\F-Secure\Anti-Virus\fsbldrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7.2.2010 20:10 36608]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 22:22 34064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1644491937-1177238915-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1644491937-1177238915-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1644491937-1177238915-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1644491937-1177238915-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]
.
2011-04-20 c:\windows\Tasks\User_Feed_Synchronization-{C9CF8B0A-117E-4894-B44F-6AF8EDF5C2CD}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = astroburn-search.com
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {D565CCAF-82C2-40AF-87DA-241A93E820F1} = 216.146.35.35,216.146.36.36
FF - ProfilePath - c:\documents and settings\Tester\Data aplikací\Mozilla\Firefox\Profiles\zwlq49d7.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: LavaFox V1: info@djzig.com - %profile%\extensions\info@djzig.com
FF - Ext: Illimitux: illimitux@illimitux.net - %profile%\extensions\illimitux@illimitux.net
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-20 23:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3700)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-04-20 23:44:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-20 21:44
ComboFix2.txt 2011-04-20 13:39
ComboFix3.txt 2011-04-05 20:36
ComboFix4.txt 2010-08-26 22:30
ComboFix5.txt 2011-04-20 20:50
.
Před spuštěním: Volných bajtů: 21 149 614 080
Po spuštění: Volných bajtů: 21 029 253 120
.
- - End Of File - - 5886357597AE32AF9C091F5023A58FF1
Nahr nˇ probŘhlo ŁspŘçnŘ
Re: prosim o kontrolu logu - zasekany pc
Napsal: 21 dub 2011 17:04
Smazáno, log již vypadá čistý.
Re: prosim o kontrolu logu - zasekany pc
Napsal: 22 dub 2011 07:40
počitač jsem ještě překontroloval a nic tak už mužete 
děkuju vám za pomoc
děkuju vám za pomoc
Re: prosim o kontrolu logu - zasekany pc
Napsal: 22 dub 2011 16:08
Nemáte zač a zamykám!