Re: nový vir
Napsal: 16 črc 2011 11:21
OK, dejte mi chvili nez napisu docistovaci skript, jeste tam toho spousty je 
Stránka 2 z 3
Re: nový vir
Napsal: 16 črc 2011 11:23
ok
Re: nový vir
Napsal: 16 črc 2011 11:28
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: RegLock:: [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] DDs:: mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyServer = http=127.0.0.1:54848 Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Firefox:: FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\os0uce96.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4e0d7310 ... &lng=cs&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 54848 FF - prefs.js: network.proxy.type - 1 NetSvc:: Akamai Driver:: Akamai gupdate SmileyCentralIE_1wService gupdatem ICQ Service File:: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job c:\windows\Tasks\Norton Security Scan for Klára.job c:\windows\Tasks\RMSchedule.job c:\program files\Softonic-Eng7\tbSoft.dll c:\users\Adam\AppData\Local\BIT2B52.tmp Folder:: c:\program files\ICQ6Toolbar c:\program files\Ask.com c:\program files\SweetIM c:\users\Adam\AppData\Local\AVG Security Toolbar c:\windows\update.tray-12-0 c:\windows\update.tray-12-0-lnk c:\windows\update.tray-7-0-lnk c:\windows\update.tray-7-0 Collect:: c:\windows\gbot111.exe Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000000 "DisableThumbnailCache"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"=- "SweetIM"=- "ApnUpdater"=- "LogMeIn Hamachi Ui"=- "Adobe Reader Speed Launcher"=- "Adobe ARM"=- "AdobeAAMUpdater-1.0"=- "SwitchBoard"=- "AdobeCS5ServiceManager"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"=- "DAEMON Tools Lite"=- "uTorrent"=- "Pando Media Booster"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{D4027C7F-154A-4066-A1AD-4243D8127440}"=- "{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"=- "{30F9B915-B755-4826-820B-08FBA6BD249D}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [-HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"=- "{EEE6C35D-6118-11DC-9C72-001320C79847}"=- "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"=- Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraciRe: nový vir
Napsal: 16 črc 2011 11:56
ComboFix 11-07-15.03 - Adam 16.07.2011 12:36:47.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2047.1330 [GMT 2:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Adam\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Softonic-Eng7\tbSoft.dll"
"c:\users\Adam\AppData\Local\BIT2B52.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Norton Security Scan for Klára.job"
"c:\windows\Tasks\RMSchedule.job"
.
file zipped: c:\windows\gbot111.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_6594.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\Softonic-Eng7\tbSoft.dll
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\users\Adam\AppData\Local\AVG Security Toolbar
c:\users\Adam\AppData\Local\AVG Security Toolbar\cache\overlay.xml
c:\windows\gbot111.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RMSchedule.job
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Akamai
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
-------\Service_SmileyCentralIE_1wService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-16 10:45 . 2011-07-16 10:48 -------- d-----w- c:\users\Adam\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\Klára\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-07-16 07:52 . 2011-07-16 08:04 -------- d-----w- c:\program files\trend micro
2011-07-16 07:52 . 2011-07-16 07:53 -------- d-----w- C:\rsit
2011-07-16 04:56 . 2011-07-16 04:56 -------- d-----w- c:\users\Adam\AppData\Roaming\ATI
2011-07-16 04:56 . 2011-07-16 04:56 -------- d-----w- c:\users\Adam\AppData\Local\ATI
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\programdata\ATI
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\program files\AMD APP
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-07-16 04:11 . 2011-07-16 04:11 -------- d-----w- c:\program files\ATI
2011-07-16 04:10 . 2011-07-16 04:15 -------- d-----w- c:\program files\ATI Technologies
2011-07-16 03:31 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{463D321D-4C8D-4856-8597-0FB1AAB307EA}\mpengine.dll
2011-07-15 21:35 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-15 21:35 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-15 21:35 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-15 21:35 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-15 21:35 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-15 21:35 . 2011-02-23 13:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-15 21:34 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-07-15 21:34 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-15 21:34 . 2011-07-15 21:34 -------- d-----w- C:\ATI
2011-07-15 19:51 . 2011-07-15 20:40 -------- d-----w- c:\windows\rpcminer
2011-07-15 19:51 . 2011-07-15 20:39 -------- d-----w- c:\windows\ufa
2011-07-15 19:51 . 2011-07-15 20:39 -------- d-----w- c:\windows\phoenix
2011-07-15 19:51 . 2011-07-15 19:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-15 19:47 . 2011-07-15 21:40 -------- d-----w- c:\windows\av_ico
2011-07-15 15:30 . 2005-06-01 10:12 467968 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-07-15 15:30 . 2005-06-01 10:11 467456 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-07-15 15:30 . 2005-06-01 09:54 634880 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2011-07-15 15:30 . 2005-05-31 14:02 522752 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2011-07-15 15:30 . 2005-03-28 13:54 478208 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2011-07-15 15:30 . 2004-11-04 11:31 479744 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2011-07-15 15:30 . 2004-01-12 15:57 86016 ----a-w- c:\windows\system32\QuickTime.ax
2011-07-15 15:30 . 2011-07-15 20:39 -------- d-----w- c:\program files\All Video Converter
2011-07-15 15:22 . 2011-07-15 20:35 -------- d-----w- c:\program files\Mystik Media
2011-07-13 18:30 . 2011-06-11 02:29 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-07-07 19:48 . 2011-07-07 19:50 -------- d-----w- c:\users\Adam\AppData\Local\PokerStars
2011-07-07 19:48 . 2011-07-07 19:50 -------- d-----w- c:\program files\PokerStars
2011-07-06 19:02 . 2011-07-06 19:02 -------- d-----w- c:\users\Adam\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-07-06 19:02 . 2011-07-06 19:02 -------- d-----w- c:\users\Adam\AppData\Roaming\Adobe Mini Bridge CS5
2011-07-06 18:53 . 2011-07-06 18:53 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-07-05 11:44 . 2011-07-05 11:44 -------- d-----w- c:\program files\Adobe Media Player
2011-07-04 17:57 . 2011-07-04 17:57 -------- d-----w- c:\program files\FDRLab
2011-07-03 13:27 . 2011-07-12 09:23 -------- d-----w- c:\programdata\Studio14Trial
2011-06-29 11:55 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 11:54 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 11:54 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 11:54 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 11:54 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 11:54 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 11:54 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 11:54 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 11:54 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 11:54 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-24 13:31 . 2011-06-24 13:31 -------- d-----w- c:\windows\system32\SPReview
2011-06-24 13:06 . 2011-06-24 13:06 -------- d-----w- c:\windows\system32\EventProviders
2011-06-24 13:06 . 2011-06-24 13:08 -------- d-----w- C:\58146306bb33f5dec2
2011-06-24 12:27 . 2011-06-24 12:27 216 ----a-w- c:\users\Adam\client.bin
2011-06-24 11:52 . 2011-06-24 12:34 -------- d-----w- c:\users\Adam\pack
2011-06-23 18:19 . 2011-06-23 18:19 -------- d-----w- c:\users\Adam\BDA
2011-06-22 20:23 . 2011-06-22 20:29 -------- d-----w- c:\users\Klára\AppData\Roaming\Skype
2011-06-20 21:02 . 2011-07-13 17:47 -------- d-----w- c:\users\Adam\AppData\Roaming\Skype
2011-06-20 21:01 . 2011-06-20 21:02 -------- d-----r- c:\program files\Skype
2011-06-20 21:01 . 2011-06-20 21:01 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-24 13:37 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-07 03:13 . 2011-06-07 03:13 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-07 03:13 . 2011-06-07 03:13 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-07 03:13 . 2011-06-07 03:13 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-07 03:13 . 2011-06-07 03:13 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-07 03:13 . 2011-06-07 03:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-07 03:13 . 2011-06-07 03:13 367104 ----a-w- c:\windows\system32\html.iec
2011-06-07 03:13 . 2011-06-07 03:13 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-07 03:13 . 2011-06-07 03:13 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-07 03:13 . 2011-06-07 03:13 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-07 03:12 . 2011-06-07 03:12 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-07 03:12 . 2011-06-07 03:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-07 03:12 . 2011-06-07 03:12 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-07 03:12 . 2011-06-07 03:12 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-07 03:12 . 2011-06-07 03:12 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-07 03:12 . 2011-06-07 03:12 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-07 03:12 . 2011-06-07 03:12 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-07 03:12 . 2011-06-07 03:12 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-07 03:12 . 2011-06-07 03:12 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-07 03:12 . 2011-06-07 03:12 101888 ----a-w- c:\windows\system32\admparse.dll
2011-05-27 17:44 . 2011-05-27 17:44 30520 ----a-w- c:\windows\system32\midiwrap3405.deu
2011-05-25 04:25 . 2011-05-25 04:25 7800832 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2011-05-25 03:07 688128 ----a-w- c:\windows\system32\aticfx32.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:03 . 2011-05-25 03:03 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-05-25 02:58 . 2009-07-13 22:09 4219904 ----a-w- c:\windows\system32\atidxx32.dll
2011-05-25 02:50 . 2011-05-25 02:50 4017152 ----a-w- c:\windows\system32\atiumdva.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 02:39 . 2011-05-25 02:39 4330496 ----a-w- c:\windows\system32\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 245760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2011-05-25 02:24 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-05-25 02:24 . 2011-05-25 02:24 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:18 . 2011-05-25 02:18 52736 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-24 17:14 . 2009-12-02 13:50 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-03 04:30 . 2011-06-15 18:54 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-15 18:54 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-15 18:54 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-15 18:54 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-15 18:54 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-15 18:54 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-15 18:54 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-15 18:54 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-15 18:54 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-22 23:35 . 2011-06-15 21:46 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-15 21:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 19:14 . 2011-05-25 05:36 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-23 11:53 . 2010-10-23 11:56 1377109 ----a-w- c:\program files\unins000.exe
2010-10-05 10:09 . 2010-10-23 11:56 1377107 ----a-w- c:\program files\unins001.exe
2010-10-05 08:51 . 2010-10-23 11:56 195408 ----a-w- c:\program files\cabal.exe
2010-10-04 13:52 . 2010-10-23 11:56 1881472 ----a-w- c:\program files\cabalmain.exe
2010-03-26 17:34 . 2010-10-23 11:56 77824 ----a-w- c:\program files\libvorbisfile.dll
2010-03-26 17:34 . 2010-10-23 11:56 43520 ----a-w- c:\program files\libogg.dll
2010-03-26 17:34 . 2010-10-23 11:56 1205248 ----a-w- c:\program files\libvorbis.dll
2010-03-26 17:34 . 2010-10-23 11:56 94208 ----a-w- c:\program files\KarasX2.dll
2010-03-26 17:34 . 2010-10-23 11:56 299304 ----a-w- c:\program files\GameGuard.des
2010-03-26 17:34 . 2010-10-23 11:56 369664 ----a-w- c:\program files\fmodexL.dll
2010-03-26 17:34 . 2010-10-23 11:56 325632 ----a-w- c:\program files\fmodex.dll
2010-03-26 17:34 . 2010-10-23 11:56 2613760 ----a-w- c:\program files\Download.dll
2010-03-26 17:18 . 2010-10-23 11:56 2388176 ----a-w- c:\program files\d3dx9_30.dll
2010-03-26 17:18 . 2010-10-23 11:56 106496 ----a-w- c:\program files\atl71.dll
2011-03-18 17:55 . 2011-06-11 08:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ioCentre"="c:\program files\ioCentre\gTaskBar.exe" [2006-08-03 241664]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswboot.exe /a:* /l:1029 /kbd:2 /dir:c:\program
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-09-20 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-09-20 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-09-20 38784]
R3 CFcatchme;CFcatchme;c:\users\Adam\AppData\Local\Temp\CFcatchme.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-02 3732680]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-18 691696]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
S3 netr73;Belkin Wireless 54G USB Network Adapter Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2010-02-11 464384]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-14 c:\windows\Tasks\Norton Security Scan for Klára.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-04 22:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\os0uce96.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Photodex\ProShow\ScsiAccess.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2011-07-16 12:53:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-16 10:53
ComboFix2.txt 2011-07-16 10:09
.
Před spuštěním: Volných bajtů: 167 475 138 560
Po spuštění: Volných bajtů: 167 429 836 800
.
- - End Of File - - BC1911E57E9DCE49FB5BDA051A64006F
Nahr nˇ probŘhlo ŁspŘçnŘ
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2047.1330 [GMT 2:00]
Spuštěný z: c:\users\Adam\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Adam\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Softonic-Eng7\tbSoft.dll"
"c:\users\Adam\AppData\Local\BIT2B52.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Norton Security Scan for Klára.job"
"c:\windows\Tasks\RMSchedule.job"
.
file zipped: c:\windows\gbot111.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\assets\oobe\b.png
c:\program files\Ask.com\assets\oobe\bl.png
c:\program files\Ask.com\assets\oobe\br.png
c:\program files\Ask.com\assets\oobe\l.png
c:\program files\Ask.com\assets\oobe\pointer.png
c:\program files\Ask.com\assets\oobe\r.png
c:\program files\Ask.com\assets\oobe\t.png
c:\program files\Ask.com\assets\oobe\tl.png
c:\program files\Ask.com\assets\oobe\tr.png
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_6594.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\precache.exe
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Updater\config.xml
c:\program files\Ask.com\Updater\Updater.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\Softonic-Eng7\tbSoft.dll
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\users\Adam\AppData\Local\AVG Security Toolbar
c:\users\Adam\AppData\Local\AVG Security Toolbar\cache\overlay.xml
c:\windows\gbot111.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RMSchedule.job
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Akamai
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
-------\Service_SmileyCentralIE_1wService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))
.
.
2011-07-16 10:45 . 2011-07-16 10:48 -------- d-----w- c:\users\Adam\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\Klára\AppData\Local\temp
2011-07-16 10:45 . 2011-07-16 10:45 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-07-16 07:52 . 2011-07-16 08:04 -------- d-----w- c:\program files\trend micro
2011-07-16 07:52 . 2011-07-16 07:53 -------- d-----w- C:\rsit
2011-07-16 04:56 . 2011-07-16 04:56 -------- d-----w- c:\users\Adam\AppData\Roaming\ATI
2011-07-16 04:56 . 2011-07-16 04:56 -------- d-----w- c:\users\Adam\AppData\Local\ATI
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\programdata\ATI
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\program files\AMD APP
2011-07-16 04:16 . 2011-07-16 04:16 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-07-16 04:11 . 2011-07-16 04:11 -------- d-----w- c:\program files\ATI
2011-07-16 04:10 . 2011-07-16 04:15 -------- d-----w- c:\program files\ATI Technologies
2011-07-16 03:31 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{463D321D-4C8D-4856-8597-0FB1AAB307EA}\mpengine.dll
2011-07-15 21:35 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-15 21:35 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-15 21:35 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-15 21:35 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-15 21:35 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-15 21:35 . 2011-02-23 13:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-15 21:34 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr
2011-07-15 21:34 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-15 21:34 . 2011-07-15 21:34 -------- d-----w- C:\ATI
2011-07-15 19:51 . 2011-07-15 20:40 -------- d-----w- c:\windows\rpcminer
2011-07-15 19:51 . 2011-07-15 20:39 -------- d-----w- c:\windows\ufa
2011-07-15 19:51 . 2011-07-15 20:39 -------- d-----w- c:\windows\phoenix
2011-07-15 19:51 . 2011-07-15 19:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-15 19:47 . 2011-07-15 21:40 -------- d-----w- c:\windows\av_ico
2011-07-15 15:30 . 2005-06-01 10:12 467968 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2011-07-15 15:30 . 2005-06-01 10:11 467456 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2011-07-15 15:30 . 2005-06-01 09:54 634880 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2011-07-15 15:30 . 2005-05-31 14:02 522752 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2011-07-15 15:30 . 2005-03-28 13:54 478208 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2011-07-15 15:30 . 2004-11-04 11:31 479744 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2011-07-15 15:30 . 2004-01-12 15:57 86016 ----a-w- c:\windows\system32\QuickTime.ax
2011-07-15 15:30 . 2011-07-15 20:39 -------- d-----w- c:\program files\All Video Converter
2011-07-15 15:22 . 2011-07-15 20:35 -------- d-----w- c:\program files\Mystik Media
2011-07-13 18:30 . 2011-06-11 02:29 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-07-07 19:48 . 2011-07-07 19:50 -------- d-----w- c:\users\Adam\AppData\Local\PokerStars
2011-07-07 19:48 . 2011-07-07 19:50 -------- d-----w- c:\program files\PokerStars
2011-07-06 19:02 . 2011-07-06 19:02 -------- d-----w- c:\users\Adam\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2011-07-06 19:02 . 2011-07-06 19:02 -------- d-----w- c:\users\Adam\AppData\Roaming\Adobe Mini Bridge CS5
2011-07-06 18:53 . 2011-07-06 18:53 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2011-07-05 11:44 . 2011-07-05 11:44 -------- d-----w- c:\program files\Adobe Media Player
2011-07-04 17:57 . 2011-07-04 17:57 -------- d-----w- c:\program files\FDRLab
2011-07-03 13:27 . 2011-07-12 09:23 -------- d-----w- c:\programdata\Studio14Trial
2011-06-29 11:55 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 11:54 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 11:54 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 11:54 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 11:54 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 11:54 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 11:54 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 11:54 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 11:54 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 11:54 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-24 13:31 . 2011-06-24 13:31 -------- d-----w- c:\windows\system32\SPReview
2011-06-24 13:06 . 2011-06-24 13:06 -------- d-----w- c:\windows\system32\EventProviders
2011-06-24 13:06 . 2011-06-24 13:08 -------- d-----w- C:\58146306bb33f5dec2
2011-06-24 12:27 . 2011-06-24 12:27 216 ----a-w- c:\users\Adam\client.bin
2011-06-24 11:52 . 2011-06-24 12:34 -------- d-----w- c:\users\Adam\pack
2011-06-23 18:19 . 2011-06-23 18:19 -------- d-----w- c:\users\Adam\BDA
2011-06-22 20:23 . 2011-06-22 20:29 -------- d-----w- c:\users\Klára\AppData\Roaming\Skype
2011-06-20 21:02 . 2011-07-13 17:47 -------- d-----w- c:\users\Adam\AppData\Roaming\Skype
2011-06-20 21:01 . 2011-06-20 21:02 -------- d-----r- c:\program files\Skype
2011-06-20 21:01 . 2011-06-20 21:01 -------- d-----w- c:\programdata\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-24 13:37 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-06-07 03:13 . 2011-06-07 03:13 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-07 03:13 . 2011-06-07 03:13 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-07 03:13 . 2011-06-07 03:13 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-07 03:13 . 2011-06-07 03:13 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-07 03:13 . 2011-06-07 03:13 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-07 03:13 . 2011-06-07 03:13 367104 ----a-w- c:\windows\system32\html.iec
2011-06-07 03:13 . 2011-06-07 03:13 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-07 03:13 . 2011-06-07 03:13 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-07 03:13 . 2011-06-07 03:13 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-07 03:12 . 2011-06-07 03:12 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-07 03:12 . 2011-06-07 03:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-07 03:12 . 2011-06-07 03:12 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-07 03:12 . 2011-06-07 03:12 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-07 03:12 . 2011-06-07 03:12 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-07 03:12 . 2011-06-07 03:12 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-07 03:12 . 2011-06-07 03:12 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-07 03:12 . 2011-06-07 03:12 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-07 03:12 . 2011-06-07 03:12 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-07 03:12 . 2011-06-07 03:12 101888 ----a-w- c:\windows\system32\admparse.dll
2011-05-27 17:44 . 2011-05-27 17:44 30520 ----a-w- c:\windows\system32\midiwrap3405.deu
2011-05-25 04:25 . 2011-05-25 04:25 7800832 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-05-25 03:31 . 2011-05-25 03:31 17940992 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:07 . 2011-05-25 03:07 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-25 03:07 . 2011-05-25 03:07 688128 ----a-w- c:\windows\system32\aticfx32.dll
2011-05-25 03:04 . 2011-05-25 03:04 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 03:03 . 2011-05-25 03:03 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-05-25 03:03 . 2011-05-25 03:03 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-05-25 03:02 . 2011-05-25 03:02 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 03:02 . 2011-05-25 03:02 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 03:01 . 2011-05-25 03:01 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-05-25 03:01 . 2011-05-25 03:01 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:59 . 2011-05-25 02:59 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-05-25 02:58 . 2009-07-13 22:09 4219904 ----a-w- c:\windows\system32\atidxx32.dll
2011-05-25 02:50 . 2011-05-25 02:50 4017152 ----a-w- c:\windows\system32\atiumdva.dll
2011-05-25 02:47 . 2011-05-25 02:47 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-25 02:47 . 2011-05-25 02:47 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-25 02:43 . 2011-05-25 02:43 6847488 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-25 02:39 . 2011-05-25 02:39 4330496 ----a-w- c:\windows\system32\atiumdag.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-25 02:38 . 2011-05-25 02:38 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:26 . 2011-05-25 02:26 262144 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:26 . 2011-05-25 02:26 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-05-25 02:25 . 2011-05-25 02:25 245760 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-05-25 02:24 . 2011-05-25 02:24 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-05-25 02:24 . 2011-05-25 02:24 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-05-25 02:24 . 2011-05-25 02:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:18 . 2011-05-25 02:18 52736 ----a-w- c:\windows\system32\coinst.dll
2011-05-24 21:44 . 2011-05-24 21:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 21:44 . 2011-05-24 21:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 21:43 . 2011-05-24 21:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-05-24 17:14 . 2009-12-02 13:50 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-03 04:30 . 2011-06-15 18:54 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-15 18:54 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-15 18:54 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-15 18:54 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-15 18:54 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-15 18:54 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-15 18:54 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-15 18:54 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-15 18:54 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-22 23:35 . 2011-06-15 21:46 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-15 21:46 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 19:14 . 2011-05-25 05:36 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-23 11:53 . 2010-10-23 11:56 1377109 ----a-w- c:\program files\unins000.exe
2010-10-05 10:09 . 2010-10-23 11:56 1377107 ----a-w- c:\program files\unins001.exe
2010-10-05 08:51 . 2010-10-23 11:56 195408 ----a-w- c:\program files\cabal.exe
2010-10-04 13:52 . 2010-10-23 11:56 1881472 ----a-w- c:\program files\cabalmain.exe
2010-03-26 17:34 . 2010-10-23 11:56 77824 ----a-w- c:\program files\libvorbisfile.dll
2010-03-26 17:34 . 2010-10-23 11:56 43520 ----a-w- c:\program files\libogg.dll
2010-03-26 17:34 . 2010-10-23 11:56 1205248 ----a-w- c:\program files\libvorbis.dll
2010-03-26 17:34 . 2010-10-23 11:56 94208 ----a-w- c:\program files\KarasX2.dll
2010-03-26 17:34 . 2010-10-23 11:56 299304 ----a-w- c:\program files\GameGuard.des
2010-03-26 17:34 . 2010-10-23 11:56 369664 ----a-w- c:\program files\fmodexL.dll
2010-03-26 17:34 . 2010-10-23 11:56 325632 ----a-w- c:\program files\fmodex.dll
2010-03-26 17:34 . 2010-10-23 11:56 2613760 ----a-w- c:\program files\Download.dll
2010-03-26 17:18 . 2010-10-23 11:56 2388176 ----a-w- c:\program files\d3dx9_30.dll
2010-03-26 17:18 . 2010-10-23 11:56 106496 ----a-w- c:\program files\atl71.dll
2011-03-18 17:55 . 2011-06-11 08:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ioCentre"="c:\program files\ioCentre\gTaskBar.exe" [2006-08-03 241664]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SSDMonitor"="c:\program files\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
.
c:\users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswboot.exe /a:* /l:1029 /kbd:2 /dir:c:\program
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-09-20 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-09-20 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-09-20 38784]
R3 CFcatchme;CFcatchme;c:\users\Adam\AppData\Local\Temp\CFcatchme.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-08-02 3732680]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-08 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-18 691696]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-05-25 176128]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-05-25 7800832]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-05-25 245760]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-03-30 100880]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
S3 netr73;Belkin Wireless 54G USB Network Adapter Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2010-02-11 464384]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-14 c:\windows\Tasks\Norton Security Scan for Klára.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-03-04 22:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\os0uce96.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Photodex\ProShow\ScsiAccess.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2011-07-16 12:53:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-16 10:53
ComboFix2.txt 2011-07-16 10:09
.
Před spuštěním: Volných bajtů: 167 475 138 560
Po spuštění: Volných bajtů: 167 429 836 800
.
- - End Of File - - BC1911E57E9DCE49FB5BDA051A64006F
Nahr nˇ probŘhlo ŁspŘçnŘ
Re: nový vir
Napsal: 16 črc 2011 11:58
Uz to vypada daleko lepe, jak se chova PC 
Re: nový vir
Napsal: 16 črc 2011 11:59
dobře
takže už sme se toho zbavili už tam nic není?
takže už sme se toho zbavili už tam nic není?
Re: nový vir
Napsal: 16 črc 2011 12:01
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Jeste to proverime jinou utilitou, pac tam toho bylo opravdu hoooodne. Mel jsem spise na mysli jestli si porad FB sam od sebe keca s okolim Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
Re: nový vir
Napsal: 16 črc 2011 12:03
nene fb už je v poho ted se akorat musim omlouvat asi 100 lidím 
Re: nový vir
Napsal: 16 črc 2011 12:09
Je mi to jasny
Pockam jeste na ten log z MBAMu
Pockam jeste na ten log z MBAMu
Re: nový vir
Napsal: 16 črc 2011 12:19
nechce mi to najít ten Uninstal
Re: nový vir
Napsal: 16 črc 2011 12:20
Prejmenujte tedy ikonu ComboFixu na Uninstall a spustte jej
Re: nový vir
Napsal: 16 črc 2011 12:51
hele Misska11 ma to samí ma to jako vir+nouzoví režim tak jí pls poradte
Re: nový vir
Napsal: 16 črc 2011 13:44
Ono toho tu ted bude vic, jelikoz FB ma hodne lidi a tak se siri
Re: nový vir
Napsal: 16 črc 2011 13:58
jj toho bude za chvíli kvanta
Re: nový vir
Napsal: 16 črc 2011 14:00
Uz jsme si to natrenovali nedavno kdyz byl na FB tez ten vir - vydaval se za fotku...
Ten MBAM Vam uz bezi
Ten MBAM Vam uz bezi