VIRY.CZ

ComboFix 10-12-18.01 - Admin 18.12.2010 22:10:03.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3071.2521 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-18 do 2010-12-18 )))))))))))))))))))))))))))))))
.

2010-12-18 18:09 . 2010-12-18 18:09 135032 ----a-w- c:\windows\system32\drivers\dwprot.sys
2010-12-18 15:36 . 2010-12-18 15:36 -------- d-----w- c:\documents and settings\Admin\DoctorWeb
2010-12-16 06:11 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-16 06:10 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-13 18:21 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\33032532.sys
2010-12-13 18:21 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\3303253.sys
2010-12-13 18:21 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\33032531.sys
2010-12-10 20:50 . 2010-12-10 20:51 -------- d-----w- c:\documents and settings\Evicka\Data aplikací\PCToolsFirewallPlus
2010-12-10 18:09 . 2010-12-10 18:10 -------- d-----w- c:\documents and settings\Admin\Data aplikací\PCToolsFirewallPlus
2010-12-10 18:09 . 2010-11-25 09:53 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-12-10 18:09 . 2010-03-29 10:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-12-10 18:09 . 2010-11-17 09:19 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-12-10 18:09 . 2010-12-10 18:09 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-10 18:09 . 2010-11-24 08:18 89192 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2010-12-10 18:09 . 2010-07-08 08:49 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2010-12-10 18:09 . 2010-02-05 08:26 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2010-12-10 18:09 . 2010-11-25 09:42 124992 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2010-12-10 18:09 . 2010-12-10 18:10 -------- d-----w- c:\program files\PC Tools Firewall Plus
2010-12-10 17:13 . 2010-12-11 21:33 -------- d-----w- c:\program files\trend micro
2010-12-09 20:14 . 2010-12-09 20:14 -------- d---a-w- c:\windows\VDLL.DLL
2010-12-09 20:14 . 2010-12-09 20:14 -------- d---a-w- c:\windows\system32\runouce.exe
2010-12-09 20:14 . 2010-12-09 20:14 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-12-09 20:14 . 2010-12-09 20:14 -------- d---a-w- c:\windows\logo_1.exe
2010-12-09 20:10 . 2010-12-09 20:10 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-12-09 20:10 . 2010-12-09 20:10 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-12-09 20:10 . 2010-12-09 20:10 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-12-09 20:10 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2010-12-09 20:10 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2010-12-09 20:10 . 2010-12-09 20:10 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-12-09 20:10 . 2010-12-09 20:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2010-12-08 20:07 . 2010-12-08 20:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MaskMyIP
2010-12-08 20:07 . 2010-12-08 20:07 -------- d-----w- c:\documents and settings\Admin\Data aplikací\MaskMyIP
2010-12-08 20:05 . 2010-12-08 20:06 -------- d---a-w- c:\program files\AdvTor
2010-12-07 17:42 . 2010-12-07 17:42 -------- d-----w- c:\program files\Team17
2010-12-07 17:41 . 2010-12-07 17:41 -------- d-----w- C:\xx
2010-12-06 19:40 . 2010-12-06 19:53 -------- d-----w- c:\program files\wormsarm
2010-12-04 17:28 . 2010-12-04 17:28 -------- d-----w- c:\documents and settings\Evicka\Local Settings\Data aplikací\O&O
2010-11-28 15:10 . 2010-11-28 15:10 -------- d-----w- c:\documents and settings\Evicka\Data aplikací\Ulead Systems
2010-11-28 12:09 . 2010-11-28 12:13 -------- d-----w- c:\program files\AdorageI-GfxDatas
2010-11-27 13:46 . 2010-11-27 13:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apache
2010-11-27 13:42 . 2010-11-27 13:47 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\Apache
2010-11-27 11:26 . 2010-11-27 12:46 -------- d-----w- c:\documents and settings\Admin\Data aplikací\Ulead Systems
2010-11-27 11:24 . 2010-11-27 11:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InterVideo
2010-11-27 11:24 . 2008-04-01 20:40 209040 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-11-27 11:24 . 2008-04-01 20:40 196752 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-11-27 11:24 . 2008-04-01 20:40 192656 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-11-27 11:24 . 2008-04-01 20:40 196752 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-11-27 11:24 . 2008-04-01 20:40 204944 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-11-27 11:24 . 2008-04-01 20:40 24720 ----a-w- c:\windows\system32\IVIresize.dll
2010-11-27 11:24 . 2000-01-04 05:39 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2010-11-27 11:23 . 2010-11-27 11:23 -------- d-----w- c:\program files\Windows Media Components
2010-11-27 11:23 . 2010-11-27 11:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ulead Systems
2010-11-27 11:23 . 2010-11-27 11:23 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-11-27 11:22 . 2010-11-27 11:23 -------- d-----w- c:\program files\Corel
2010-11-21 17:22 . 2010-11-21 17:22 -------- d-----w- c:\documents and settings\Admin\.oces
2010-11-19 19:35 . 2010-11-19 19:35 -------- d-----w- c:\documents and settings\LocalService\Plocha

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-10 16:19 . 2010-09-27 08:29 420920 ----a-w- c:\windows\system32\drivers\sptd.sys.98238503
2010-12-09 20:16 . 2010-12-09 20:16 8578811 ----a-w- c:\windows\REGBK00.ZIP
2010-11-28 14:01 . 2010-09-29 08:11 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-28 14:01 . 2010-09-29 08:11 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-28 14:01 . 2010-09-29 08:11 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2010-11-18 18:15 . 2010-09-25 18:49 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-18 05:26 . 2010-11-18 05:26 75048 ----a-r- c:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{7EE8ED57-682B-4AB0-860C-2E079BCD90B1}\ARPPRODUCTICON.exe
2010-11-06 00:23 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-18 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-18 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-18 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-10-08 07:14 . 2010-10-08 07:14 44384 ----a-w- c:\windows\system32\drivers\tifsfilt.sys
2010-10-08 07:14 . 2010-10-08 07:14 441760 ----a-w- c:\windows\system32\drivers\timntr.sys
2010-10-08 07:14 . 2010-10-08 07:14 132224 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-10-08 07:14 . 2010-10-08 07:14 368480 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2010-10-06 05:25 . 2010-09-29 08:11 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-05 06:18 . 2005-12-08 10:12 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-10-05 06:18 . 2005-12-08 10:08 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-12-10_20.03.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-18 20:58 . 2010-12-18 20:58 16384 c:\windows\Temp\Perflib_Perfdata_bac.dat
+ 2010-12-18 20:57 . 2010-12-18 20:57 16384 c:\windows\Temp\Perflib_Perfdata_5a8.dat
- 2010-09-25 19:09 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
+ 2010-09-25 19:09 . 2010-11-03 13:12 46080 c:\windows\system32\tzchange.exe
+ 2010-11-18 06:25 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 66560 c:\windows\system32\mshtmled.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 66560 c:\windows\system32\mshtmled.dll
- 2009-03-08 02:31 . 2010-09-10 05:52 55296 c:\windows\system32\msfeedsbs.dll
+ 2009-03-08 02:31 . 2010-11-06 00:23 55296 c:\windows\system32\msfeedsbs.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 25600 c:\windows\system32\jsproxy.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 25600 c:\windows\system32\jsproxy.dll
- 2010-09-27 06:41 . 2010-09-10 05:52 12800 c:\windows\system32\dllcache\xpshims.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 12800 c:\windows\system32\dllcache\xpshims.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2010-09-27 06:41 . 2010-09-10 05:52 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-11-18 18:15 . 2010-11-18 18:15 81920 c:\windows\system32\dllcache\isign32.dll
- 2010-09-26 14:07 . 2010-11-10 13:38 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 34144 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 42848 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\msouc.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 19296 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-02-28 00:22 . 2010-02-28 00:22 48504 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PUBTRAP.DLL
+ 2010-12-16 06:44 . 2010-09-10 05:52 12800 c:\windows\ie8updates\KB2416400-IE8\xpshims.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 66560 c:\windows\ie8updates\KB2416400-IE8\mshtmled.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 55296 c:\windows\ie8updates\KB2416400-IE8\msfeedsbs.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 43520 c:\windows\ie8updates\KB2416400-IE8\licmgr10.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 25600 c:\windows\ie8updates\KB2416400-IE8\jsproxy.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 206848 c:\windows\system32\occache.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 206848 c:\windows\system32\occache.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 611840 c:\windows\system32\mstime.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 611840 c:\windows\system32\mstime.dll
- 2009-03-08 02:32 . 2010-09-10 05:52 602112 c:\windows\system32\msfeeds.dll
+ 2009-03-08 02:32 . 2010-11-06 00:23 602112 c:\windows\system32\msfeeds.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 184320 c:\windows\system32\iepeers.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 184320 c:\windows\system32\iepeers.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe
+ 2010-09-25 20:41 . 2010-12-16 11:01 371280 c:\windows\system32\FNTCACHE.DAT
- 2010-09-25 20:41 . 2010-11-27 12:42 371280 c:\windows\system32\FNTCACHE.DAT
+ 2004-08-18 12:00 . 2010-11-06 00:23 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 916480 c:\windows\system32\dllcache\wininet.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 206848 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 611840 c:\windows\system32\dllcache\mstime.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-09-27 06:41 . 2010-09-10 05:52 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-09-27 06:41 . 2010-09-10 05:52 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 184320 c:\windows\system32\dllcache\iepeers.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 184320 c:\windows\system32\dllcache\iepeers.dll
- 2010-09-27 06:41 . 2010-09-10 05:52 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe
+ 2004-08-18 12:00 . 2010-10-28 13:09 290048 c:\windows\system32\dllcache\atmfd.dll
+ 2010-07-22 01:43 . 2010-07-22 01:43 257024 c:\windows\Installer\31ab4d.msp
- 2010-09-26 14:07 . 2010-11-10 13:38 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 415584 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-09-26 14:07 . 2010-12-16 06:44 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 303456 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 571232 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 326496 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\joticon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 469856 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 178528 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
+ 2010-03-01 02:56 . 2010-03-01 02:56 604024 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PUBCONV.DLL
+ 2010-01-09 20:50 . 2010-01-09 20:50 119160 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSCONV97.DLL
+ 2010-03-01 02:56 . 2010-03-01 02:56 457104 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MORPH9.DLL
+ 2010-12-16 06:44 . 2010-09-10 05:52 916480 c:\windows\ie8updates\KB2416400-IE8\wininet.dll
+ 2010-12-16 06:44 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2416400-IE8\spuninst\updspapi.dll
+ 2010-12-16 06:44 . 2010-02-22 14:20 233848 c:\windows\ie8updates\KB2416400-IE8\spuninst\spuninst.exe
+ 2010-12-16 06:44 . 2010-09-10 05:52 206848 c:\windows\ie8updates\KB2416400-IE8\occache.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 611840 c:\windows\ie8updates\KB2416400-IE8\mstime.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 602112 c:\windows\ie8updates\KB2416400-IE8\msfeeds.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 247808 c:\windows\ie8updates\KB2416400-IE8\ieproxy.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 184320 c:\windows\ie8updates\KB2416400-IE8\iepeers.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 743424 c:\windows\ie8updates\KB2416400-IE8\iedvtool.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 387584 c:\windows\ie8updates\KB2416400-IE8\iedkcs32.dll
+ 2010-12-16 06:44 . 2010-08-26 12:22 173056 c:\windows\ie8updates\KB2416400-IE8\ie4uinit.exe
+ 2004-08-18 12:00 . 2010-11-06 00:23 1210880 c:\windows\system32\urlmon.dll
- 2004-08-18 12:00 . 2010-09-10 05:52 1210880 c:\windows\system32\urlmon.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 5959168 c:\windows\system32\mshtml.dll
+ 2010-09-26 15:20 . 2010-11-06 00:23 1991680 c:\windows\system32\iertutil.dll
+ 2010-09-27 04:12 . 2010-10-26 13:58 1853312 c:\windows\system32\dllcache\win32k.sys
- 2004-08-18 12:00 . 2010-09-10 05:52 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 1210880 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00 . 2010-11-06 00:23 5959168 c:\windows\system32\dllcache\mshtml.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 1991680 c:\windows\system32\dllcache\iertutil.dll
+ 2010-10-08 21:12 . 2010-10-08 21:12 8354304 c:\windows\Installer\31ab1a.msp
+ 2010-11-19 12:34 . 2010-11-19 12:34 3459584 c:\windows\Installer\31ab01.msp
+ 2010-11-11 11:54 . 2010-11-11 11:54 1002496 c:\windows\Installer\31aae8.msp
+ 2010-11-11 11:54 . 2010-11-11 11:54 1121792 c:\windows\Installer\31aae7.msp
+ 2010-11-11 11:54 . 2010-11-11 11:54 1310720 c:\windows\Installer\31aae6.msp
+ 2010-09-26 14:07 . 2010-12-16 06:43 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 1479520 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 1858400 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 3792736 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2010-09-26 14:07 . 2010-11-10 13:38 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-09-26 14:07 . 2010-12-16 06:43 1449312 c:\windows\Installer\{91140000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2010-03-01 03:20 . 2010-03-01 03:20 2323840 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GKWORD.DLL
+ 2010-03-01 03:20 . 2010-03-01 03:20 2102656 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GKPOWERPOINT.DLL
+ 2010-03-01 03:20 . 2010-03-01 03:20 3355008 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\GKEXCEL.DLL
+ 2010-12-16 06:44 . 2010-09-10 05:52 1210880 c:\windows\ie8updates\KB2416400-IE8\urlmon.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 5957120 c:\windows\ie8updates\KB2416400-IE8\mshtml.dll
+ 2010-12-16 06:44 . 2010-09-10 05:52 1986560 c:\windows\ie8updates\KB2416400-IE8\iertutil.dll
+ 2010-09-25 19:51 . 2010-12-16 06:40 37366216 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2010-11-06 00:23 11080704 c:\windows\system32\ieframe.dll
+ 2010-09-27 06:41 . 2010-11-06 00:23 11080704 c:\windows\system32\dllcache\ieframe.dll
+ 2010-11-11 11:52 . 2010-11-11 11:52 13486592 c:\windows\Installer\31ab34.msp
+ 2010-03-01 02:56 . 2010-03-01 02:56 10272104 c:\windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\MSPUB.EXE
+ 2010-12-16 06:44 . 2010-09-10 05:52 11080192 c:\windows\ie8updates\KB2416400-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WallpaperDownloader"="c:\program files\WallpaperDownloader\WallpaperDownloader.exe" [2010-10-06 657920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"CTHelper"="CTHELPER.EXE" [2005-12-08 16384]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-12-20 94208]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Seagate Scheduler2 Service"="c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe" [2009-11-02 136544]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2005-12-08 25600]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-18 44544]

c:\documents and settings\Evicka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Tapety 2.01.lnk - c:\program files\Tapety 2.01\Tapety.exe [2002-1-6 167936]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BTTray.lnk - c:\program files\MSI\Bluetooth Software\BTTray.exe [2004-3-31 507965]
DualCoreCenter.lnk - c:\program files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2010-9-25 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Nabídka Start^Programy^Po spuštění^MacSound.lnk]
path=c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\MacSound.lnk
backup=c:\windows\pss\MacSound.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_13.12.2010_20-22.lnk]
path=c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\setup_9.0.0.722_13.12.2010_20-22.lnk
backup=c:\windows\pss\setup_9.0.0.722_13.12.2010_20-22.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2009-11-02 16:57 906288 ----a-w- c:\program files\Seagate\DiscWizard\TimounterMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2009-11-02 16:49 1346000 ----a-w- c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\floAt's Media Control]
2005-08-29 10:09 916480 ----a-w- c:\program files\FloatMediaCtrl\floAtMediaCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetSoftware]
2010-10-27 19:39 139264 ----a-w- c:\program files\NetSoftware\Starter.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UVS12 Preload]
2008-06-09 10:03 397456 ----a-w- c:\program files\Corel\Corel VideoStudio 12\uvPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"UleadBurningHelper"=2 (0x2)
"SgtSch2Svc"=2 (0x2)
"NAUpdate"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\TC UP\\PLUGINS\\Media\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"c:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 33032532;33032532 Boot Guard Driver;c:\windows\system32\drivers\33032532.sys [13.12.2010 19:21 37392]
R0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys [18.12.2010 19:09 135032]
R1 33032531;33032531;c:\windows\system32\drivers\33032531.sys [13.12.2010 19:21 128016]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.9.2010 20:30 165584]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [8.10.2010 4:58 20088]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [10.12.2010 19:09 249616]
R1 setup_9.0.0.722_13.12.2010_20-22drv;setup_9.0.0.722_13.12.2010_20-22drv;c:\windows\system32\drivers\3303253.sys [13.12.2010 19:21 315408]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [25.10.2009 17:30 16384]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.9.2010 20:30 17744]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [10.12.2010 19:09 160448]
R3 DualCoreCenter;DualCoreCenter;c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [25.9.2010 20:04 28160]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 20:37 4640000]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [10.12.2010 19:09 89192]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [10.12.2010 19:09 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [10.12.2010 19:09 124992]
R3 RushTopDevice2;RushTopDevice2;c:\program files\MSI\DualCoreCenter\RushTop.sys [25.9.2010 20:04 50176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 9:25 30969208]
S3 MSI_DVD_010507;MSI_DVD_010507;c:\progra~1\MSI\MSIWDev\DVDSYS32_100507.sys [10.5.2010 9:44 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\progra~1\MSI\MSIWDev\msibios32_100507.sys [10.5.2010 9:44 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\progra~1\MSI\MSIWDev\VGASYS32_100507.sys [10.5.2010 9:44 16696]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [10.12.2010 19:09 57536]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [18.8.2004 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [25.3.2010 13:39 490280]
S4 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\Common Files\Seagate\Schedule2\schedul2.exe [2.11.2009 17:52 431456]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - NVR0Dev

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files\MSI\Bluetooth Software\btsendto_ie_ctx.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} - hxxps://www.mojedatovaschranka.cz/static/pages/ ... ?3,16,13,0
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-18 22:23
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3160827AS rev.3.42 -> Harddisk1\DR1 -> \Device\00000092

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
c:\docume~1\Admin\LOCALS~1\Temp\catchme.sys
c:\windows\system32\drivers\nvata.sys NVIDIA Corporation NVIDIA nForce(TM) IDE Driver
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk1\DR1[0x8AC0FAB8]
3 CLASSPNP[0xF74E7FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\00000090[0x8AC4FF18]
5 ACPI[0xF735E620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000008e[0x8AC2A030]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
sectors 312581806 (+190): user != kernel

**************************************************************************
.
Celkový čas: 2010-12-18 22:29:21
ComboFix-quarantined-files.txt 2010-12-18 21:29
ComboFix2.txt 2010-12-12 19:55
ComboFix3.txt 2010-12-11 18:13
ComboFix4.txt 2010-12-10 20:07
ComboFix5.txt 2010-12-18 21:06

Před spuštěním: Volných bajtů: 31 155 470 336
Po spuštění: Volných bajtů: 33 753 325 568

- - End Of File - - AE2B3A7073FEC74E413BD53295DCDAE5

Jak se chova PC

musím říct že před spuštěním combofixu byla zapnuta obnova systému se počítač zasekával ve stavu spánku a hlásil mi disk že není připojen, se nyní chová velmi dobře. Tak uvidíme jak dlouho to vydrží.

Ok, PC sledujte a tak ozvete se jak se chova...

jsem to přeinstaloval je vystaráno

Aha, no taky reseni

ale díky moc

Nemate zac

juknete mi na kontrolu logu mam to tam uz dlouho dekuji je to pro znamou

jj jasny, uz tam jsem

VIRY.CZ

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu