ComboFix 10-06-20.01 - salvaja 22.06.2010 22:53:41.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.308 [GMT 2:00]
Spuštěný z: c:\documents and settings\salvaja\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\salvaja\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100622-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Outpost Firewall *disabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
FILE ::
"c:\documents and settings\salvaja\Nabídka Start\Programy\Po spuštění\siszpe32.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\salvaja\Nabídka Start\Programy\Po spuštění\siszpe32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-22 do 2010-06-22 )))))))))))))))))))))))))))))))
.
2013-08-25 22:27 . 2010-01-03 12:23 1196032 ----a-w- c:\windows\RtlUpd.exe
2013-08-11 22:14 . 2008-04-14 12:00 221184 -c--a-w- c:\windows\system32\wmpns.dll
2013-08-11 22:13 . 2008-04-13 22:09 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2013-08-11 22:13 . 2008-04-13 22:09 5504 ----a-w- c:\windows\system32\drivers\mstee.sys
2013-08-11 22:13 . 2008-04-13 22:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2013-08-11 22:13 . 2008-04-13 22:16 10880 ----a-w- c:\windows\system32\drivers\ndisip.sys
2013-08-11 22:13 . 2008-04-13 22:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2013-08-11 22:12 . 2008-04-13 22:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2013-08-11 22:12 . 2008-04-13 22:16 11136 ----a-w- c:\windows\system32\drivers\slip.sys
2013-08-11 22:12 . 2008-04-13 22:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2013-08-11 22:12 . 2008-04-13 22:16 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2013-08-11 22:12 . 2008-04-13 22:16 85248 ----a-w- c:\windows\system32\drivers\nabtsfec.sys
2013-08-11 22:12 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2013-08-11 22:12 . 2008-04-13 22:16 17024 ----a-w- c:\windows\system32\drivers\ccdecode.sys
2013-08-11 22:12 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\vfwwdm32.dll
2013-08-11 22:12 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2013-08-11 22:12 . 2008-04-13 22:16 121984 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-08-11 22:12 . 2008-04-13 22:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-09-18 08:11 . 2008-08-19 20:16 47272 ----a-w- c:\windows\system32\drivers\btwusb.sys
2012-09-18 08:11 . 2008-07-24 15:37 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2012-09-18 08:11 . 2008-03-10 16:18 57384 ----a-w- c:\windows\system32\drivers\btwhid.sys
2012-09-18 08:11 . 2008-02-04 15:57 37032 ----a-w- c:\windows\system32\drivers\btwmodem.sys
2012-09-18 08:11 . 2007-09-20 09:59 106557 -c--a-w- c:\windows\system32\btw_ci.dll
2012-09-18 08:10 . 2008-08-19 20:16 991656 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2012-09-18 08:10 . 2008-05-30 09:46 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys
2012-09-18 08:10 . 2008-02-04 15:57 37160 ----a-w- c:\windows\system32\drivers\btport.sys
2012-09-18 08:10 . 2012-09-18 08:10 -------- d-----w- c:\program files\WIDCOMM
2011-09-11 15:59 . 2011-09-11 15:59 -------- d-----w- c:\program files\EeePC
2011-09-11 15:59 . 2008-04-08 13:59 10752 ----a-w- c:\windows\system32\drivers\ASUSACPI.SYS
2011-09-11 15:17 . 2011-09-11 15:17 -------- d-----w- c:\program files\Elantech
2010-06-20 07:52 . 2010-06-20 07:52 -------- d-----w- C:\_OTM
2010-06-12 10:03 . 2008-04-13 22:10 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-06-12 10:03 . 2008-04-13 22:10 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-06-12 10:03 . 2008-04-13 22:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-06-12 10:03 . 2008-04-13 22:11 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-06-12 10:01 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-20 17:41 . 2009-05-21 15:38 -------- d-----w- c:\program files\Trend Micro
2010-06-10 06:26 . 2010-03-05 19:59 -------- d-----w- c:\program files\ICQ7.0
2010-06-09 21:42 . 2008-08-07 03:50 83562 ----a-w- c:\windows\system32\perfc005.dat
2010-06-09 21:42 . 2008-08-07 03:50 440812 ----a-w- c:\windows\system32\perfh005.dat
2010-06-07 11:20 . 2009-11-09 21:27 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-02 08:09 . 2008-08-07 03:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:32 . 2008-08-07 03:49 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-16 16:08 . 2008-08-07 03:50 668160 ----a-w- c:\windows\system32\wininet.dll
2010-04-16 16:08 . 2008-08-07 03:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2008-05-07 14:34 . 2008-08-07 22:20 15523560 -c--a-w- c:\program files\U1 Setup.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-06-20_20.12.07 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-22 20:50 . 2010-06-22 20:50 16384 c:\windows\temp\Perflib_Perfdata_6d8.dat
+ 2010-06-22 20:50 . 2010-06-22 20:50 16384 c:\windows\temp\Perflib_Perfdata_1e8.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-06-08 133368]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2009-01-29 2356088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2008-09-03 335872]
"ETDWareDetect"="c:\program files\Elantech\ETDDect.exe" [2008-08-22 204800]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-09-02 106496]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-09-02 593920]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2010-03-08 524632]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"RTHDCPL"="RTHDCPL.EXE" [2010-01-03 16861696]
"SoundMan"="SOUNDMAN.EXE" [2010-01-03 86016]
"AlcWzrd"="ALCWZRD.EXE" [2010-01-03 2808832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 -c--a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:45 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21.5.2009 15:59 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [21.5.2009 21:32 114768]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [21.5.2009 21:07 704384]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [21.5.2009 21:05 1195008]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21.5.2009 21:32 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 23:34 1029456]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [21.5.2009 21:06 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [21.5.2009 21:07 257432]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [3.1.2010 13:32 704384]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2009 12:38 717296]
S3 FileObjInfo;STFileDriver;\??\c:\documents and settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys --> c:\documents and settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-06-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:01]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\documents and settings\salvaja\Data aplikací\Mozilla\Firefox\Profiles\g0a5zs6j.default\
FF - prefs.js: browser.startup.homepage -
www.seznam.cz
FF - component: c:\program files\BS.Player ControlBar\FirefoxDTT\components\BSToolbarFF.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
Celkový čas: 2010-06-22 23:07:17
ComboFix-quarantined-files.txt 2010-06-22 21:07
ComboFix2.txt 2010-06-20 20:20
ComboFix3.txt 2010-01-04 16:55
ComboFix4.txt 2009-05-21 17:21
Před spuštěním: Volných bajtů: 52 841 353 216
Po spuštění: Volných bajtů: 52 822 233 088
- - End Of File - - 60512AE7F120C4DBCDD020240B9E9528