každou chvíli se mi spouští IE po každý s jinou stránkou, třeba s počasim, nevim co s tim tady je log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan at 2010-07-08 10:45:18
Microsoft® Windows Vista™ Ultimate
System drive C: has 25 GB (7%) free of 382 GB
Total RAM: 3007 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:45:27, on 8.7.2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Users\Milan\AppData\Local\Temp\Ash.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Milan\Downloads\RSIT.exe
C:\Program Files\trend micro\Milan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [WindowsSysControl] C:\Users\Public\winsvrcn.exe
O4 - HKCU\..\Run: [EWABQAF7KL] C:\Users\Milan\AppData\Local\Temp\Ash.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 9952 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll [2009-03-02 636216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-30 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-24 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-02 1004136]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"Skytel"=C:\Windows\Skytel.exe [2007-05-07 1826816]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-14 37888]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-10-07 13584928]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-10-07 92704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2006-11-02 1196032]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-03-14 39408]
"DAEMON Tools Pro Agent"=C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]
"WindowsSysControl"=C:\Users\Public\winsvrcn.exe [2010-07-06 73728]
"EWABQAF7KL"=C:\Users\Milan\AppData\Local\Temp\Ash.exe [2010-07-06 208896]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-07-06 133368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-09-06 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Users\Public\winsvrcn.exe"="C:\Users\Public\winsvrcn.exe:*:Enabled:WindowsSysControl"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2b30264c-4f63-11df-87fa-001d920a74d0}]
shell\AutoRun\command - E:\Launcher.exe
======List of files/folders created in the last 1 months======
2010-07-06 21:18:44 ----A---- C:\Windows\wininit.ini
2010-07-06 20:49:05 ----D---- C:\Program Files\ICQ7.2
2010-07-06 15:57:09 ----RA---- C:\Users\Milan\AppData\Roaming\bAf7e.txt
2010-07-06 15:57:07 ----RA---- C:\Users\Milan\AppData\Roaming\BgMek.txt
2010-07-06 15:57:07 ----A---- C:\Users\Milan\AppData\Roaming\DRO27E3.tmp.exe
2010-07-06 15:57:07 ----A---- C:\Users\Milan\AppData\Roaming\DRO27E3.tmp
======List of files/folders modified in the last 1 months======
2010-07-08 10:45:20 ----D---- C:\Program Files\trend micro
2010-07-08 10:45:15 ----D---- C:\Windows\temp
2010-07-08 10:43:47 ----D---- C:\Windows\system32\Tasks
2010-07-08 10:43:45 ----D---- C:\Windows\Tasks
2010-07-08 10:13:59 ----D---- C:\Windows\tracing
2010-07-08 07:13:00 ----D---- C:\Users\Milan\AppData\Roaming\ICQ
2010-07-08 06:55:56 ----A---- C:\Windows\win.ini
2010-07-08 06:55:55 ----SHD---- C:\Windows\Installer
2010-07-08 06:55:55 ----HD---- C:\Config.Msi
2010-07-08 06:54:21 ----D---- C:\Windows\System32
2010-07-08 06:54:20 ----D---- C:\Windows\inf
2010-07-08 06:54:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-07 21:50:21 ----D---- C:\Downloads
2010-07-06 21:49:10 ----D---- C:\Program Files\ICQ6Toolbar
2010-07-06 21:18:44 ----D---- C:\Windows
2010-07-06 20:56:03 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-07-06 20:49:55 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-06 20:49:43 ----D---- C:\ProgramData\ICQ
2010-07-06 20:49:05 ----RD---- C:\Program Files
2010-07-06 17:44:37 ----D---- C:\Windows\Prefetch
2010-07-06 17:33:25 ----D---- C:\-=FILMS & SERIALS=-
2010-07-01 13:54:57 ----A---- C:\Windows\NeroDigital.ini
2010-06-29 08:50:40 ----D---- C:\Windows\Minidump
2010-06-28 10:32:38 ----D---- C:\Program Files\Mozilla Firefox
2010-06-26 00:55:52 ----HD---- C:\ProgramData
2010-06-22 16:52:12 ----D---- C:\Windows\system32\catroot2
2010-06-10 07:07:08 ----D---- C:\Windows\system32\WDI
2010-06-09 19:34:38 ----D---- C:\-=MUSIC VIDEO RECORD=-
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2006-11-02 319488]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-01-15 1032104]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-10-07 7380896]
S3 a4wre23p;a4wre23p; C:\Windows\system32\drivers\a4wre23p.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\Windows\system32\DRIVERS\adiusbaw.sys []
S3 apq9tjkb;apq9tjkb; C:\Windows\system32\drivers\apq9tjkb.sys []
S3 catchme;catchme; \??\C:\Users\Milan\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2006-11-02 21504]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\Windows\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 snpstd;VideoCAM Trek; C:\Windows\system32\DRIVERS\snpstd.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2006-11-02 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-10-02 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2005-12-12 176193]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-10-07 203296]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-06-18 77944]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2006-11-02 521216]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-06 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2006-11-02 562176]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
samovolné spouštění Internet Explorer
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: samovolné spouštění Internet Explorer
slusny bordel 
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: samovolné spouštění Internet Explorer
log z combofix:
ComboFix 10-07-07.02 - Milan 08.07.2010 13:44:39.2.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.3007.2078 [GMT 2:00]
Spuštěný z: c:\users\Milan\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100707-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1368 [VPS 100707-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Milan\AppData\Roaming\DRO27E3.tmp.exe
c:\users\Public\winsvrcn.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-08 do 2010-07-08 )))))))))))))))))))))))))))))))
.
2010-07-08 11:52 . 2010-07-08 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-06 18:49 . 2010-07-06 18:50 -------- d-----w- c:\program files\ICQ7.2
2010-06-24 08:45 . 2010-06-24 08:45 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbAB4E.tmp.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-08 11:46 . 2007-10-20 09:01 81198 ----a-w- c:\windows\system32\perfc005.dat
2010-07-08 11:46 . 2007-10-20 09:01 473360 ----a-w- c:\windows\system32\perfh005.dat
2010-07-08 11:33 . 2007-12-25 19:29 -------- d-----w- c:\users\Milan\AppData\Roaming\ICQ
2010-07-08 08:45 . 2009-07-21 10:00 -------- d-----w- c:\program files\trend micro
2010-07-06 19:49 . 2009-07-07 19:55 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-06 18:56 . 2009-07-21 17:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-06 18:49 . 2007-12-18 14:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-06 18:49 . 2009-07-07 19:55 -------- d-----w- c:\programdata\ICQ
2010-07-06 13:57 . 2010-07-06 13:57 0 ----a-w- c:\users\Milan\AppData\Roaming\DRO27E3.tmp
2010-05-27 14:40 . 2010-05-20 14:40 -------- d-----w- c:\program files\McAfee Security Scan
2010-05-21 12:14 . 2009-10-04 06:49 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 14:40 . 2010-05-20 14:40 -------- d-----w- c:\programdata\McAfee Security Scan
2010-05-20 14:40 . 2010-05-20 14:40 -------- d-----w- c:\programdata\McAfee
2010-05-02 13:10 . 2007-12-19 11:03 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-24 11:25 . 2010-04-24 11:25 8192 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2010-04-24 11:25 . 2010-04-24 11:25 61440 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-04-24 11:25 . 2010-04-24 11:25 10240 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2010-04-18 17:56 . 2010-04-18 17:56 1048576 ----a-w- c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\049pp753.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2006-11-22 14:58 . 2006-11-22 14:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2009-07-22_10.23.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFPf.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFCoinstaller.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFPf.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFCoinstaller.dll
- 2006-11-02 08:54 . 2006-11-02 09:46 55296 c:\windows\System32\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\System32\WUDFSvc.dll
- 2006-11-02 08:54 . 2006-11-02 09:46 87552 c:\windows\System32\WUDFCoinstaller.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\System32\WUDFCoinstaller.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 60416 c:\windows\System32\WpdMtpUS.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 33280 c:\windows\System32\WpdConns.dll
+ 2007-12-18 14:11 . 2010-07-08 11:41 53974 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-12-18 14:05 . 2010-07-08 11:41 15356 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1704330863-2785912620-1813613934-1000_UserData.bin
- 2006-03-24 06:31 . 2008-09-15 06:56 91136 c:\windows\System32\nmwcdcls.dll
+ 2006-03-24 06:31 . 2009-02-09 06:37 91136 c:\windows\System32\nmwcdcls.dll
+ 2001-08-23 12:00 . 2001-08-23 12:00 37916 c:\windows\System32\msxml2r.dll
+ 2010-05-21 10:22 . 2010-05-21 10:22 84507 c:\windows\System32\Macromed\Flash\uninstall_activeX.exe
- 2009-03-28 09:11 . 2008-08-26 08:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-09-15 13:03 . 2008-08-26 08:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-04-18 17:58 . 2004-02-19 08:39 74496 c:\windows\System32\DriverStore\FileRepository\obvious.inf_42979624\OBVIOUS.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 22016 c:\windows\System32\DriverStore\FileRepository\ccdcmbo.inf_0b649316\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 91136 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcls.dll
+ 2009-02-09 06:37 . 2009-02-09 06:37 17664 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\ccdcmb.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\System32\drivers\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\System32\drivers\WUDFPf.sys
+ 2006-11-02 10:25 . 2006-11-02 09:04 39936 c:\windows\System32\drivers\WpdUsb.sys
+ 2009-09-15 13:03 . 2008-08-26 08:26 18816 c:\windows\System32\drivers\pccsmcfd.sys
- 2009-03-28 09:11 . 2008-08-26 08:26 18816 c:\windows\System32\drivers\pccsmcfd.sys
- 2008-09-15 06:56 . 2008-09-15 06:56 22016 c:\windows\System32\drivers\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 22016 c:\windows\System32\drivers\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 17664 c:\windows\System32\drivers\ccdcmb.sys
- 2008-09-15 06:56 . 2008-09-15 06:56 17664 c:\windows\System32\drivers\ccdcmb.sys
+ 2008-03-06 11:37 . 2009-11-24 23:49 48560 c:\windows\System32\drivers\aswTdi.sys
+ 2008-03-06 11:37 . 2009-11-24 23:48 23120 c:\windows\System32\drivers\aswRdr.sys
+ 2008-03-06 11:36 . 2009-11-24 23:49 53328 c:\windows\System32\drivers\aswMonFlt.sys
- 2008-04-02 13:24 . 2009-02-05 21:07 20560 c:\windows\System32\drivers\aswFsBlk.sys
+ 2008-04-02 13:24 . 2009-11-24 23:50 20560 c:\windows\System32\drivers\aswFsBlk.sys
+ 2006-11-02 13:00 . 2010-07-08 11:39 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:00 . 2009-07-22 10:12 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:00 . 2010-07-08 11:39 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:00 . 2009-07-22 10:12 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:00 . 2010-07-08 11:39 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-03-06 11:37 . 2009-11-24 23:47 97480 c:\windows\System32\AvastSS.scr
- 2008-03-06 11:37 . 2009-02-05 21:04 97480 c:\windows\System32\AvastSS.scr
+ 2010-06-15 06:31 . 2010-06-15 06:31 21504 c:\windows\Installer\2f27c.msi
- 2008-04-05 16:55 . 2008-04-05 16:55 65536 c:\windows\Installer\{77296E63-8C19-462B-ABA1-F510750A8C51}\NewShortcut1_F8354160C274433BBE3A7DFC0058E931.exe
+ 2008-04-05 16:55 . 2009-09-15 13:13 65536 c:\windows\Installer\{77296E63-8C19-462B-ABA1-F510750A8C51}\NewShortcut1_F8354160C274433BBE3A7DFC0058E931.exe
+ 2010-04-24 11:26 . 2010-04-24 11:26 15086 c:\windows\Installer\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\ARPPRODUCTICON.exe
+ 2009-09-15 13:03 . 2009-09-15 13:03 10134 c:\windows\Installer\{0C973594-7DDF-4BD0-84ED-3517F7622037}\ARPPRODUCTICON.exe
+ 2006-11-02 10:25 . 2010-06-15 18:13 86016 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-05-11 08:03 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2010-04-24 11:26 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-03-28 09:13 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-11 08:03 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2010-06-15 18:13 51200 c:\windows\inf\infpub.dat
+ 2007-12-19 11:00 . 2010-07-07 20:19 2606 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-03-19 12:48 . 2009-03-19 12:48 8320 c:\windows\System32\DriverStore\FileRepository\nmwcdnsuc.inf_545c47c7\nmwcdnsuc.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbm.inf_65311714\usbser_lowerflt.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbcj.inf_6fbfd776\usbser_lowerfltj.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerfltj.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerflt.sys
- 2009-07-22 09:19 . 2009-07-22 09:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-08 11:39 . 2010-07-08 11:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-07-22 09:19 . 2009-07-22 09:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-08 11:39 . 2010-07-08 11:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-02 19:02 . 2009-10-02 19:02 3262 c:\windows\Installer\{52D02A2B-03D2-4E34-A358-DC5D951FD296}\ARPPRODUCTICON.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFHost.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFHost.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\System32\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\System32\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\System32\WUDFHost.exe
+ 2006-11-02 10:25 . 2006-11-02 09:46 151552 c:\windows\System32\WpdMtp.dll
+ 2006-11-02 13:03 . 2010-07-08 11:41 111508 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2006-11-02 10:33 . 2009-07-07 19:54 609944 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-07-08 11:46 609944 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-07 19:54 103726 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-07-08 11:46 103726 c:\windows\System32\perfc009.dat
+ 2009-02-09 06:37 . 2009-02-09 06:37 659968 c:\windows\System32\nmwcdcocls.dll
- 2008-09-15 06:56 . 2008-09-15 06:56 659968 c:\windows\System32\nmwcdcocls.dll
+ 2004-08-03 16:56 . 2004-08-03 16:56 701440 c:\windows\System32\msxml2.dll
+ 2010-04-18 17:58 . 2002-01-05 11:40 487424 c:\windows\System32\msvcp70.dll
+ 2010-04-18 17:58 . 2002-01-05 13:48 974848 c:\windows\System32\mfc70.dll
+ 2010-06-25 06:12 . 2010-06-25 06:12 231888 c:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\System32\Macromed\Flash\FlashUtil10e.exe
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\PCCSWpdDriver.dll
+ 2009-03-19 12:48 . 2009-03-19 12:48 136704 c:\windows\System32\DriverStore\FileRepository\nmwcdnsu.inf_add8f2b2\nmwcdnsu.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 659968 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcocls.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 664576 c:\windows\System32\drivers\UMDF\WpdMtpDr.dll
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 c:\windows\System32\drivers\UMDF\PCCSWpdDriver.dll
+ 2008-04-02 13:24 . 2009-11-24 23:50 114768 c:\windows\System32\drivers\aswSP.sys
- 2008-04-02 13:24 . 2009-02-05 21:07 114768 c:\windows\System32\drivers\aswSP.sys
+ 2009-08-27 17:07 . 2009-08-27 17:07 540804 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9HAYSAZR\googledict_en2es_76D5B51588E8E478[1].dat
+ 2009-09-15 13:03 . 2009-09-15 13:03 549888 c:\windows\Installer\3ee32.msi
+ 2009-10-02 19:02 . 2009-10-02 19:02 331264 c:\windows\Installer\2fa22b3.msi
+ 2010-04-24 11:26 . 2010-04-24 11:26 838144 c:\windows\Installer\13a04c1.msi
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 c:\windows\System32\WUDFUpdate_01007.dll
- 2008-09-15 06:29 . 2008-09-15 06:29 1112288 c:\windows\System32\wdfcoinstaller01007.dll
+ 2009-02-09 06:32 . 2009-02-09 06:32 1112288 c:\windows\System32\wdfcoinstaller01007.dll
+ 2006-11-02 10:22 . 2009-10-02 19:29 5767168 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-07-20 20:29 5767168 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-03-25 03:21 . 2010-06-25 06:12 5612496 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\WUDFUpdate_01007.dll
+ 2009-02-09 06:32 . 2009-02-09 06:32 1112288 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\wdfcoinstaller01007.dll
+ 2010-04-15 07:44 . 2009-09-04 15:29 1892184 c:\windows\System32\D3DX9_42.dll
+ 2008-03-06 11:36 . 2009-11-24 23:54 1280480 c:\windows\System32\aswBoot.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-14 39408]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-07-06 133368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-02 1004136]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"Skytel"="Skytel.exe" [2007-05-07 1826816]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13584928]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 92704]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2007-12-26 221247]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1704330863-2785912620-1813613934-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-02 721904]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:44]
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\049pp753.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-WindowsSysControl - c:\users\Public\winsvrcn.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-08 13:52
Windows 6.0.6000 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-07-08 13:56:11
ComboFix-quarantined-files.txt 2010-07-08 11:56
ComboFix2.txt 2009-07-22 10:24
Před spuštěním: Volných bajtů: 26 563 383 296
Po spuštění: Volných bajtů: 26 621 972 480
- - End Of File - - 697B744C97D0768E73DD1636E99C6DC6
ComboFix 10-07-07.02 - Milan 08.07.2010 13:44:39.2.2 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1250.420.1029.18.3007.2078 [GMT 2:00]
Spuštěný z: c:\users\Milan\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100707-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1368 [VPS 100707-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Milan\AppData\Roaming\DRO27E3.tmp.exe
c:\users\Public\winsvrcn.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-08 do 2010-07-08 )))))))))))))))))))))))))))))))
.
2010-07-08 11:52 . 2010-07-08 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-06 18:49 . 2010-07-06 18:50 -------- d-----w- c:\program files\ICQ7.2
2010-06-24 08:45 . 2010-06-24 08:45 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbAB4E.tmp.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-08 11:46 . 2007-10-20 09:01 81198 ----a-w- c:\windows\system32\perfc005.dat
2010-07-08 11:46 . 2007-10-20 09:01 473360 ----a-w- c:\windows\system32\perfh005.dat
2010-07-08 11:33 . 2007-12-25 19:29 -------- d-----w- c:\users\Milan\AppData\Roaming\ICQ
2010-07-08 08:45 . 2009-07-21 10:00 -------- d-----w- c:\program files\trend micro
2010-07-06 19:49 . 2009-07-07 19:55 -------- d-----w- c:\program files\ICQ6Toolbar
2010-07-06 18:56 . 2009-07-21 17:40 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-06 18:49 . 2007-12-18 14:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-06 18:49 . 2009-07-07 19:55 -------- d-----w- c:\programdata\ICQ
2010-07-06 13:57 . 2010-07-06 13:57 0 ----a-w- c:\users\Milan\AppData\Roaming\DRO27E3.tmp
2010-05-27 14:40 . 2010-05-20 14:40 -------- d-----w- c:\program files\McAfee Security Scan
2010-05-21 12:14 . 2009-10-04 06:49 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-20 14:40 . 2010-05-20 14:40 -------- d-----w- c:\programdata\McAfee Security Scan
2010-05-20 14:40 . 2010-05-20 14:40 -------- d-----w- c:\programdata\McAfee
2010-05-02 13:10 . 2007-12-19 11:03 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-24 11:25 . 2010-04-24 11:25 8192 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2010-04-24 11:25 . 2010-04-24 11:25 61440 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-04-24 11:25 . 2010-04-24 11:25 10240 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2010-04-18 17:56 . 2010-04-18 17:56 1048576 ----a-w- c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\049pp753.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
2006-11-22 14:58 . 2006-11-22 14:58 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2009-07-22_10.23.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFPf.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFCoinstaller.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFPf.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFCoinstaller.dll
- 2006-11-02 08:54 . 2006-11-02 09:46 55296 c:\windows\System32\WUDFSvc.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 55296 c:\windows\System32\WUDFSvc.dll
- 2006-11-02 08:54 . 2006-11-02 09:46 87552 c:\windows\System32\WUDFCoinstaller.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 87552 c:\windows\System32\WUDFCoinstaller.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 60416 c:\windows\System32\WpdMtpUS.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 33280 c:\windows\System32\WpdConns.dll
+ 2007-12-18 14:11 . 2010-07-08 11:41 53974 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2007-12-18 14:05 . 2010-07-08 11:41 15356 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1704330863-2785912620-1813613934-1000_UserData.bin
- 2006-03-24 06:31 . 2008-09-15 06:56 91136 c:\windows\System32\nmwcdcls.dll
+ 2006-03-24 06:31 . 2009-02-09 06:37 91136 c:\windows\System32\nmwcdcls.dll
+ 2001-08-23 12:00 . 2001-08-23 12:00 37916 c:\windows\System32\msxml2r.dll
+ 2010-05-21 10:22 . 2010-05-21 10:22 84507 c:\windows\System32\Macromed\Flash\uninstall_activeX.exe
- 2009-03-28 09:11 . 2008-08-26 08:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-09-15 13:03 . 2008-08-26 08:26 18816 c:\windows\System32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-04-18 17:58 . 2004-02-19 08:39 74496 c:\windows\System32\DriverStore\FileRepository\obvious.inf_42979624\OBVIOUS.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 22016 c:\windows\System32\DriverStore\FileRepository\ccdcmbo.inf_0b649316\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 91136 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcls.dll
+ 2009-02-09 06:37 . 2009-02-09 06:37 17664 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\ccdcmb.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 83328 c:\windows\System32\drivers\WUDFRd.sys
+ 2009-10-02 19:18 . 2009-10-02 19:18 51200 c:\windows\System32\drivers\WUDFPf.sys
+ 2006-11-02 10:25 . 2006-11-02 09:04 39936 c:\windows\System32\drivers\WpdUsb.sys
+ 2009-09-15 13:03 . 2008-08-26 08:26 18816 c:\windows\System32\drivers\pccsmcfd.sys
- 2009-03-28 09:11 . 2008-08-26 08:26 18816 c:\windows\System32\drivers\pccsmcfd.sys
- 2008-09-15 06:56 . 2008-09-15 06:56 22016 c:\windows\System32\drivers\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 22016 c:\windows\System32\drivers\ccdcmbo.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 17664 c:\windows\System32\drivers\ccdcmb.sys
- 2008-09-15 06:56 . 2008-09-15 06:56 17664 c:\windows\System32\drivers\ccdcmb.sys
+ 2008-03-06 11:37 . 2009-11-24 23:49 48560 c:\windows\System32\drivers\aswTdi.sys
+ 2008-03-06 11:37 . 2009-11-24 23:48 23120 c:\windows\System32\drivers\aswRdr.sys
+ 2008-03-06 11:36 . 2009-11-24 23:49 53328 c:\windows\System32\drivers\aswMonFlt.sys
- 2008-04-02 13:24 . 2009-02-05 21:07 20560 c:\windows\System32\drivers\aswFsBlk.sys
+ 2008-04-02 13:24 . 2009-11-24 23:50 20560 c:\windows\System32\drivers\aswFsBlk.sys
+ 2006-11-02 13:00 . 2010-07-08 11:39 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:00 . 2009-07-22 10:12 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:00 . 2010-07-08 11:39 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:00 . 2009-07-22 10:12 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2006-11-02 13:00 . 2010-07-08 11:39 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-03-06 11:37 . 2009-11-24 23:47 97480 c:\windows\System32\AvastSS.scr
- 2008-03-06 11:37 . 2009-02-05 21:04 97480 c:\windows\System32\AvastSS.scr
+ 2010-06-15 06:31 . 2010-06-15 06:31 21504 c:\windows\Installer\2f27c.msi
- 2008-04-05 16:55 . 2008-04-05 16:55 65536 c:\windows\Installer\{77296E63-8C19-462B-ABA1-F510750A8C51}\NewShortcut1_F8354160C274433BBE3A7DFC0058E931.exe
+ 2008-04-05 16:55 . 2009-09-15 13:13 65536 c:\windows\Installer\{77296E63-8C19-462B-ABA1-F510750A8C51}\NewShortcut1_F8354160C274433BBE3A7DFC0058E931.exe
+ 2010-04-24 11:26 . 2010-04-24 11:26 15086 c:\windows\Installer\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\ARPPRODUCTICON.exe
+ 2009-09-15 13:03 . 2009-09-15 13:03 10134 c:\windows\Installer\{0C973594-7DDF-4BD0-84ED-3517F7622037}\ARPPRODUCTICON.exe
+ 2006-11-02 10:25 . 2010-06-15 18:13 86016 c:\windows\inf\infstrng.dat
- 2006-11-02 10:25 . 2009-05-11 08:03 86016 c:\windows\inf\infstrng.dat
+ 2006-11-02 10:25 . 2010-04-24 11:26 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-03-28 09:13 86016 c:\windows\inf\infstor.dat
- 2006-11-02 10:25 . 2009-05-11 08:03 51200 c:\windows\inf\infpub.dat
+ 2006-11-02 10:25 . 2010-06-15 18:13 51200 c:\windows\inf\infpub.dat
+ 2007-12-19 11:00 . 2010-07-07 20:19 2606 c:\windows\System32\WDI\ERCQueuedResolutions.dat
+ 2009-03-19 12:48 . 2009-03-19 12:48 8320 c:\windows\System32\DriverStore\FileRepository\nmwcdnsuc.inf_545c47c7\nmwcdnsuc.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbm.inf_65311714\usbser_lowerflt.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\DriverStore\FileRepository\ccdcmbcj.inf_6fbfd776\usbser_lowerfltj.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerfltj.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 7808 c:\windows\System32\drivers\usbser_lowerflt.sys
- 2009-07-22 09:19 . 2009-07-22 09:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-07-08 11:39 . 2010-07-08 11:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-07-22 09:19 . 2009-07-22 09:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-07-08 11:39 . 2010-07-08 11:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-02 19:02 . 2009-10-02 19:02 3262 c:\windows\Installer\{52D02A2B-03D2-4E34-A358-DC5D951FD296}\ARPPRODUCTICON.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.20800_none_9bb4f097113aa1f2\WUDFHost.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\winsxs\x86_microsoft-windows-d..frameworks-usermode_31bf3856ad364e35_6.0.6000.16659_none_9afe44e3f83d74c5\WUDFHost.exe
+ 2009-10-02 19:18 . 2009-10-02 19:18 305152 c:\windows\System32\WUDFx.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 181248 c:\windows\System32\WUDFPlatform.dll
+ 2009-10-02 19:18 . 2009-10-02 19:18 142336 c:\windows\System32\WUDFHost.exe
+ 2006-11-02 10:25 . 2006-11-02 09:46 151552 c:\windows\System32\WpdMtp.dll
+ 2006-11-02 13:03 . 2010-07-08 11:41 111508 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2006-11-02 10:33 . 2009-07-07 19:54 609944 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2010-07-08 11:46 609944 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-07 19:54 103726 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-07-08 11:46 103726 c:\windows\System32\perfc009.dat
+ 2009-02-09 06:37 . 2009-02-09 06:37 659968 c:\windows\System32\nmwcdcocls.dll
- 2008-09-15 06:56 . 2008-09-15 06:56 659968 c:\windows\System32\nmwcdcocls.dll
+ 2004-08-03 16:56 . 2004-08-03 16:56 701440 c:\windows\System32\msxml2.dll
+ 2010-04-18 17:58 . 2002-01-05 11:40 487424 c:\windows\System32\msvcp70.dll
+ 2010-04-18 17:58 . 2002-01-05 13:48 974848 c:\windows\System32\mfc70.dll
+ 2010-06-25 06:12 . 2010-06-25 06:12 231888 c:\windows\System32\Macromed\Flash\FlashUtil10h_Plugin.exe
+ 2010-01-27 00:58 . 2010-01-27 00:58 256280 c:\windows\System32\Macromed\Flash\FlashUtil10e.exe
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\PCCSWpdDriver.dll
+ 2009-03-19 12:48 . 2009-03-19 12:48 136704 c:\windows\System32\DriverStore\FileRepository\nmwcdnsu.inf_add8f2b2\nmwcdnsu.sys
+ 2009-02-09 06:37 . 2009-02-09 06:37 659968 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\nmwcdcocls.dll
+ 2006-11-02 10:25 . 2006-11-02 09:46 664576 c:\windows\System32\drivers\UMDF\WpdMtpDr.dll
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 c:\windows\System32\drivers\UMDF\PCCSWpdDriver.dll
+ 2008-04-02 13:24 . 2009-11-24 23:50 114768 c:\windows\System32\drivers\aswSP.sys
- 2008-04-02 13:24 . 2009-02-05 21:07 114768 c:\windows\System32\drivers\aswSP.sys
+ 2009-08-27 17:07 . 2009-08-27 17:07 540804 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9HAYSAZR\googledict_en2es_76D5B51588E8E478[1].dat
+ 2009-09-15 13:03 . 2009-09-15 13:03 549888 c:\windows\Installer\3ee32.msi
+ 2009-10-02 19:02 . 2009-10-02 19:02 331264 c:\windows\Installer\2fa22b3.msi
+ 2010-04-24 11:26 . 2010-04-24 11:26 838144 c:\windows\Installer\13a04c1.msi
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 c:\windows\System32\WUDFUpdate_01007.dll
- 2008-09-15 06:29 . 2008-09-15 06:29 1112288 c:\windows\System32\wdfcoinstaller01007.dll
+ 2009-02-09 06:32 . 2009-02-09 06:32 1112288 c:\windows\System32\wdfcoinstaller01007.dll
+ 2006-11-02 10:22 . 2009-10-02 19:29 5767168 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-07-20 20:29 5767168 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2008-03-25 03:21 . 2010-06-25 06:12 5612496 c:\windows\System32\Macromed\Flash\NPSWF32.dll
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 c:\windows\System32\DriverStore\FileRepository\pccswpddriver.inf_b43d96b2\WUDFUpdate_01007.dll
+ 2009-02-09 06:32 . 2009-02-09 06:32 1112288 c:\windows\System32\DriverStore\FileRepository\ccdcmb.inf_0c298eaf\wdfcoinstaller01007.dll
+ 2010-04-15 07:44 . 2009-09-04 15:29 1892184 c:\windows\System32\D3DX9_42.dll
+ 2008-03-06 11:36 . 2009-11-24 23:54 1280480 c:\windows\System32\aswBoot.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-14 39408]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 136136]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-07-06 133368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-02 1004136]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"Skytel"="Skytel.exe" [2007-05-07 1826816]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13584928]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 92704]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2007-12-26 221247]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
2007-09-06 13:08 136136 ----a-w- c:\program files\DAEMON Tools Pro\DTProAgent.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1704330863-2785912620-1813613934-1000]
"EnableNotifications"=dword:00000001
"EnableNotificationsRef"=dword:00000001
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-02 721904]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:44]
2010-07-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 07:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\049pp753.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-WindowsSysControl - c:\users\Public\winsvrcn.exe
MSConfigStartUp-PCSuiteTrayApplication - c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-08 13:52
Windows 6.0.6000 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-07-08 13:56:11
ComboFix-quarantined-files.txt 2010-07-08 11:56
ComboFix2.txt 2009-07-22 10:24
Před spuštěním: Volných bajtů: 26 563 383 296
Po spuštění: Volných bajtů: 26 621 972 480
- - End Of File - - 697B744C97D0768E73DD1636E99C6DC6
Re: samovolné spouštění Internet Explorer
odinstaluj SpyBot aj Ad-aware - v dnesnej dobe su na dve veci
prescanuj PC s MBAM
prescanuj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?