problem z ICQ

[big_dandy]

mám problem z icq je je to spíše nějakýsi bind na icq 7 prostě mi to automaticky vihledá nějaké lidi v icq a pak jim to pošle nějaký odkaz a ten jsem otevřel a upozornilo mně to na jesly do chci uložit do počítače no tak jsem to uložil a otevřel a pak po chvilce my to vyhledalo nějaké lidi v icq a poslalo se to
Trend Micro End User License Agreement 
Software: HijackThis
Version: English/Multi-country
Date: April 2007


IMPORTANT: YOU MUST CAREFULLY READ AND AGREE TO ALL TERMS AND CONDITIONS OF THE FOLLOWING END USER LICENSE AGREEMENT BEFORE INSTALLING OR USING THE SOFTWARE.

THIS AGREEMENT SETS FORTH THE TERMS AND CONDITIONS UNDER WHICH TREND MICRO IS WILLING TO LICENSE THE "SOFTWARE" TO "YOU" AS AN INDIVIDUAL USER OR AN AUTHORIZED REPRESENTATIVE OF AN ENTITY.
BY CLICKING THE "I ACCEPT" BUTTON BELOW, YOU ARE EXPRESSING YOUR INTENT TO ENTER INTO, AND ARE ENTERING INTO, A BINDING LEGAL CONTRACT ("AGREEMENT") BETWEEN YOU AND TREND MICRO INCORPORATED OR ONE OF ITS AFFILIATES ("TREND MICRO"). THE TERMS AND CONDITIONS OF THE AGREEMENT THEN APPLY TO YOUR USE OF THE SOFTWARE. WE ENCOURAGE YOU TO PRINT A COPY OF THE AGREEMENT FOR YOUR RECORDS
YOU MUST ACCEPT THIS AGREEMENT BEFORE YOU INSTALL OR USE THE SOFTWARE. IF YOU ARE ACQUIRING THE SOFTWARE ON BEHALF OF AN ENTITY, THEN YOU MUST BE PROPERLY AUTHORIZED TO REPRESENT THAT ENTITY AND TO ACCEPT THIS AGREEMENT ON ITS BEHALF.

YOU ACCEPT THIS END USER LICENSE BY CLICKING THE "I ACCEPT" BUTTON BELOW. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, SELECT "I DO NOT ACCEPT". YOU WILL THEN NOT BE PERMITTED TO INSTALL OR USE THE SOFTWARE.

1. LICENSE. Upon Your acceptance of the terms and conditions of this Agreement, Trend Micro hereby grants You a nonexclusive, nontransferable, non-sublicensable, royalty-free, worldwide license, to download, install the Software, for Your own use only. Trend Micro reserves the right to enhance, modify, or discontinue the Software or to impose new or different conditions on its use at any time without notice.

2. USE RESTRICTIONS AND OWNERSHIP. The Software is licensed not sold. Trend Micro owns the title and intellectual property rights to the Software, and reserves all rights not expressly granted to You in this Agreement. You agree that you will not rent, loan, lease or sublicense the Software. You agree not to attempt to reverse engineer, decompile, modify, translate, disassemble, discover the source code of, or create derivative works from, any part of the Software or authorize others to undertake any of these acts.

3. BACKUP. For as long as You use the Software, You agree to regularly back-up Your computer programs and files ("Data") on a separate media. You acknowledge that the failure to do so may cause You to lose Data in the event that any error in the Software causes computer problems, and that Trend Micro is not responsible for any such Data loss.

4. TERMINATION. Trend Micro may terminate the license at any time for any reason. Upon such termination, You agree to delete or destroy all copies of the Software. You may terminate this Agreement at any point by destroying or deleting all copies of the Software.

5. REPORTS AND PRIVACY. At any time during the term of this Agreement, You may choose to send to Trend Micro a report of log files that may include personal information that the Software scanned on Your computer. By accepting this Agreement, You hereby give Your consent to Trend Micro to process log file data provided by You ("Information") in connection with this Agreement; processing may include collection, registration, storage, modification or disclosure of such Information to third parties. As a condition to using the Software and by accepting this Agreement, You ensure, represent and warrant that You are legally permitted to provide Trend Micro with access to the Information and You also give Your consent to Trend Micro to transfer or store the Information in one or more of its group companies, located in and/or outside the country where You are located, and/or in jurisdictions which may have a lower level of protection of Information than is applicable in the country where You are located or where pr
ivacy laws may not be as stringent as those in Your own country.

6. CAUTION AND ACKNOWLEDGEMENT. The Software is designed to identify different types of files, operating system changes, registry or browser settings, which, in Trend Micro's judgment, may compromise computer security or productivity. You agree that Trend Micro shall not be responsible for any removal or disabling of files or settings or the results of such removal or disabling. You are solely responsible for selecting which files or settings to remove from Your computer.

7. NO WARRANTY. THE SOFTWARE IS PROVIDED "AS IS," WITHOUT WARRANTIES OF ANY KIND. TREND MICRO DOES NOT WARRANT THAT YOUR USE OF THE SOFTWARE WILL BE UNINTERRUPTED OR ERROR FREE. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, TREND MICRO DISCLAIMS AND EXCLUDES ALL REPRESENTATIONS AND WARRANTIES WITH RESPECT TO THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF NONINFRINGEMENT OF THIRD PARTY RIGHTS, SATISFACTORY QUALITY, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.

8. NO LIABILITY FOR CONSEQUENTIAL DAMAGES.
(A) TREND MICRO DOES NOT SEEK TO LIMIT OR EXCLUDE ITS LIABILITY IN THE EVENT OF DEATH OR PERSONAL INJURY CAUSED BY ITS NEGLIGENCE OR FOR FRAUD OR FOR ANY OTHER LIABILITY FOR WHICH IT IS NOT PERMITTED BY LAW TO EXCLUDE.
(B) TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, TREND MICRO DISCLAIMS ALL LIABILITY FOR CONSEQUENTIAL, SPECIAL, INCIDENTAL OR INDIRECT DAMAGES OF ANY KIND OR FOR LOST OR CORRUPTED DATA OR MEMORY, SYSTEM CRASH, DISK/SYSTEM DAMAGE, LOST PROFITS OR SAVINGS, OR LOSS OF BUSINESS, ARISING OUT OF OR RELATED TO THIS AGREEMENT. YOU ALSO UNDERSTAND AND AGREE THAT YOU DOWNLOAD, INSTALL AND/OR USE THE SOFTWARE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE USE OF THE SOFTWARE.
9. CONSUMER PROTECTION AND PRIVACY. SOME COUNTRIES, STATES AND PROVINCES, INCLUDING MEMBER STATES OF THE EUROPEAN ECONOMIC AREA, DO NOT ALLOW CERTAIN EXCLUSIONS OR LIMITATIONS OF LIABILITY, SO THE ABOVE DISCLAIMER OF WARRANTY AND EXCLUSION OR LIMITATION OF LIABILITIES (SECTIONS 7 AND 8) MAY NOT FULLY APPLY TO YOU. YOU MAY HAVE ADDITIONAL RIGHTS AND REMEDIES. SUCH POSSIBLE RIGHTS OR REMEDIES, IF ANY, SHALL NOT BE AFFECTED BY THIS AGREEMENT. THERE MAY BE MANDATORY REGULATIONS OR LEGAL PROVISIONS THAT ARE APPLICABLE TO YOU AS A CONSUMER.
10. COMPLIANCE WITH ALL LAWS, EXPORT CONTROL. The Software is subject to export controls under the U.S. Export Administration Regulations. The Software may not be exported or re-exported to entities within, or residents or citizens of, embargoed countries or countries subject to applicable trade sanctions, nor to prohibited or denied persons or entities without proper government licenses. Information about such restrictions can be found at the following websites: http://www.treas.gov/ofac/ and http://www.bis.doc.gov/complianceandenf ... oCheck.htm. You are responsible for any violation of the US export control laws related to Your copy of the Software. By accepting this Agreement, You confirm that You are not a resident or citizen of any country currently embargoed by the U.S. and that You are not otherwise prohibited from receiving the Software.

11. U.S. GOVERNMENT RESTRICTED RIGHTS. If the entity on whose behalf You are acquiring the Software is any unit or agency of the United States Government, then that Government entity acknowledges that the Software, (i) was developed at private expense, (ii) is commercial in nature, (iii) is not in the public domain, and (iv) is "Restricted Computer Software" as that term is defined in Clause 52.227 19 of the Federal Acquisition Regulations (FAR) and is "Commercial Computer Software" as that term is defined in Subpart 227.471 of the Department of Defense Federal Acquisition Regulation Supplement (DFARS). The Government agrees that (i) if the Software is supplied to the Department of Defense (DoD), the Software is classified as "Commercial Computer Software" and the Government is acquiring only "restricted rights" in the Software and its documentation as that term is defined in Clause 252.227 7013(c)(1) of the DFARS, and (ii) if the Software is supplied to any unit or agency of the United States Government ot
her than DoD, the Government's rights in the Software and its documentation will be as defined in Clause 52.227 19(c)(2) of the FAR.

12. GOVERNING LAW. Unless otherwise required by the specific jurisdiction’s laws, this Agreement will be governed by the laws of the State of California, USA, without regard to the provisions of the United Nations Convention on Contracts for the International Sale of Goods and the conflict of laws provisions of Your state or country of residence.

13. GENERAL PROVISIONS. This is the entire agreement between You and Trend Micro with respect to the subject matter hereof and supersedes and replaces all prior or contemporaneous understandings or agreements regarding such subject matter. Any waiver of any provision of this Agreement will be effective only if in writing and signed by Trend Micro. In the event that any provision or portion of this Agreement is found to be invalid, that finding will not affect the validity of the remaining parts of this Agreement. Trend Micro may assign or subcontract some or all of its obligations under this Agreement to qualified third parties or its affiliates and/or subsidiaries, provided that no such assignment or subcontract shall relieve Trend Micro of its obligations under this Agreement.

14. QUESTIONS. Address all questions about this Agreement to: legalnotice@trendmicro.com.


The Software is protected by copyright, trade secret and U.S. PATENT laws, and international treaty provisions. UNAUTHORIZED REPRODUCTION OR DISTRIBUTION IS SUBJECT TO CIVIL AND CRIMINAL PENALTIES

[Rudy]

Jde o HijackThis, což je utilita na zjištění běžících procesů a služeb. Dají se přes něj fixovat některé procesy. Sw je dnes ovšem překonaný. Dříve byl používán i zde na fóru. Nejedná se o nákazu.

[big_dandy]

ComboFix 10-08-12.01 - dan 12.08.2010 20:40:49.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3070.2210 [GMT 2:00]
Spuštěný z: c:\users\dan\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\2.bin\F3CJpeg.dll
c:\program files\MyWebSearch\bar\2.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\2.bin\F3HTtpct.dll
c:\program files\MyWebSearch\bar\2.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\2.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\2.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\2.bin\F3SCrctr.dll
c:\program files\MyWebSearch\bar\2.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\2.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\2.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\2.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\2.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\2.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\2.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\2.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\2.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\2.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\2.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\2.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\users\dan\AppData\Roaming\Desktopicon
c:\users\dan\AppData\Roaming\Desktopicon\eBay.ico
c:\users\dan\AppData\Roaming\Desktopicon\uninst.exe
c:\users\dan\AppData\Roaming\Microsoft\Windows\Recent\??? ??????? ??? ?????? ???.url
c:\users\dan\AppData\Roaming\Microsoft\Windows\Recent\Visit gta-action.com.url
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\ealregsnapshot1.reg
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\hGv_71.exe
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_MyWebSearchService


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-12 do 2010-08-12 )))))))))))))))))))))))))))))))
.

2010-08-12 18:44 . 2010-08-12 18:46 -------- d-----w- c:\users\dan\AppData\Local\temp
2010-08-12 18:44 . 2010-08-12 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-12 17:39 . 2010-08-12 17:39 -------- d-----w- C:\rsit
2010-08-12 17:39 . 2010-08-12 17:39 -------- d-----w- c:\program files\trend micro
2010-08-12 17:28 . 2010-08-12 17:28 -------- d-----w- c:\users\dan\AppData\Roaming\QIP
2010-08-12 17:27 . 2010-08-09 15:40 190928 ----a-w- c:\users\dan\AppData\Roaming\QipGuard\QipGuard.exe
2010-08-12 17:27 . 2010-08-09 15:39 280440 ----a-w- c:\users\dan\AppData\Roaming\QipGuard\sqlite3.dll
2010-08-12 17:27 . 2010-08-12 17:27 -------- d-----w- c:\users\dan\AppData\Roaming\QipGuard
2010-08-12 17:27 . 2010-08-09 15:39 20944 ----a-w- c:\users\dan\AppData\Roaming\QipGuard\chrome.dll
2010-08-12 17:27 . 2010-08-09 15:40 127440 ----a-w- c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\xeb6rykq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
2010-08-12 17:27 . 2010-08-09 15:39 149968 ----a-w- c:\users\dan\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
2010-08-12 17:11 . 2010-08-12 17:11 -------- d-sh--r- c:\users\Public\U-2535-6853-8747
2010-08-12 16:10 . 2010-08-12 16:10 -------- d-sh--r- c:\users\Public\S-2535-6853-2745
2010-08-10 20:53 . 2010-08-10 20:53 -------- d-----w- c:\users\dan\AppData\Local\NFS Underground 2
2010-08-10 14:27 . 2010-08-12 18:12 -------- d-----w- c:\users\dan\AppData\Local\LogMeIn Hamachi
2010-08-09 16:46 . 2010-08-09 16:46 -------- d-----w- c:\program files\Microsoft Works
2010-08-09 16:46 . 2010-08-09 16:46 -------- d-----w- c:\windows\PCHEALTH
2010-08-09 16:46 . 2010-08-09 16:46 -------- d-----w- c:\program files\Microsoft.NET
2010-08-09 16:45 . 2010-08-09 16:45 -------- d-----w- c:\users\dan\AppData\Local\Microsoft Help
2010-08-09 16:45 . 2010-08-09 16:47 -------- d-----w- c:\programdata\Microsoft Help
2010-08-09 16:43 . 2010-08-09 16:43 -------- d-----r- C:\MSOCache
2010-08-08 21:28 . 2010-08-08 21:30 -------- d-----w- c:\users\dan\AppData\Roaming\BSplayer
2010-08-08 21:28 . 2010-08-08 21:28 -------- d-----w- c:\users\dan\AppData\Roaming\BSplayer Pro
2010-08-07 15:16 . 2010-08-07 15:20 52481 ----a-w- c:\windows\War3Unin.dat
2010-08-07 15:16 . 2010-08-07 15:20 2829 ----a-w- c:\windows\War3Unin.pif
2010-08-07 15:16 . 2010-08-07 15:20 139264 ----a-w- c:\windows\War3Unin.exe
2010-08-04 22:03 . 2010-08-04 22:03 -------- d-----w- c:\users\dan\AppData\Local\The Lord of the Rings Online
2010-08-03 20:25 . 2010-08-03 20:25 -------- d-----w- c:\users\dan\AppData\Roaming\Turbine
2010-08-03 20:00 . 2010-08-03 20:00 -------- d-----w- c:\users\dan\AppData\Local\Turbine
2010-08-03 19:59 . 2010-08-07 13:18 -------- d-----w- c:\users\dan\AppData\Local\ApplicationHistory
2010-08-03 19:59 . 2010-08-03 19:59 91 ----a-w- c:\users\dan\AppData\Local\fusioncache.dat
2010-08-03 19:58 . 2010-08-03 19:58 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-03 19:14 . 2010-08-03 19:14 -------- d-----w- c:\users\dan\AppData\Local\RapidSharing.eu
2010-08-01 18:19 . 2010-08-07 19:57 -------- d-----w- c:\users\dan\AppData\Roaming\My Battle for Middle-earth Files
2010-08-01 12:32 . 2010-08-01 12:32 152220 ----a-w- c:\windows\Elbenstern Mod V.5.0 German Uninstaller.exe
2010-08-01 12:14 . 2010-08-01 12:14 -------- d-----w- c:\program files\EA GAMES
2010-08-01 12:00 . 2010-08-01 12:34 152059 ----a-w- c:\windows\Elvenstar Mod V.5.0 English Uninstaller.exe
2010-08-01 00:16 . 2010-08-01 00:16 -------- d-----w- c:\windows\Left 4 Dead
2010-07-31 21:22 . 2010-07-31 21:22 -------- d-----w- c:\users\dan\AppData\Roaming\VitySoft
2010-07-31 21:22 . 2010-07-31 21:22 -------- d-----w- c:\program files\Common Files\Java
2010-07-31 21:22 . 2010-07-31 21:22 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-31 21:22 . 2010-07-31 21:22 -------- d-----w- c:\program files\Java
2010-07-30 11:55 . 2010-07-30 11:55 -------- d-----w- c:\programdata\Age of Empires 3
2010-07-29 23:50 . 2010-07-29 23:50 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-07-29 23:50 . 2010-07-29 23:50 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-07-28 13:19 . 2010-07-28 13:19 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-07-28 13:19 . 2010-07-28 13:19 249856 ------w- c:\windows\Setup1.exe
2010-07-26 13:43 . 2010-07-26 13:43 -------- d-----w- c:\users\dan\AppData\Roaming\Media Player Classic
2010-07-25 20:45 . 2010-07-25 20:45 1 ----a-w- c:\windows\system32\SI.bin
2010-07-24 13:01 . 2010-07-24 13:01 -------- d-----w- c:\users\dan\AppData\Roaming\YoudaGames
2010-07-24 06:54 . 2010-07-24 06:49 38784 ----a-w- c:\users\dan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-24 06:54 . 2010-07-24 06:49 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-24 06:54 . 2010-07-24 06:54 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-20 13:05 . 2010-07-20 13:05 45 ---h--w- c:\windows\dsez2739.dat
2010-07-19 18:08 . 2010-07-19 18:10 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-07-19 18:08 . 2010-07-19 18:10 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-07-19 18:08 . 2010-07-19 18:10 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-07-19 00:28 . 2010-07-19 00:28 -------- d-----w- c:\program files\Electronic Arts
2010-07-16 10:05 . 2010-07-16 10:05 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 15:36 . 2010-07-15 15:36 -------- d-----w- c:\program files\Common Files\Thraex Software
2010-07-15 10:48 . 2010-02-03 13:56 26176 ---ha-w- c:\windows\system32\hamachi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-12 18:47 . 2010-03-30 12:22 -------- d-----w- c:\users\dan\AppData\Roaming\Skype
2010-08-12 18:47 . 2010-04-11 21:06 -------- d-----w- c:\users\dan\AppData\Roaming\Hamachi
2010-08-12 16:47 . 2010-03-30 12:28 -------- d-----w- c:\users\dan\AppData\Roaming\skypePM
2010-08-12 15:09 . 2010-02-28 18:15 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-12 14:30 . 2010-02-28 18:15 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-12 09:12 . 2010-02-28 11:55 84104 ----a-w- c:\users\dan\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-12 07:18 . 2010-05-14 18:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-11 11:15 . 2010-02-28 11:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-10 08:55 . 2009-07-27 13:22 631116 ----a-w- c:\windows\system32\perfh005.dat
2010-08-10 08:55 . 2009-07-27 13:22 123556 ----a-w- c:\windows\system32\perfc005.dat
2010-08-03 21:44 . 2010-07-09 12:05 -------- d-----w- c:\users\dan\AppData\Roaming\uTorrent
2010-07-31 20:46 . 2010-07-08 20:44 -------- d-----w- c:\program files\Common Files\Steam
2010-07-30 00:09 . 2010-06-22 19:33 -------- d-----w- c:\users\dan\AppData\Roaming\vlc
2010-07-29 06:30 . 2010-08-11 11:11 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-11 11:11 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-25 20:44 . 2010-04-03 12:56 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-24 21:10 . 2010-02-28 18:15 138056 ----a-w- c:\users\dan\AppData\Roaming\PnkBstrK.sys
2010-07-24 21:10 . 2010-02-28 18:15 138056 ----a-w- c:\users\dan\AppData\Roaming\PnkBstrK.sys
2010-07-24 21:10 . 2010-03-17 00:28 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-07-24 06:54 . 2010-05-01 21:36 -------- d-----w- c:\programdata\Electronic Arts
2010-07-16 10:05 . 2010-02-28 11:39 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-16 10:04 . 2010-02-28 11:39 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-07 17:32 . 2010-07-07 17:22 -------- d-----w- c:\program files\Hamachi
2010-07-07 16:12 . 2010-07-07 16:11 -------- d-----w- c:\users\dan\AppData\Roaming\GetRightToGo
2010-07-07 09:38 . 2010-05-14 20:44 -------- d-----w- c:\program files\Image-Line
2010-07-06 17:04 . 2010-06-12 18:26 -------- d-----w- c:\users\dan\AppData\Roaming\GameRanger
2010-07-06 00:35 . 2010-03-15 20:39 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-07-01 12:26 . 2010-02-28 18:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-30 06:25 . 2010-08-11 11:11 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-29 22:45 . 2010-06-29 22:45 1240800 ----a-w- c:\users\dan\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
2010-06-29 22:43 . 2010-06-29 22:43 159456 ----a-w- c:\users\dan\AppData\Roaming\GameRanger\GameRanger\Data\GameRanger.dll
2010-06-27 11:40 . 2010-06-27 11:40 -------- d-----w- c:\program files\Common Files\3DO Shared
2010-06-27 11:39 . 2010-06-27 11:39 -------- d-----w- c:\program files\directx
2010-06-24 10:33 . 2010-06-06 09:57 -------- d-----w- c:\programdata\Codemasters
2010-06-22 17:33 . 2010-06-22 17:33 -------- d-----w- c:\program files\GameSpy Arcade
2010-06-22 02:47 . 2010-08-11 11:11 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-11 11:11 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-11 11:11 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-20 15:51 . 2010-04-01 18:05 -------- d-----w- c:\users\dan\AppData\Roaming\TeamViewer
2010-06-19 06:33 . 2010-08-11 11:11 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-11 11:11 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-11 11:11 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-19 04:07 . 2010-08-11 11:11 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-06-16 21:38 . 2010-06-16 21:35 -------- d-----w- c:\users\dan\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2010-06-16 05:48 . 2010-08-11 11:11 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-14 06:12 . 2010-08-11 11:11 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-12 19:32 . 2010-06-12 19:32 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-06-11 16:04 . 2010-06-11 16:04 98304 ----a-w- c:\windows\system32CmdLineExt.dll
2010-06-08 06:02 . 2010-08-11 11:11 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-06-06 12:57 . 2010-06-06 09:51 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-06-06 12:57 . 2010-06-06 09:51 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-06-03 12:35 . 2010-02-28 11:39 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-30 14:11 . 2010-05-30 14:11 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-05-30 14:11 . 2010-05-30 14:11 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-05-30 14:11 . 2010-05-30 14:11 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-05-27 07:24 . 2010-06-10 11:36 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 11:36 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-04-30 09:32 . 2010-04-30 09:32 9591104 ----a-w- c:\program files\DTLite4356-0091.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="d:\program files\steam\steam.exe" [2010-07-08 1238352]
"Windows Boot Control"="c:\users\Public\S-2535-6853-2745\winrsvn.exe" [2010-08-12 80384]
"Windows USB Service"="c:\users\Public\U-2535-6853-8747\winusbmgr.exe" [2010-08-12 139264]
"QIP Internet Guardian"="c:\users\dan\AppData\Roaming\QipGuard\QipGuard.exe" [2010-08-09 190928]
"Infium"="d:\program files\QIP 2010\qip.exe" [2010-08-09 5828560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-16 2065760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"LogMeIn Hamachi Ui"="d:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - d:\program files\Hamachi\hamachi.exe [2010-8-11 599592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-21 136176]
R3 GarenaPEngine;GarenaPEngine;c:\users\dan\AppData\Local\Temp\DWQ62E0.tmp [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-29 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-02-28 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-07-16 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-07-16 243024]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-16 308136]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.
Obsah adresáře 'Naplánované úlohy'

2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-21 12:22]

2010-08-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-21 12:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {CC6F5958-5FC5-4424-A7F7-481F1D6DEA79} = 10.255.255.10,10.255.255.20
FF - ProfilePath - c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\xeb6rykq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZKxdm012YYCZ&ptb=FhK1J1pG6AenDi.GDvZYsA&psa=&ind=2010032617&ptnrS=ZKxdm012YYCZ&si=142522&st=kwd&n=77cea9e9&searchfor=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\xeb6rykq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\xeb6rykq.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\xeb6rykq.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-eBay Icon - c:\users\dan\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-hGv_71 - c:\windows\system32\hGv_71.exe



[HKEY_LOCAL_MACHINE\system\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\dan\AppData\Local\Temp\DWQ62E0.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1920549612-605888805-4144574872-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:5b,8b,a3,7b,ee,1b,70,c6,c2,d3,30,3e,ed,55,db,01,75,ed,84,f1,4d,bc,d3,
fe,6f,80,8a,b6,57,44,0d,01,74,60,df,3e,1f,be,f2,66,db,ea,0f,d0,10,29,e5,31,\
"??"=hex:c7,f2,0b,5f,39,1f,41,ce,fa,ee,d9,2e,9d,f8,20,6c

[HKEY_USERS\S-1-5-21-1920549612-605888805-4144574872-1000\Software\SecuROM\License information*]
"datasecu"=hex:80,90,96,d8,cf,c5,f9,70,5c,7e,db,cd,93,f8,c1,a6,2c,bc,a9,4f,dd,
3c,54,06,db,aa,72,24,e7,d0,67,90,36,03,74,f4,0f,d3,f3,c0,57,64,d9,b5,c8,a4,\
"rkeysecu"=hex:df,15,f6,f4,83,ec,61,22,f1,fc,64,c3,50,60,fa,fa

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\conhost.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\program files\AVG\AVG9\avgtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2010-08-12 20:49:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-12 18:49

Před spuštěním: Volných bajtů: 43 003 916 288
Po spuštění: Volných bajtů: 46 075 957 248

- - End Of File - - 17040AD047A4DE20805707C3704FE8C6

[Rudy]

CF smazal AdWare MyWebSearch a pár infikovaných knihoven. Zbytek logu vypadá čistý.