Ahoj,
prosím o pomoc: Avast hlásí podežrelou aktivitu (viz ss)
Logfile of random's system information tool 1.08 (written by random/random)
Run by Butterfly at 2010-09-13 21:38:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 64 GB (64%) free of 100 GB
Total RAM: 1022 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:43, on 2010-09-13
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
D:\Program Files\PDFZilla\Keylogger\winsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\My Folder\My !\PC\Malware\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Butterfly.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: IeMonitor - {8170D7DC-BDD6-461e-88EB-F047257898C9} - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DownloadStudio IE Toolbar - {CB789373-04D5-4ef4-9C16-871463FD0830} - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [iSafeCW] D:\Program Files\PDFZilla\Keylogger\winsrv.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AvastUI.lnk = C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odebírat RSS/Podcast pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O8 - Extra context menu item: Přidat stránku do DownloadStudio obrázkového alba... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Stáhnout obrázek pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Stáhnout odkaz pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Stáhnout stránku pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Stáhnout video pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_video.htm
O8 - Extra context menu item: Stáhnout výběr pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Zobrazit odkazy stránky pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 8389 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Automatic maintenance.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8170D7DC-BDD6-461e-88EB-F047257898C9}]
DownloadStudio IE Add-on - C:\Program Files\Conceiva\DownloadStudio\DLMonitr.dll [2010-08-31 670024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-23 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-23 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CB789373-04D5-4ef4-9C16-871463FD0830} - DownloadStudio IE Toolbar - C:\Program Files\Conceiva\DownloadStudio\WebDLBar.dll [2010-08-31 168264]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-28 19557480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2009-01-30 204288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2
"JavaQuickStarterService"=2
"WMPNetworkSvc"=3
"TuneUp.UtilitiesSvc"=2
"TuneUp.Defrag"=3
"sp_rssrv"=2
C:\Documents and Settings\Butterfly\Nabídka Start\Programy\Po spuštění
AvastUI.lnk - C:\Program Files\Alwil Software\Avast5\AvastUI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-04 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe"="C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Flow\Flow.exe"="C:\Program Files\Flow\Flow.exe:*:Enabled:Flow"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\vncviewer.exe"="C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\tvnserver.exe"="C:\Documents and Settings\Butterfly\Local Settings\Data aplikací\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Documents and Settings\Butterfly\Dokumenty\LAN WC3\Frozen Throne.exe"="C:\Documents and Settings\Butterfly\Dokumenty\LAN WC3\Frozen Throne.exe:*:Enabled:Frozen Throne"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2010-09-13 21:27:16 ----D---- C:\rsit
2010-09-12 23:39:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2010-09-12 23:31:32 ----D---- C:\Program Files\Microsoft Bootvis
2010-09-12 22:47:04 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\TrueCrypt
2010-09-12 22:45:51 ----A---- C:\WINDOWS\system32\drivers\truecrypt.sys
2010-09-12 22:45:50 ----D---- C:\Program Files\TrueCrypt
2010-09-12 17:06:36 ----A---- C:\WINDOWS\system32\drivers\VBoxDrv.sys
2010-09-12 17:06:25 ----A---- C:\WINDOWS\system32\drivers\VBoxUSBMon.sys
2010-09-12 17:06:05 ----D---- C:\Program Files\Oracle
2010-09-12 09:55:06 ----SHD---- C:\RECYCLER
2010-09-12 09:47:03 ----D---- C:\WINDOWS\temp
2010-09-11 12:56:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2010-09-10 16:51:01 ----D---- C:\Program Files\uTorrent
2010-09-10 16:49:40 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\uTorrent
2010-09-09 18:01:26 ----A---- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
2010-09-09 17:22:09 ----D---- C:\Program Files\Microsoft.NET
2010-09-08 21:33:56 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Conceiva
2010-09-08 21:33:12 ----D---- C:\Program Files\WinPcap
2010-09-08 21:29:36 ----A---- C:\bho.txt
2010-09-08 20:09:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Conceiva
2010-09-08 20:07:49 ----A---- C:\WINDOWS\DownloadStudioScheduleMonitor.INI
2010-09-08 19:59:52 ----D---- C:\Program Files\Conceiva
2010-09-08 19:31:17 ----D---- C:\Program Files\Endless Slideshow Screensaver
2010-09-05 12:23:43 ----D---- C:\Program Files\ICQ7.2
2010-09-04 21:26:09 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Thinstall
2010-09-03 18:30:25 ----D---- C:\Program Files\Uniblue
2010-09-03 18:30:02 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2010-09-02 21:37:40 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-09-02 21:37:38 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Spyware Terminator
2010-09-02 21:37:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-09-02 21:37:32 ----D---- C:\Program Files\Spyware Terminator
2010-09-01 21:45:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2010-09-01 21:39:21 ----D---- C:\Program Files\COMODO
2010-08-30 21:55:09 ----RD---- C:\Sandbox
2010-08-30 10:23:57 ----D---- C:\Program Files\PcMedik
2010-08-29 16:38:19 ----D---- C:\Downloads
2010-08-29 15:22:05 ----AH---- C:\Documents and Settings\All Users\Data aplikací\msadoex.dll
2010-08-29 12:51:53 ----A---- C:\WINDOWS\Sandboxie.ini
2010-08-29 12:22:14 ----A---- C:\WINDOWS\smode.dll
2010-08-29 11:53:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Zbshareware Lab
2010-08-29 11:53:02 ----D---- C:\Program Files\USB Disk Security
2010-08-29 10:00:30 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-08-28 17:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Montpellier-Informatique
2010-08-28 00:03:24 ----D---- C:\pear
2010-08-27 20:51:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-27 18:28:58 ----D---- C:\Program Files\Secunia
2010-08-27 18:06:05 ----ASH---- C:\pagefile.sys
2010-08-27 16:53:37 ----RSHD---- C:\Documents and Settings\Butterfly\Data aplikací\DisplayDriverTEMP
2010-08-27 16:53:32 ----D---- C:\WINDOWS\XSxS
2010-08-27 13:23:57 ----D---- C:\Shoty
2010-08-27 13:23:51 ----D---- C:\Program Files\ScreenShots
2010-08-27 09:37:41 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\CosmeticGuide
2010-08-27 09:35:29 ----D---- C:\Program Files\Two Pilots
2010-08-27 09:35:28 ----D---- C:\Program Files\Cosmetic Guide
2010-08-26 22:11:08 ----D---- C:\Program Files\MAXON
2010-08-26 18:17:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-08-26 10:16:58 ----A---- C:\WINDOWS\system32\tmp_docprotector.ini
2010-08-23 20:07:36 ----D---- C:\Program Files\Elecard
2010-08-23 18:30:21 ----D---- C:\WINDOWS\system32\Adobe
2010-08-23 13:11:37 ----D---- C:\Program Files\Common Files\Java
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-23 13:11:05 ----A---- C:\WINDOWS\system32\java.exe
2010-08-23 10:56:41 ----A---- C:\WINDOWS\sndvol32.exe
2010-08-23 10:38:45 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-23 10:37:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo Downloader
2010-08-23 10:36:42 ----D---- C:\PFiles
2010-08-22 22:21:23 ----D---- C:\Program Files\Common Files\Java(3)
2010-08-22 16:49:46 ----D---- C:\Program Files\Codec Pack - All In 1
2010-08-22 12:33:46 ----D---- C:\Program Files\Common Files\Futuremark Shared
2010-08-21 18:40:57 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ProgSense
2010-08-21 18:40:45 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Orbit
2010-08-20 00:02:25 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Sereniti
2010-08-19 22:12:12 ----D---- C:\VritualRoot
2010-08-19 21:14:19 ----D---- C:\Program Files\Sunbelt Software
2010-08-19 19:50:10 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-08-19 19:50:09 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-08-19 19:50:08 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-08-19 19:50:07 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-08-19 19:50:06 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-08-19 19:49:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-08-19 19:47:48 ----D---- C:\Program Files\Alwil Software
2010-08-19 14:52:40 ----D---- C:\WINDOWS\system32\RTCOM
2010-08-19 14:52:17 ----A---- C:\WINDOWS\vncutil.exe
2010-08-19 14:52:17 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-08-19 14:52:17 ----A---- C:\WINDOWS\SkyTel.exe
2010-08-19 14:52:17 ----A---- C:\WINDOWS\RtlUpd.exe
2010-08-19 14:52:16 ----A---- C:\WINDOWS\RTLCPL.EXE
2010-08-19 14:52:14 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010-08-19 14:52:14 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-08-19 14:52:11 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2010-08-19 14:52:11 ----A---- C:\WINDOWS\RTHDCPL.EXE
2010-08-19 14:52:11 ----A---- C:\WINDOWS\MicCal.exe
2010-08-19 14:52:05 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2010-08-19 14:52:04 ----D---- C:\Program Files\Realtek
2010-08-19 14:52:04 ----A---- C:\WINDOWS\ALCWZRD.EXE
2010-08-19 14:51:04 ----A---- C:\WINDOWS\RtlExUpd.dll
2010-08-19 10:45:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-08-18 16:17:25 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ATI
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-08-18 16:14:27 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-08-18 16:13:11 ----D---- C:\ATI
2010-08-18 15:00:04 ----D---- C:\Program Files\ATI
2010-08-18 14:39:47 ----D---- C:\Program Files\ATI Technologies
2010-08-15 15:29:20 ----A---- C:\WINDOWS\system32\nv4_disp.dll-nv1043
2010-08-15 15:29:17 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys-nv1245
2010-08-15 12:49:50 ----A---- C:\WINDOWS\system32\opencl.dll-nv1428
2010-08-15 12:49:50 ----A---- C:\WINDOWS\system32\nvoglnt.dll-nv1206
2010-08-15 12:49:50 ----A---- C:\WINDOWS\system32\nvcuvid.dll-nv1360
2010-08-15 12:49:50 ----A---- C:\WINDOWS\system32\nvcuvenc.dll-nv1376
2010-08-15 12:49:47 ----A---- C:\WINDOWS\system32\nvcuda.dll-nv1347
2010-08-15 12:49:47 ----A---- C:\WINDOWS\system32\nvcompiler.dll-nv1389
2010-08-15 12:49:47 ----A---- C:\WINDOWS\system32\nvcodins.dll-nv1281
2010-08-15 12:49:47 ----A---- C:\WINDOWS\system32\nvcod.dll-nv1281
2010-08-15 12:49:47 ----A---- C:\WINDOWS\system32\nvapi.dll-nv1281
======List of files/folders modified in the last 1 months======
2010-09-13 21:25:40 ----D---- C:\WINDOWS
2010-09-13 21:16:53 ----SD---- C:\WINDOWS\Tasks
2010-09-13 21:15:34 ----D---- C:\WINDOWS\Prefetch
2010-09-13 21:07:20 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 1
2010-09-13 20:48:10 ----D---- C:\Program Files\Steam
2010-09-13 18:51:55 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ICQ
2010-09-13 16:56:18 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-12 23:39:43 ----D---- C:\WINDOWS\system32
2010-09-12 23:32:45 ----ASH---- C:\boot.ini
2010-09-12 23:32:45 ----A---- C:\WINDOWS\win.ini
2010-09-12 23:32:45 ----A---- C:\WINDOWS\system.ini
2010-09-12 23:31:33 ----SHD---- C:\WINDOWS\Installer
2010-09-12 23:31:33 ----D---- C:\Config.Msi
2010-09-12 23:31:32 ----D---- C:\Program Files
2010-09-12 22:45:51 ----D---- C:\WINDOWS\system32\drivers
2010-09-12 18:43:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-12 18:43:42 ----RSD---- C:\WINDOWS\assembly
2010-09-12 17:07:10 ----HD---- C:\WINDOWS\inf
2010-09-12 14:38:36 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-12 14:38:32 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-12 09:37:59 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-12 09:33:37 ----D---- C:\WINDOWS\AppPatch
2010-09-12 09:33:34 ----D---- C:\Program Files\Common Files
2010-09-11 21:22:25 ----D---- C:\Program Files\WinUtilities
2010-09-11 16:54:40 ----D---- C:\WINDOWS\system32\config
2010-09-11 12:53:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-10 14:43:07 ----D---- C:\Program Files\Opera
2010-09-09 18:48:37 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-09 18:04:00 ----D---- C:\WINDOWS\network diagnostic
2010-09-09 17:42:36 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-09 17:30:57 ----D---- C:\WINDOWS\system32\cs-cz
2010-09-09 17:23:39 ----D---- C:\WINDOWS\WinSxS
2010-09-09 17:22:19 ----D---- C:\WINDOWS\system32\en-US
2010-09-06 21:51:47 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Skype
2010-09-06 21:38:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\skypePM
2010-09-05 18:11:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-05 12:25:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-09-05 10:45:29 ----D---- C:\Program Files\Google
2010-09-05 10:42:15 ----D---- C:\Program Files\CCleaner
2010-09-04 21:14:03 ----D---- C:\Program Files\Common Files\Real
2010-09-04 16:03:47 ----D---- C:\Program Files\Valve
2010-09-04 13:23:48 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-09-04 12:06:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2010-09-04 11:45:13 ----D---- C:\Program Files\Microsoft Games
2010-09-04 11:24:31 ----D---- C:\WINDOWS\pss
2010-09-04 11:24:03 ----SHD---- C:\System Volume Information
2010-09-04 11:24:03 ----D---- C:\WINDOWS\system32\Restore
2010-09-04 10:42:03 ----D---- C:\Documents and Settings
2010-09-03 20:55:34 ----D---- C:\Program Files\PKR
2010-09-03 20:55:34 ----D---- C:\Program Files\DVBViewerTE
2010-09-03 20:55:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Ventrilo
2010-09-03 20:55:34 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\TeamViewer
2010-09-03 20:55:33 ----D---- C:\Program Files\DivX
2010-09-03 19:05:50 ----D---- C:\Program Files\IObit
2010-09-03 18:32:42 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Uniblue
2010-09-03 13:48:07 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\dvdcss
2010-09-02 21:45:45 ----D---- C:\Program Files\Trend Micro
2010-09-02 16:21:48 ----D---- C:\Program Files\QuickTime
2010-09-01 14:03:36 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-30 15:11:02 ----SHD---- C:\WINDOWS\CSC
2010-08-29 13:05:18 ----D---- C:\WINDOWS\Help
2010-08-28 22:15:29 ----D---- C:\WINDOWS\Minidump
2010-08-28 14:01:03 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-08-27 16:40:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-08-27 16:40:27 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Real
2010-08-27 15:02:10 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-08-26 18:38:38 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\vlc
2010-08-26 18:13:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-26 16:02:32 ----D---- C:\Program Files\AIMP2
2010-08-25 22:28:56 ----D---- C:\Program Files\WhoCrashed
2010-08-25 13:46:54 ----D---- C:\Program Files\SystemRequirementsLab
2010-08-25 12:55:51 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\gtk-2.0
2010-08-23 21:26:18 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Mozilla
2010-08-23 13:10:45 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-08-23 12:25:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-08-23 11:15:56 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-08-23 10:39:43 ----D---- C:\WINDOWS\system32\wbem
2010-08-23 10:39:42 ----D---- C:\WINDOWS\Registration
2010-08-23 00:57:36 ----D---- C:\Program Files\Adobe
2010-08-22 17:03:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-08-22 11:22:43 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\KeePass
2010-08-20 22:10:35 ----A---- C:\WINDOWS\system32\resetlog.txt
2010-08-19 19:49:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-08-19 11:01:16 ----D---- C:\Program Files\Defraggler
2010-08-19 10:58:11 ----D---- C:\Program Files\FileHippo.com
2010-08-18 23:09:40 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Samsung
2010-08-18 23:09:33 ----D---- C:\Program Files\Samsung
2010-08-18 14:09:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-06-01 87824]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-21 697328]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2010-03-21 27904]
R0 ViBus;ViBus; C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-10-18 16896]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 ViPrt;VIA SATA IDE Device Driver; C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-10-18 52224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-06-01 25240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-09-12 231248]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-08-05 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-08-05 41936]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-04 5243392]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2010-05-17 101904]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-08-05 111312]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S1 Winhpfile;Winhpfile; C:\WINDOWS\system32\drivers\Winhpfile.sys []
S3 a60kbc02;a60kbc02; C:\WINDOWS\system32\drivers\a60kbc02.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-04-03 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 esihdrv;esihdrv; C:\WINDOWS\system32\drivers\esihdrv.sys []
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-06-16 46592]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-01-09 42496]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-03-06 18944]
S3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-03-04 11520]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 P1131VID;Creative WebCam NX Pro (WDM); C:\WINDOWS\system32\DRIVERS\P1131Vid.sys [2004-03-26 91241]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-03-19 19072]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-06-23 32768]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-08-05 100496]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-04 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-01 1778480]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-09-02 488960]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-31 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MatSvc;Microsoft Automated Troubleshooting Service; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-23 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-29 435008]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S4 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivka - stav pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
preventivka - stav pc
- Přílohy
-
- A.JPG
- (49.21 KiB) Staženo 186 x
Re: preventivka - stav pc
Dobrý večer 
O tomto něco víte?
D:\Program Files\PDFZilla\Keylogger\winsrv.exe
O tomto něco víte?
D:\Program Files\PDFZilla\Keylogger\winsrv.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
Ano,
To je program pro zachytavani obrazovek iSafe AllInOne Keylogger a podstate je to keylogger,abych vedel co kdo delal na mém počítači. Program se nepřipojuje na internet a ochranne programy nezaznamenali nakou podezřelou aktivitu,proto si myslím ,že je bezpečný.
A ten podezřelý soubor co našel Avast,mi vyskočil ,když jsem googloval.
Mám tu ještě jeden problém. Nejde mi IE8,protoze ho vzdy,kdyz ho spustim, zablokuje COMODO IS(firewall).Stejne tak blokuje MBAM,Spyware Terminator k pristupu k pameti. Jak nastavím,aby to nedělal? Před nedávnem jsem nainstaloval QIP Infium,ale uz jsem ho smazal. COMODO u něj zaznamenal,ze chce primy pristup ke klavesnici a zablokoval to? Je to keylogger?
To je program pro zachytavani obrazovek iSafe AllInOne Keylogger a podstate je to keylogger,abych vedel co kdo delal na mém počítači. Program se nepřipojuje na internet a ochranne programy nezaznamenali nakou podezřelou aktivitu,proto si myslím ,že je bezpečný.
A ten podezřelý soubor co našel Avast,mi vyskočil ,když jsem googloval.
Mám tu ještě jeden problém. Nejde mi IE8,protoze ho vzdy,kdyz ho spustim, zablokuje COMODO IS(firewall).Stejne tak blokuje MBAM,Spyware Terminator k pristupu k pameti. Jak nastavím,aby to nedělal? Před nedávnem jsem nainstaloval QIP Infium,ale uz jsem ho smazal. COMODO u něj zaznamenal,ze chce primy pristup ke klavesnici a zablokoval to? Je to keylogger?
Re: preventivka - stav pc
Tak to popravdě nevím, comodo nemám a u qipa jsme si nevšimla žádné podezdřelé aktivity směrem ke klávesnici.
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
Tu je log z MBAM,V tu chvili byl zaplej Avast a ten toho nasel vic viz ss:
http://img826.imageshack.us/i/beznzvufv.jpg/
A tady je ss z COMODA ,kde je videt nezvykle chovnani QIPU.
http://img375.imageshack.us/f/88045302.jpg/
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4613
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-09-14 21:40:30
mbam-log-2010-09-14 (21-40-30).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 340472
Uplynulý čas: 2 hodina(y), 11 minuta(y), 57 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 5
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
D:\My Folder\My !\PC\test pc\erpsetup.exe (Rogue.ErrorRepairProfessional) -> No action taken.
D:\My Folder\DOWNLOAD\ScreenShots.exe (Trojan.Agent) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0051547.dll (Malware.Packer.Gen) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0051554.dll (Trojan.Buzus) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0052293.exe (Trojan.Agent) -> No action taken.
http://img826.imageshack.us/i/beznzvufv.jpg/
A tady je ss z COMODA ,kde je videt nezvykle chovnani QIPU.
http://img375.imageshack.us/f/88045302.jpg/
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4613
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-09-14 21:40:30
mbam-log-2010-09-14 (21-40-30).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 340472
Uplynulý čas: 2 hodina(y), 11 minuta(y), 57 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 5
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
D:\My Folder\My !\PC\test pc\erpsetup.exe (Rogue.ErrorRepairProfessional) -> No action taken.
D:\My Folder\DOWNLOAD\ScreenShots.exe (Trojan.Agent) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0051547.dll (Malware.Packer.Gen) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0051554.dll (Trojan.Buzus) -> No action taken.
D:\System Volume Information\_restore{2178739D-7DEC-4968-B724-639B3B36D0DF}\RP67\A0052293.exe (Trojan.Agent) -> No action taken.
Re: preventivka - stav pc
Tyto dva soubory znáte? Pokud ne, otestujte na www.virustotal.com
D:\My Folder\My !\PC\test pc\erpsetup.exe
D:\My Folder\DOWNLOAD\ScreenShots.exe
D:\My Folder\My !\PC\test pc\erpsetup.exe
D:\My Folder\DOWNLOAD\ScreenShots.exe
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
oba 2 jsou cisty
Re: preventivka - stav pc
Takže v mbamu nic nemažte.
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe - ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
Pardon,ale v mbamu jsem asi vsechno smazl.Hned po skenu mi vybehla karantena MBAM,tak me nic jinyho nenapadlo nez to smaznout.
ComboFix 10-09-14.04 - Butterfly 2010-09-15 17:24:45.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.631 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-15 do 2010-09-15 )))))))))))))))))))))))))))))))
.
2010-09-13 19:27 . 2010-09-13 19:27 -------- d-----w- C:\rsit
2010-09-12 21:31 . 2010-09-14 20:32 -------- d-----w- c:\program files\Microsoft Bootvis
2010-09-12 20:45 . 2010-09-12 20:45 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2010-09-12 20:45 . 2010-09-12 20:46 -------- d-----w- c:\program files\TrueCrypt
2010-09-12 16:39 . 2010-09-12 16:39 -------- d-----w- c:\documents and settings\Butterfly\Data aplikac?
2010-09-12 15:08 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\Butterfly\.VirtualBox
2010-09-12 15:06 . 2010-08-05 12:08 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-09-12 15:06 . 2010-08-05 12:08 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-09-12 15:06 . 2010-09-12 15:06 -------- d-----w- c:\program files\Oracle
2010-09-10 14:51 . 2010-09-10 14:51 -------- d-----w- c:\program files\uTorrent
2010-09-09 15:22 . 2010-09-09 15:22 -------- d-----w- c:\program files\Microsoft.NET
2010-09-08 19:33 . 2010-09-14 17:20 -------- d-----w- c:\program files\WinPcap
2010-09-08 17:59 . 2010-09-08 19:29 -------- d-----w- c:\program files\Conceiva
2010-09-08 17:31 . 2010-03-29 16:18 3654656 ----a-w- c:\windows\Endless-Slideshow.scr
2010-09-08 17:31 . 2010-09-08 17:31 -------- d-----w- c:\program files\Endless Slideshow Screensaver
2010-09-05 10:23 . 2010-09-05 11:05 -------- d-----w- c:\program files\ICQ7.2
2010-09-04 08:49 . 2010-09-04 08:49 -------- d-sh--w- c:\documents and settings\MTA 2\PrivacIE
2010-09-03 18:33 . 2010-09-03 18:33 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-09-03 17:33 . 2010-09-03 17:33 -------- d-----w- c:\documents and settings\Butterfly\ErrorLogs
2010-09-03 16:30 . 2010-09-03 16:44 -------- d-----w- c:\program files\Uniblue
2010-09-02 19:37 . 2010-09-02 19:37 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-09-02 19:37 . 2010-09-14 17:20 -------- d-----w- c:\program files\Spyware Terminator
2010-09-01 19:39 . 2010-09-01 19:39 -------- d-----w- c:\program files\COMODO
2010-08-30 19:55 . 2010-08-30 19:55 -------- d-----r- C:\Sandbox
2010-08-30 08:23 . 2010-09-14 17:20 -------- d-----w- c:\program files\PcMedik
2010-08-29 14:38 . 2010-08-30 12:04 -------- d-----w- C:\Downloads
2010-08-29 10:22 . 2010-08-29 10:22 43520 ----a-w- c:\windows\smode.dll
2010-08-29 09:53 . 2010-09-02 19:53 -------- d-----w- c:\program files\USB Disk Security
2010-08-29 08:00 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-28 17:35 . 2010-09-10 13:03 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-27 22:03 . 2010-09-02 20:04 -------- d-----w- C:\pear
2010-08-27 18:51 . 2010-09-15 15:21 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-27 16:28 . 2010-08-27 16:28 -------- d-----w- c:\program files\Secunia
2010-08-27 14:53 . 2010-08-27 14:53 -------- d-----w- c:\windows\XSxS
2010-08-27 11:23 . 2010-09-03 18:55 -------- d-----w- C:\Shoty
2010-08-27 11:23 . 2010-08-27 11:23 -------- d-----w- c:\program files\ScreenShots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Two Pilots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Cosmetic Guide
2010-08-26 20:11 . 2010-08-26 20:11 -------- d-----w- c:\program files\MAXON
2010-08-25 10:10 . 2010-08-25 10:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-23 18:07 . 2010-08-23 18:09 -------- d-----w- c:\program files\Elecard
2010-08-23 16:30 . 2010-08-23 16:30 -------- d-----w- c:\windows\system32\Adobe
2010-08-23 11:11 . 2010-08-23 11:11 -------- d-----w- c:\program files\Common Files\Java
2010-08-23 08:56 . 2003-03-31 05:00 138752 ----a-w- c:\windows\sndvol32.exe
2010-08-23 08:39 . 2010-08-23 08:39 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-23 08:38 . 2010-08-23 08:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-23 08:36 . 2010-08-23 08:36 -------- d-----w- C:\PFiles
2010-08-22 20:21 . 2010-08-23 08:37 -------- d-----w- c:\program files\Common Files\Java(3)
2010-08-22 14:49 . 2010-08-23 08:38 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-22 14:33 . 2010-08-22 14:33 2999 ----a-w- c:\program files\Common Files\unins000.dat
2010-08-22 13:16 . 2010-08-22 13:16 55572 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-22 10:33 . 2010-08-22 10:33 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2010-08-22 10:06 . 2010-08-22 10:06 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-19 20:12 . 2010-09-13 19:24 -------- d-----w- C:\VritualRoot
2010-08-19 19:14 . 2010-08-19 19:29 -------- d-----w- c:\program files\Sunbelt Software
2010-08-19 17:54 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-19 17:50 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-19 17:50 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-19 17:50 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-19 17:50 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-19 17:50 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-19 17:50 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-19 17:50 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 17:49 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-19 17:47 . 2010-08-19 17:49 -------- d-----w- c:\program files\Alwil Software
2010-08-19 12:51 . 2010-07-27 11:54 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-08-18 14:13 . 2010-08-18 14:13 -------- d-----w- C:\ATI
2010-08-18 13:00 . 2010-08-26 16:12 -------- d-----w- c:\program files\ATI
2010-08-18 12:39 . 2010-08-26 16:14 -------- d-----w- c:\program files\ATI Technologies
2010-08-17 13:17 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-14 17:51 . 2010-07-17 17:53 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-09-14 17:20 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-09-14 17:20 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-09-12 12:38 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-12 12:38 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-11 19:22 . 2010-06-07 18:39 -------- d-----w- c:\program files\WinUtilities
2010-09-10 12:43 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-09-05 16:11 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 08:45 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-09-05 08:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-09-04 19:14 . 2010-02-11 15:32 -------- d-----w- c:\program files\Common Files\Real
2010-09-04 11:23 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-09-04 09:45 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 18:55 . 2010-06-10 21:43 -------- d-----w- c:\program files\DVBViewerTE
2010-09-03 18:55 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-09-03 18:55 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-09-03 17:05 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-09-02 19:45 . 2010-07-01 10:25 -------- d-----w- c:\program files\Trend Micro
2010-09-02 14:21 . 2010-07-01 09:01 -------- d-----w- c:\program files\QuickTime
2010-08-28 12:01 . 2010-02-11 16:04 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-08-27 13:02 . 2010-02-27 09:19 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-26 14:02 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-08-25 20:28 . 2010-04-09 16:40 -------- d-----w- c:\program files\WhoCrashed
2010-08-25 11:46 . 2010-03-01 20:31 -------- d-----w- c:\program files\SystemRequirementsLab
2010-08-23 11:10 . 2010-04-24 08:02 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 12:52 . 2010-08-19 12:52 -------- d-----w- c:\program files\Realtek
2010-08-19 09:01 . 2010-06-06 07:45 -------- d-----w- c:\program files\Defraggler
2010-08-19 08:58 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-08-18 21:09 . 2010-03-04 21:09 -------- d-----w- c:\program files\Samsung
2010-08-17 13:17 . 2004-08-17 13:49 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-07 15:13 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-08-06 22:00 . 2010-08-06 21:55 217 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-06 22:00 . 2010-02-17 18:37 133520 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-05 12:08 . 2010-08-05 12:08 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-08-05 12:08 . 2010-08-05 12:08 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-08-05 12:08 . 2010-08-05 12:08 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-08-04 02:20 . 2010-04-11 19:18 5243392 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:57 . 2010-08-18 14:14 4358144 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:53 . 2010-08-18 14:14 15900672 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:47 . 2010-08-18 14:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-04 01:47 . 2010-08-18 14:14 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:46 . 2010-04-11 19:23 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-04 01:41 . 2010-04-11 19:23 3901280 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-04 01:31 . 2010-08-18 14:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:31 . 2010-08-18 14:14 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:30 . 2010-08-18 14:14 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-04 01:30 . 2010-08-18 14:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:30 . 2010-08-18 14:14 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-04 01:29 . 2010-08-18 14:14 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-04 01:28 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-04 01:28 . 2010-04-11 19:23 2537728 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-04 01:27 . 2010-08-18 14:14 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-08-04 01:27 . 2010-08-18 14:14 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-08-04 01:27 . 2010-08-18 14:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:24 . 2010-08-18 14:14 610304 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-04 01:23 . 2010-08-18 14:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-04 01:22 . 2010-08-18 14:14 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:22 . 2010-08-18 14:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-04 01:16 . 2010-04-11 19:23 700416 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-04 01:14 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-02 09:54 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-07-30 21:49 . 2010-07-30 20:58 -------- d-----w- c:\program files\Image-Line
2010-07-30 16:18 . 2010-07-30 16:16 -------- d-----w- c:\program files\Sony
2010-07-30 16:12 . 2010-07-30 16:12 -------- d-----w- c:\program files\Sony Setup
2010-07-28 19:50 . 2010-03-04 16:17 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-28 19:50 . 2010-03-04 16:17 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-28 19:47 . 2010-07-28 19:47 -------- d-----w- c:\program files\Futuremark
2010-07-27 21:21 . 2010-07-27 21:21 -------- d-----w- c:\program files\Zoner
2010-07-25 09:18 . 2010-07-25 09:18 -------- d-----w- c:\program files\GIMP-2.0
2010-07-24 20:08 . 2010-07-24 17:17 -------- d-----w- c:\program files\Yahoo!
2010-07-22 15:46 . 2004-08-17 13:49 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 08:03 . 2010-07-22 08:03 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-21 09:03 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-17 17:38 . 2010-07-10 09:16 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1(2)
2010-07-17 17:38 . 2010-07-10 09:24 -------- d-----w- c:\program files\Common Files\Java(2)
2010-07-17 17:37 . 2010-07-17 17:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-17 17:34 . 2010-07-17 17:34 -------- d-----w- c:\program files\All Ten Fingers
2010-07-17 17:34 . 2010-07-15 17:58 -------- d-----w- c:\program files\All Ten Fingers(2)
2010-06-30 12:33 . 2010-03-21 11:47 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2010-03-21 11:47 1851904 ----a-w- c:\windows\system32\win32old.sys
2010-06-24 09:02 . 2009-08-14 15:15 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 02:47 . 2010-06-23 02:47 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2010-06-21 15:27 . 2010-03-21 11:47 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 17:47 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-08-31 04:05 . 2010-09-08 19:56 106824 ----a-w- c:\program files\opera\program\plugins\DownloadStudioXML.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Butterfly\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AvastUI.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [2010-8-19 2838912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
backup=c:\windows\pss\setup_9.0.0.722_03.09.2010_12-29.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 15:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"sp_rssrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\tvnserver.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\LAN WC3\\Frozen Throne.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-08-19 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-06-01 25240]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-02 142592]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-09-12 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-09-12 41936]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-08-19 17744]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2010-08-05 111312]
S1 Winhpfile;Winhpfile; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-08-19 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 esihdrv;esihdrv; [x]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-08-05 100496]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-08-27 13:04]
.
.
------- Doplňkový sken -------
.
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odebírat RSS/Podcast pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_rss.htm
IE: Přidat stránku do DownloadStudio obrázkového alba... - c:\program files\Conceiva\DownloadStudio\ds_snap.htm
IE: Stáhnout obrázek pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_img.htm
IE: Stáhnout odkaz pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_file.htm
IE: Stáhnout stránku pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_all.htm
IE: Stáhnout video pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_video.htm
IE: Stáhnout výběr pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_sel.htm
IE: Zobrazit odkazy stránky pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_link.htm
IE: Zobrazit originál
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 17:33
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1144)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-09-15 17:36:31
ComboFix-quarantined-files.txt 2010-09-15 15:36
Před spuštěním: Volných bajtů: 67,159,011,328
Po spuštění: Volných bajtů: 68,674,887,680
- - End Of File - - 3FCF0F7FFF9AA1B559FA4803CA762494
ComboFix 10-09-14.04 - Butterfly 2010-09-15 17:24:45.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.631 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-15 do 2010-09-15 )))))))))))))))))))))))))))))))
.
2010-09-13 19:27 . 2010-09-13 19:27 -------- d-----w- C:\rsit
2010-09-12 21:31 . 2010-09-14 20:32 -------- d-----w- c:\program files\Microsoft Bootvis
2010-09-12 20:45 . 2010-09-12 20:45 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2010-09-12 20:45 . 2010-09-12 20:46 -------- d-----w- c:\program files\TrueCrypt
2010-09-12 16:39 . 2010-09-12 16:39 -------- d-----w- c:\documents and settings\Butterfly\Data aplikac?
2010-09-12 15:08 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\Butterfly\.VirtualBox
2010-09-12 15:06 . 2010-08-05 12:08 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-09-12 15:06 . 2010-08-05 12:08 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-09-12 15:06 . 2010-09-12 15:06 -------- d-----w- c:\program files\Oracle
2010-09-10 14:51 . 2010-09-10 14:51 -------- d-----w- c:\program files\uTorrent
2010-09-09 15:22 . 2010-09-09 15:22 -------- d-----w- c:\program files\Microsoft.NET
2010-09-08 19:33 . 2010-09-14 17:20 -------- d-----w- c:\program files\WinPcap
2010-09-08 17:59 . 2010-09-08 19:29 -------- d-----w- c:\program files\Conceiva
2010-09-08 17:31 . 2010-03-29 16:18 3654656 ----a-w- c:\windows\Endless-Slideshow.scr
2010-09-08 17:31 . 2010-09-08 17:31 -------- d-----w- c:\program files\Endless Slideshow Screensaver
2010-09-05 10:23 . 2010-09-05 11:05 -------- d-----w- c:\program files\ICQ7.2
2010-09-04 08:49 . 2010-09-04 08:49 -------- d-sh--w- c:\documents and settings\MTA 2\PrivacIE
2010-09-03 18:33 . 2010-09-03 18:33 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-09-03 17:33 . 2010-09-03 17:33 -------- d-----w- c:\documents and settings\Butterfly\ErrorLogs
2010-09-03 16:30 . 2010-09-03 16:44 -------- d-----w- c:\program files\Uniblue
2010-09-02 19:37 . 2010-09-02 19:37 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-09-02 19:37 . 2010-09-14 17:20 -------- d-----w- c:\program files\Spyware Terminator
2010-09-01 19:39 . 2010-09-01 19:39 -------- d-----w- c:\program files\COMODO
2010-08-30 19:55 . 2010-08-30 19:55 -------- d-----r- C:\Sandbox
2010-08-30 08:23 . 2010-09-14 17:20 -------- d-----w- c:\program files\PcMedik
2010-08-29 14:38 . 2010-08-30 12:04 -------- d-----w- C:\Downloads
2010-08-29 10:22 . 2010-08-29 10:22 43520 ----a-w- c:\windows\smode.dll
2010-08-29 09:53 . 2010-09-02 19:53 -------- d-----w- c:\program files\USB Disk Security
2010-08-29 08:00 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-28 17:35 . 2010-09-10 13:03 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-27 22:03 . 2010-09-02 20:04 -------- d-----w- C:\pear
2010-08-27 18:51 . 2010-09-15 15:21 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-27 16:28 . 2010-08-27 16:28 -------- d-----w- c:\program files\Secunia
2010-08-27 14:53 . 2010-08-27 14:53 -------- d-----w- c:\windows\XSxS
2010-08-27 11:23 . 2010-09-03 18:55 -------- d-----w- C:\Shoty
2010-08-27 11:23 . 2010-08-27 11:23 -------- d-----w- c:\program files\ScreenShots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Two Pilots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Cosmetic Guide
2010-08-26 20:11 . 2010-08-26 20:11 -------- d-----w- c:\program files\MAXON
2010-08-25 10:10 . 2010-08-25 10:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-23 18:07 . 2010-08-23 18:09 -------- d-----w- c:\program files\Elecard
2010-08-23 16:30 . 2010-08-23 16:30 -------- d-----w- c:\windows\system32\Adobe
2010-08-23 11:11 . 2010-08-23 11:11 -------- d-----w- c:\program files\Common Files\Java
2010-08-23 08:56 . 2003-03-31 05:00 138752 ----a-w- c:\windows\sndvol32.exe
2010-08-23 08:39 . 2010-08-23 08:39 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-23 08:38 . 2010-08-23 08:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-23 08:36 . 2010-08-23 08:36 -------- d-----w- C:\PFiles
2010-08-22 20:21 . 2010-08-23 08:37 -------- d-----w- c:\program files\Common Files\Java(3)
2010-08-22 14:49 . 2010-08-23 08:38 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-22 14:33 . 2010-08-22 14:33 2999 ----a-w- c:\program files\Common Files\unins000.dat
2010-08-22 13:16 . 2010-08-22 13:16 55572 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-22 10:33 . 2010-08-22 10:33 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2010-08-22 10:06 . 2010-08-22 10:06 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-19 20:12 . 2010-09-13 19:24 -------- d-----w- C:\VritualRoot
2010-08-19 19:14 . 2010-08-19 19:29 -------- d-----w- c:\program files\Sunbelt Software
2010-08-19 17:54 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-19 17:50 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-19 17:50 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-19 17:50 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-19 17:50 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-19 17:50 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-19 17:50 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-19 17:50 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 17:49 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-19 17:47 . 2010-08-19 17:49 -------- d-----w- c:\program files\Alwil Software
2010-08-19 12:51 . 2010-07-27 11:54 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-08-18 14:13 . 2010-08-18 14:13 -------- d-----w- C:\ATI
2010-08-18 13:00 . 2010-08-26 16:12 -------- d-----w- c:\program files\ATI
2010-08-18 12:39 . 2010-08-26 16:14 -------- d-----w- c:\program files\ATI Technologies
2010-08-17 13:17 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-14 17:51 . 2010-07-17 17:53 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-09-14 17:20 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-09-14 17:20 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-09-12 12:38 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-12 12:38 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-11 19:22 . 2010-06-07 18:39 -------- d-----w- c:\program files\WinUtilities
2010-09-10 12:43 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-09-05 16:11 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 08:45 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-09-05 08:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-09-04 19:14 . 2010-02-11 15:32 -------- d-----w- c:\program files\Common Files\Real
2010-09-04 11:23 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-09-04 09:45 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 18:55 . 2010-06-10 21:43 -------- d-----w- c:\program files\DVBViewerTE
2010-09-03 18:55 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-09-03 18:55 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-09-03 17:05 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-09-02 19:45 . 2010-07-01 10:25 -------- d-----w- c:\program files\Trend Micro
2010-09-02 14:21 . 2010-07-01 09:01 -------- d-----w- c:\program files\QuickTime
2010-08-28 12:01 . 2010-02-11 16:04 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-08-27 13:02 . 2010-02-27 09:19 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-26 14:02 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-08-25 20:28 . 2010-04-09 16:40 -------- d-----w- c:\program files\WhoCrashed
2010-08-25 11:46 . 2010-03-01 20:31 -------- d-----w- c:\program files\SystemRequirementsLab
2010-08-23 11:10 . 2010-04-24 08:02 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 12:52 . 2010-08-19 12:52 -------- d-----w- c:\program files\Realtek
2010-08-19 09:01 . 2010-06-06 07:45 -------- d-----w- c:\program files\Defraggler
2010-08-19 08:58 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-08-18 21:09 . 2010-03-04 21:09 -------- d-----w- c:\program files\Samsung
2010-08-17 13:17 . 2004-08-17 13:49 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-07 15:13 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-08-06 22:00 . 2010-08-06 21:55 217 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-06 22:00 . 2010-02-17 18:37 133520 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-05 12:08 . 2010-08-05 12:08 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-08-05 12:08 . 2010-08-05 12:08 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-08-05 12:08 . 2010-08-05 12:08 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-08-04 02:20 . 2010-04-11 19:18 5243392 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:57 . 2010-08-18 14:14 4358144 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:53 . 2010-08-18 14:14 15900672 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:47 . 2010-08-18 14:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-04 01:47 . 2010-08-18 14:14 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:46 . 2010-04-11 19:23 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-04 01:41 . 2010-04-11 19:23 3901280 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-04 01:31 . 2010-08-18 14:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:31 . 2010-08-18 14:14 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:30 . 2010-08-18 14:14 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-04 01:30 . 2010-08-18 14:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:30 . 2010-08-18 14:14 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-04 01:29 . 2010-08-18 14:14 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-04 01:28 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-04 01:28 . 2010-04-11 19:23 2537728 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-04 01:27 . 2010-08-18 14:14 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-08-04 01:27 . 2010-08-18 14:14 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-08-04 01:27 . 2010-08-18 14:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:24 . 2010-08-18 14:14 610304 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-04 01:23 . 2010-08-18 14:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-04 01:22 . 2010-08-18 14:14 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:22 . 2010-08-18 14:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-04 01:16 . 2010-04-11 19:23 700416 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-04 01:14 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-02 09:54 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-07-30 21:49 . 2010-07-30 20:58 -------- d-----w- c:\program files\Image-Line
2010-07-30 16:18 . 2010-07-30 16:16 -------- d-----w- c:\program files\Sony
2010-07-30 16:12 . 2010-07-30 16:12 -------- d-----w- c:\program files\Sony Setup
2010-07-28 19:50 . 2010-03-04 16:17 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-28 19:50 . 2010-03-04 16:17 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-28 19:47 . 2010-07-28 19:47 -------- d-----w- c:\program files\Futuremark
2010-07-27 21:21 . 2010-07-27 21:21 -------- d-----w- c:\program files\Zoner
2010-07-25 09:18 . 2010-07-25 09:18 -------- d-----w- c:\program files\GIMP-2.0
2010-07-24 20:08 . 2010-07-24 17:17 -------- d-----w- c:\program files\Yahoo!
2010-07-22 15:46 . 2004-08-17 13:49 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 08:03 . 2010-07-22 08:03 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-21 09:03 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-17 17:38 . 2010-07-10 09:16 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1(2)
2010-07-17 17:38 . 2010-07-10 09:24 -------- d-----w- c:\program files\Common Files\Java(2)
2010-07-17 17:37 . 2010-07-17 17:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-17 17:34 . 2010-07-17 17:34 -------- d-----w- c:\program files\All Ten Fingers
2010-07-17 17:34 . 2010-07-15 17:58 -------- d-----w- c:\program files\All Ten Fingers(2)
2010-06-30 12:33 . 2010-03-21 11:47 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2010-03-21 11:47 1851904 ----a-w- c:\windows\system32\win32old.sys
2010-06-24 09:02 . 2009-08-14 15:15 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 02:47 . 2010-06-23 02:47 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2010-06-21 15:27 . 2010-03-21 11:47 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 17:47 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-08-31 04:05 . 2010-09-08 19:56 106824 ----a-w- c:\program files\opera\program\plugins\DownloadStudioXML.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Butterfly\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AvastUI.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [2010-8-19 2838912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
backup=c:\windows\pss\setup_9.0.0.722_03.09.2010_12-29.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 15:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"sp_rssrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\tvnserver.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\LAN WC3\\Frozen Throne.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-08-19 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-06-01 25240]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-02 142592]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-09-12 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-09-12 41936]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-08-19 17744]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2010-08-05 111312]
S1 Winhpfile;Winhpfile; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-08-19 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 esihdrv;esihdrv; [x]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-08-05 100496]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-08-27 13:04]
.
.
------- Doplňkový sken -------
.
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odebírat RSS/Podcast pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_rss.htm
IE: Přidat stránku do DownloadStudio obrázkového alba... - c:\program files\Conceiva\DownloadStudio\ds_snap.htm
IE: Stáhnout obrázek pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_img.htm
IE: Stáhnout odkaz pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_file.htm
IE: Stáhnout stránku pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_all.htm
IE: Stáhnout video pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_video.htm
IE: Stáhnout výběr pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_sel.htm
IE: Zobrazit odkazy stránky pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_link.htm
IE: Zobrazit originál
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 17:33
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1144)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-09-15 17:36:31
ComboFix-quarantined-files.txt 2010-09-15 15:36
Před spuštěním: Volných bajtů: 67,159,011,328
Po spuštění: Volných bajtů: 68,674,887,680
- - End Of File - - 3FCF0F7FFF9AA1B559FA4803CA762494
Re: preventivka - stav pc
Otestujte na www.virustotal.comc:\windows\system32\wuauclt.exe
c:\windows\explorer.exe
-Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
-Sem vložte link s výsledky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
Driver::
Winhpfile
esihdrv
Reglock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
Registry::
[-KLM\~\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Ještě otestujte na www.virustotal.com
c:\windows\smode.dll
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
ComboFix 10-09-14.05 - Butterfly 2010-09-15 23:02:33.16.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.426 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ESIHDRV
-------\Legacy_WINHPFILE
-------\Service_esihdrv
-------\Service_Winhpfile
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-15 do 2010-09-15 )))))))))))))))))))))))))))))))
.
2010-09-15 19:02 . 2010-09-15 19:02 -------- d-----w- C:\!KillBox
2010-09-13 19:27 . 2010-09-13 19:27 -------- d-----w- C:\rsit
2010-09-12 21:31 . 2010-09-14 20:32 -------- d-----w- c:\program files\Microsoft Bootvis
2010-09-12 20:45 . 2010-09-12 20:45 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2010-09-12 20:45 . 2010-09-12 20:46 -------- d-----w- c:\program files\TrueCrypt
2010-09-12 16:39 . 2010-09-12 16:39 -------- d-----w- c:\documents and settings\Butterfly\Data aplikac?
2010-09-12 15:08 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\Butterfly\.VirtualBox
2010-09-12 15:06 . 2010-08-05 12:08 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-09-12 15:06 . 2010-08-05 12:08 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-09-12 15:06 . 2010-09-12 15:06 -------- d-----w- c:\program files\Oracle
2010-09-10 14:51 . 2010-09-10 14:51 -------- d-----w- c:\program files\uTorrent
2010-09-09 15:22 . 2010-09-09 15:22 -------- d-----w- c:\program files\Microsoft.NET
2010-09-08 19:33 . 2010-09-14 17:20 -------- d-----w- c:\program files\WinPcap
2010-09-08 17:59 . 2010-09-08 19:29 -------- d-----w- c:\program files\Conceiva
2010-09-08 17:31 . 2010-03-29 16:18 3654656 ----a-w- c:\windows\Endless-Slideshow.scr
2010-09-08 17:31 . 2010-09-08 17:31 -------- d-----w- c:\program files\Endless Slideshow Screensaver
2010-09-05 10:23 . 2010-09-05 11:05 -------- d-----w- c:\program files\ICQ7.2
2010-09-04 08:49 . 2010-09-04 08:49 -------- d-sh--w- c:\documents and settings\MTA 2\PrivacIE
2010-09-03 18:33 . 2010-09-03 18:33 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-09-03 17:33 . 2010-09-03 17:33 -------- d-----w- c:\documents and settings\Butterfly\ErrorLogs
2010-09-03 16:30 . 2010-09-03 16:44 -------- d-----w- c:\program files\Uniblue
2010-09-02 19:37 . 2010-09-02 19:37 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-09-02 19:37 . 2010-09-15 18:42 -------- d-----w- c:\program files\Spyware Terminator
2010-09-01 19:39 . 2010-09-01 19:39 -------- d-----w- c:\program files\COMODO
2010-08-30 19:55 . 2010-08-30 19:55 -------- d-----r- C:\Sandbox
2010-08-30 08:23 . 2010-09-14 17:20 -------- d-----w- c:\program files\PcMedik
2010-08-29 14:38 . 2010-08-30 12:04 -------- d-----w- C:\Downloads
2010-08-29 10:22 . 2010-08-29 10:22 43520 ----a-w- c:\windows\smode.dll
2010-08-29 09:53 . 2010-09-02 19:53 -------- d-----w- c:\program files\USB Disk Security
2010-08-29 08:00 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-28 17:35 . 2010-09-10 13:03 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-27 22:03 . 2010-09-02 20:04 -------- d-----w- C:\pear
2010-08-27 18:51 . 2010-09-15 21:13 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-27 16:28 . 2010-08-27 16:28 -------- d-----w- c:\program files\Secunia
2010-08-27 14:53 . 2010-08-27 14:53 -------- d-----w- c:\windows\XSxS
2010-08-27 11:23 . 2010-09-15 18:30 -------- d-----w- C:\Shoty
2010-08-27 11:23 . 2010-08-27 11:23 -------- d-----w- c:\program files\ScreenShots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Two Pilots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Cosmetic Guide
2010-08-26 20:11 . 2010-08-26 20:11 -------- d-----w- c:\program files\MAXON
2010-08-25 10:10 . 2010-08-25 10:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-23 18:07 . 2010-08-23 18:09 -------- d-----w- c:\program files\Elecard
2010-08-23 16:30 . 2010-08-23 16:30 -------- d-----w- c:\windows\system32\Adobe
2010-08-23 11:11 . 2010-08-23 11:11 -------- d-----w- c:\program files\Common Files\Java
2010-08-23 08:56 . 2003-03-31 05:00 138752 ----a-w- c:\windows\sndvol32.exe
2010-08-23 08:39 . 2010-08-23 08:39 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-23 08:38 . 2010-08-23 08:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-23 08:36 . 2010-08-23 08:36 -------- d-----w- C:\PFiles
2010-08-22 20:21 . 2010-08-23 08:37 -------- d-----w- c:\program files\Common Files\Java(3)
2010-08-22 14:49 . 2010-08-23 08:38 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-22 14:33 . 2010-08-22 14:33 2999 ----a-w- c:\program files\Common Files\unins000.dat
2010-08-22 13:16 . 2010-08-22 13:16 55572 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-22 10:33 . 2010-08-22 10:33 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2010-08-22 10:06 . 2010-08-22 10:06 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-19 20:12 . 2010-09-15 18:39 -------- d-----w- C:\VritualRoot
2010-08-19 19:14 . 2010-08-19 19:29 -------- d-----w- c:\program files\Sunbelt Software
2010-08-19 17:54 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-19 17:50 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-19 17:50 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-19 17:50 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-19 17:50 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-19 17:50 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-19 17:50 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-19 17:50 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 17:49 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-19 17:47 . 2010-08-19 17:49 -------- d-----w- c:\program files\Alwil Software
2010-08-19 12:51 . 2010-07-27 11:54 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-08-18 14:13 . 2010-08-18 14:13 -------- d-----w- C:\ATI
2010-08-18 13:00 . 2010-08-26 16:12 -------- d-----w- c:\program files\ATI
2010-08-18 12:39 . 2010-08-26 16:14 -------- d-----w- c:\program files\ATI Technologies
2010-08-17 13:17 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 17:54 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-09-15 16:03 . 2010-03-08 18:33 -------- d-----w- c:\program files\The KMPlayer
2010-09-14 17:51 . 2010-07-17 17:53 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-09-14 17:20 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-09-12 12:38 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-12 12:38 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-11 19:22 . 2010-06-07 18:39 -------- d-----w- c:\program files\WinUtilities
2010-09-10 12:43 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-09-05 16:11 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 08:45 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-09-05 08:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-09-04 19:14 . 2010-02-11 15:32 -------- d-----w- c:\program files\Common Files\Real
2010-09-04 11:23 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-09-04 09:45 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 18:55 . 2010-06-10 21:43 -------- d-----w- c:\program files\DVBViewerTE
2010-09-03 18:55 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-09-03 18:55 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-09-03 17:05 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-09-02 19:45 . 2010-07-01 10:25 -------- d-----w- c:\program files\Trend Micro
2010-09-02 14:21 . 2010-07-01 09:01 -------- d-----w- c:\program files\QuickTime
2010-08-28 12:01 . 2010-02-11 16:04 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-08-27 13:02 . 2010-02-27 09:19 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-26 14:02 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-08-25 20:28 . 2010-04-09 16:40 -------- d-----w- c:\program files\WhoCrashed
2010-08-25 11:46 . 2010-03-01 20:31 -------- d-----w- c:\program files\SystemRequirementsLab
2010-08-23 11:10 . 2010-04-24 08:02 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 12:52 . 2010-08-19 12:52 -------- d-----w- c:\program files\Realtek
2010-08-19 09:01 . 2010-06-06 07:45 -------- d-----w- c:\program files\Defraggler
2010-08-19 08:58 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-08-18 21:09 . 2010-03-04 21:09 -------- d-----w- c:\program files\Samsung
2010-08-17 13:17 . 2004-08-17 13:49 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-07 15:13 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-08-06 22:00 . 2010-08-06 21:55 217 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-06 22:00 . 2010-02-17 18:37 133520 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-05 12:08 . 2010-08-05 12:08 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-08-05 12:08 . 2010-08-05 12:08 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-08-05 12:08 . 2010-08-05 12:08 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-08-04 02:20 . 2010-04-11 19:18 5243392 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:57 . 2010-08-18 14:14 4358144 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:53 . 2010-08-18 14:14 15900672 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:47 . 2010-08-18 14:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-04 01:47 . 2010-08-18 14:14 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:46 . 2010-04-11 19:23 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-04 01:41 . 2010-04-11 19:23 3901280 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-04 01:31 . 2010-08-18 14:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:31 . 2010-08-18 14:14 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:30 . 2010-08-18 14:14 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-04 01:30 . 2010-08-18 14:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:30 . 2010-08-18 14:14 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-04 01:29 . 2010-08-18 14:14 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-04 01:28 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-04 01:28 . 2010-04-11 19:23 2537728 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-04 01:27 . 2010-08-18 14:14 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-08-04 01:27 . 2010-08-18 14:14 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-08-04 01:27 . 2010-08-18 14:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:24 . 2010-08-18 14:14 610304 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-04 01:23 . 2010-08-18 14:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-04 01:22 . 2010-08-18 14:14 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:22 . 2010-08-18 14:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-04 01:16 . 2010-04-11 19:23 700416 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-04 01:14 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-02 09:54 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-07-30 21:49 . 2010-07-30 20:58 -------- d-----w- c:\program files\Image-Line
2010-07-30 16:18 . 2010-07-30 16:16 -------- d-----w- c:\program files\Sony
2010-07-30 16:12 . 2010-07-30 16:12 -------- d-----w- c:\program files\Sony Setup
2010-07-28 19:50 . 2010-03-04 16:17 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-28 19:50 . 2010-03-04 16:17 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-28 19:47 . 2010-07-28 19:47 -------- d-----w- c:\program files\Futuremark
2010-07-27 21:21 . 2010-07-27 21:21 -------- d-----w- c:\program files\Zoner
2010-07-25 09:18 . 2010-07-25 09:18 -------- d-----w- c:\program files\GIMP-2.0
2010-07-24 20:08 . 2010-07-24 17:17 -------- d-----w- c:\program files\Yahoo!
2010-07-22 15:46 . 2004-08-17 13:49 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 08:03 . 2010-07-22 08:03 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-21 09:03 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-30 12:33 . 2010-03-21 11:47 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2010-03-21 11:47 1851904 ----a-w- c:\windows\system32\win32old.sys
2010-06-24 09:02 . 2009-08-14 15:15 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 02:47 . 2010-06-23 02:47 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2010-06-21 15:27 . 2010-03-21 11:47 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 17:47 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-08-31 04:05 . 2010-09-08 19:56 106824 ----a-w- c:\program files\opera\program\plugins\DownloadStudioXML.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Butterfly\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AvastUI.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [2010-8-19 2838912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
backup=c:\windows\pss\setup_9.0.0.722_03.09.2010_12-29.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 15:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"sp_rssrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\tvnserver.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\LAN WC3\\Frozen Throne.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-08-19 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-06-01 25240]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-02 142592]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-09-12 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-09-12 41936]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-08-19 17744]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2010-08-05 111312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-08-19 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-08-05 100496]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-08-27 13:04]
.
.
------- Doplňkový sken -------
.
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odebírat RSS/Podcast pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_rss.htm
IE: Přidat stránku do DownloadStudio obrázkového alba... - c:\program files\Conceiva\DownloadStudio\ds_snap.htm
IE: Stáhnout obrázek pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_img.htm
IE: Stáhnout odkaz pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_file.htm
IE: Stáhnout stránku pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_all.htm
IE: Stáhnout video pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_video.htm
IE: Stáhnout výběr pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_sel.htm
IE: Zobrazit odkazy stránky pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_link.htm
IE: Zobrazit originál
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 23:15
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1164)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'explorer.exe'(2520)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-09-15 23:18:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-15 21:18
ComboFix2.txt 2010-09-15 15:36
Před spuštěním: Volných bajtů: 68,457,500,672
Po spuštění: Volných bajtů: 68,301,344,768
- - End Of File - - 1710B6AA1442CC9D270820B4A3D3D8D1
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.426 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ESIHDRV
-------\Legacy_WINHPFILE
-------\Service_esihdrv
-------\Service_Winhpfile
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-15 do 2010-09-15 )))))))))))))))))))))))))))))))
.
2010-09-15 19:02 . 2010-09-15 19:02 -------- d-----w- C:\!KillBox
2010-09-13 19:27 . 2010-09-13 19:27 -------- d-----w- C:\rsit
2010-09-12 21:31 . 2010-09-14 20:32 -------- d-----w- c:\program files\Microsoft Bootvis
2010-09-12 20:45 . 2010-09-12 20:45 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2010-09-12 20:45 . 2010-09-12 20:46 -------- d-----w- c:\program files\TrueCrypt
2010-09-12 16:39 . 2010-09-12 16:39 -------- d-----w- c:\documents and settings\Butterfly\Data aplikac?
2010-09-12 15:08 . 2010-09-12 15:17 -------- d-----w- c:\documents and settings\Butterfly\.VirtualBox
2010-09-12 15:06 . 2010-08-05 12:08 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-09-12 15:06 . 2010-08-05 12:08 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-09-12 15:06 . 2010-09-12 15:06 -------- d-----w- c:\program files\Oracle
2010-09-10 14:51 . 2010-09-10 14:51 -------- d-----w- c:\program files\uTorrent
2010-09-09 15:22 . 2010-09-09 15:22 -------- d-----w- c:\program files\Microsoft.NET
2010-09-08 19:33 . 2010-09-14 17:20 -------- d-----w- c:\program files\WinPcap
2010-09-08 17:59 . 2010-09-08 19:29 -------- d-----w- c:\program files\Conceiva
2010-09-08 17:31 . 2010-03-29 16:18 3654656 ----a-w- c:\windows\Endless-Slideshow.scr
2010-09-08 17:31 . 2010-09-08 17:31 -------- d-----w- c:\program files\Endless Slideshow Screensaver
2010-09-05 10:23 . 2010-09-05 11:05 -------- d-----w- c:\program files\ICQ7.2
2010-09-04 08:49 . 2010-09-04 08:49 -------- d-sh--w- c:\documents and settings\MTA 2\PrivacIE
2010-09-03 18:33 . 2010-09-03 18:33 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-09-03 17:33 . 2010-09-03 17:33 -------- d-----w- c:\documents and settings\Butterfly\ErrorLogs
2010-09-03 16:30 . 2010-09-03 16:44 -------- d-----w- c:\program files\Uniblue
2010-09-02 19:37 . 2010-09-02 19:37 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-09-02 19:37 . 2010-09-15 18:42 -------- d-----w- c:\program files\Spyware Terminator
2010-09-01 19:39 . 2010-09-01 19:39 -------- d-----w- c:\program files\COMODO
2010-08-30 19:55 . 2010-08-30 19:55 -------- d-----r- C:\Sandbox
2010-08-30 08:23 . 2010-09-14 17:20 -------- d-----w- c:\program files\PcMedik
2010-08-29 14:38 . 2010-08-30 12:04 -------- d-----w- C:\Downloads
2010-08-29 10:22 . 2010-08-29 10:22 43520 ----a-w- c:\windows\smode.dll
2010-08-29 09:53 . 2010-09-02 19:53 -------- d-----w- c:\program files\USB Disk Security
2010-08-29 08:00 . 2010-08-27 12:56 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-28 17:35 . 2010-09-10 13:03 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-08-27 22:03 . 2010-09-02 20:04 -------- d-----w- C:\pear
2010-08-27 18:51 . 2010-09-15 21:13 -------- d-----w- c:\windows\system32\CatRoot2
2010-08-27 16:28 . 2010-08-27 16:28 -------- d-----w- c:\program files\Secunia
2010-08-27 14:53 . 2010-08-27 14:53 -------- d-----w- c:\windows\XSxS
2010-08-27 11:23 . 2010-09-15 18:30 -------- d-----w- C:\Shoty
2010-08-27 11:23 . 2010-08-27 11:23 -------- d-----w- c:\program files\ScreenShots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Two Pilots
2010-08-27 07:35 . 2010-08-27 07:35 -------- d-----w- c:\program files\Cosmetic Guide
2010-08-26 20:11 . 2010-08-26 20:11 -------- d-----w- c:\program files\MAXON
2010-08-25 10:10 . 2010-08-25 10:10 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-08-23 18:07 . 2010-08-23 18:09 -------- d-----w- c:\program files\Elecard
2010-08-23 16:30 . 2010-08-23 16:30 -------- d-----w- c:\windows\system32\Adobe
2010-08-23 11:11 . 2010-08-23 11:11 -------- d-----w- c:\program files\Common Files\Java
2010-08-23 08:56 . 2003-03-31 05:00 138752 ----a-w- c:\windows\sndvol32.exe
2010-08-23 08:39 . 2010-08-23 08:39 -------- d-----w- c:\windows\system32\wbem\Repository
2010-08-23 08:38 . 2010-08-23 08:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-23 08:36 . 2010-08-23 08:36 -------- d-----w- C:\PFiles
2010-08-22 20:21 . 2010-08-23 08:37 -------- d-----w- c:\program files\Common Files\Java(3)
2010-08-22 14:49 . 2010-08-23 08:38 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-22 14:33 . 2010-08-22 14:33 2999 ----a-w- c:\program files\Common Files\unins000.dat
2010-08-22 13:16 . 2010-08-22 13:16 55572 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-22 10:33 . 2010-08-22 10:33 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2010-08-22 10:06 . 2010-08-22 10:06 0 ----a-w- c:\windows\ativpsrm.bin
2010-08-19 20:12 . 2010-09-15 18:39 -------- d-----w- C:\VritualRoot
2010-08-19 19:14 . 2010-08-19 19:29 -------- d-----w- c:\program files\Sunbelt Software
2010-08-19 17:54 . 2010-09-07 15:12 38848 ----a-w- c:\windows\avastSS.scr
2010-08-19 17:50 . 2010-09-07 14:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-19 17:50 . 2010-09-07 14:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-19 17:50 . 2010-09-07 14:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-19 17:50 . 2010-09-07 14:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-19 17:50 . 2010-09-07 14:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-19 17:50 . 2010-09-07 14:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-19 17:50 . 2010-09-07 14:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-19 17:49 . 2010-09-07 15:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-19 17:47 . 2010-08-19 17:49 -------- d-----w- c:\program files\Alwil Software
2010-08-19 12:51 . 2010-07-27 11:54 1251944 ----a-w- c:\windows\RtlExUpd.dll
2010-08-18 14:13 . 2010-08-18 14:13 -------- d-----w- C:\ATI
2010-08-18 13:00 . 2010-08-26 16:12 -------- d-----w- c:\program files\ATI
2010-08-18 12:39 . 2010-08-26 16:14 -------- d-----w- c:\program files\ATI Technologies
2010-08-17 13:17 . 2010-08-17 13:17 58880 -c----w- c:\windows\system32\dllcache\spoolsv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 17:54 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-09-15 16:03 . 2010-03-08 18:33 -------- d-----w- c:\program files\The KMPlayer
2010-09-14 17:51 . 2010-07-17 17:53 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-09-14 17:20 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-09-12 12:38 . 2010-02-09 21:26 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-12 12:38 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-11 19:22 . 2010-06-07 18:39 -------- d-----w- c:\program files\WinUtilities
2010-09-10 12:43 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-09-05 16:11 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-05 08:45 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-09-05 08:42 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-09-04 19:14 . 2010-02-11 15:32 -------- d-----w- c:\program files\Common Files\Real
2010-09-04 11:23 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-09-04 09:45 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-09-03 18:55 . 2010-06-10 21:43 -------- d-----w- c:\program files\DVBViewerTE
2010-09-03 18:55 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-09-03 18:55 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-09-03 17:05 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-09-02 19:45 . 2010-07-01 10:25 -------- d-----w- c:\program files\Trend Micro
2010-09-02 14:21 . 2010-07-01 09:01 -------- d-----w- c:\program files\QuickTime
2010-08-28 12:01 . 2010-02-11 16:04 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-08-27 13:02 . 2010-02-27 09:19 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-26 14:02 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-08-25 20:28 . 2010-04-09 16:40 -------- d-----w- c:\program files\WhoCrashed
2010-08-25 11:46 . 2010-03-01 20:31 -------- d-----w- c:\program files\SystemRequirementsLab
2010-08-23 11:10 . 2010-04-24 08:02 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-19 12:52 . 2010-08-19 12:52 -------- d-----w- c:\program files\Realtek
2010-08-19 09:01 . 2010-06-06 07:45 -------- d-----w- c:\program files\Defraggler
2010-08-19 08:58 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-08-18 21:09 . 2010-03-04 21:09 -------- d-----w- c:\program files\Samsung
2010-08-17 13:17 . 2004-08-17 13:49 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-07 15:13 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-08-06 22:00 . 2010-08-06 21:55 217 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-08-06 22:00 . 2010-02-17 18:37 133520 ----a-w- c:\windows\BricoPackUninst.cmd
2010-08-05 12:08 . 2010-08-05 12:08 111312 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-08-05 12:08 . 2010-08-05 12:08 100496 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-08-05 12:08 . 2010-08-05 12:08 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-08-04 02:20 . 2010-04-11 19:18 5243392 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-04 01:59 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-04 01:57 . 2010-08-18 14:14 4358144 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-04 01:53 . 2010-08-18 14:14 15900672 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-04 01:47 . 2010-08-18 14:14 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-08-04 01:47 . 2010-08-18 14:14 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-04 01:46 . 2010-04-11 19:23 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-08-04 01:41 . 2010-04-11 19:23 3901280 ----a-w- c:\windows\system32\ati3duag.dll
2010-08-04 01:31 . 2010-08-18 14:14 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-04 01:31 . 2010-08-18 14:14 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-04 01:30 . 2010-08-18 14:14 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-08-04 01:30 . 2010-08-18 14:14 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-04 01:30 . 2010-08-18 14:14 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-08-04 01:29 . 2010-08-18 14:14 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-08-04 01:28 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-08-04 01:28 . 2010-04-11 19:23 2537728 ----a-w- c:\windows\system32\ativvaxx.dll
2010-08-04 01:27 . 2010-08-18 14:14 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-08-04 01:27 . 2010-08-18 14:14 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-08-04 01:27 . 2010-08-18 14:14 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-04 01:24 . 2010-08-18 14:14 610304 ----a-w- c:\windows\system32\atikvmag.dll
2010-08-04 01:23 . 2010-08-18 14:14 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-08-04 01:22 . 2010-08-18 14:14 188416 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-04 01:22 . 2010-08-18 14:14 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-08-04 01:16 . 2010-04-11 19:23 700416 ----a-w- c:\windows\system32\ati2cqag.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-04 01:15 . 2010-08-18 14:14 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-04 01:14 . 2010-08-18 14:14 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-02 09:54 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-07-30 21:49 . 2010-07-30 20:58 -------- d-----w- c:\program files\Image-Line
2010-07-30 16:18 . 2010-07-30 16:16 -------- d-----w- c:\program files\Sony
2010-07-30 16:12 . 2010-07-30 16:12 -------- d-----w- c:\program files\Sony Setup
2010-07-28 19:50 . 2010-03-04 16:17 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-28 19:50 . 2010-03-04 16:17 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-28 19:47 . 2010-07-28 19:47 -------- d-----w- c:\program files\Futuremark
2010-07-27 21:21 . 2010-07-27 21:21 -------- d-----w- c:\program files\Zoner
2010-07-25 09:18 . 2010-07-25 09:18 -------- d-----w- c:\program files\GIMP-2.0
2010-07-24 20:08 . 2010-07-24 17:17 -------- d-----w- c:\program files\Yahoo!
2010-07-22 15:46 . 2004-08-17 13:49 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 08:03 . 2010-07-22 08:03 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-22 06:19 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-21 09:03 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-30 12:33 . 2010-03-21 11:47 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2010-03-21 11:47 1851904 ----a-w- c:\windows\system32\win32old.sys
2010-06-24 09:02 . 2009-08-14 15:15 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-23 02:47 . 2010-06-23 02:47 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2010-06-21 15:27 . 2010-03-21 11:47 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-18 17:47 . 2004-08-17 13:49 293376 ----a-w- c:\windows\system32\winsrv.dll
2010-08-31 04:05 . 2010-09-08 19:56 106824 ----a-w- c:\program files\opera\program\plugins\DownloadStudioXML.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-07-28 19557480]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Butterfly\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AvastUI.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [2010-8-19 2838912]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Butterfly^Nabídka Start^Programy^Po spuštění^setup_9.0.0.722_03.09.2010_12-29.lnk]
backup=c:\windows\pss\setup_9.0.0.722_03.09.2010_12-29.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 15:46 204288 ------w- c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"YahooAUService"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"sp_rssrv"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\vncviewer.exe"=
"c:\\Documents and Settings\\Butterfly\\Local Settings\\Data aplikací\\CrossLoop\\tvnserver.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\LAN WC3\\Frozen Throne.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5910:TCP"= 5910:TCP:vnc5910
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-08-19 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2010-06-04 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2010-06-01 25240]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-09-02 142592]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-09-12 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-09-12 41936]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-08-19 17744]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2010-08-05 111312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-08-19 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-08-05 100496]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-27 1051968]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-13 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-08-27 13:04]
.
.
------- Doplňkový sken -------
.
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odebírat RSS/Podcast pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_rss.htm
IE: Přidat stránku do DownloadStudio obrázkového alba... - c:\program files\Conceiva\DownloadStudio\ds_snap.htm
IE: Stáhnout obrázek pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_img.htm
IE: Stáhnout odkaz pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_file.htm
IE: Stáhnout stránku pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_all.htm
IE: Stáhnout video pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_video.htm
IE: Stáhnout výběr pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_sel.htm
IE: Zobrazit odkazy stránky pomocí DownloadStudia... - c:\program files\Conceiva\DownloadStudio\ds_link.htm
IE: Zobrazit originál
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-15 23:15
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1164)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
- - - - - - - > 'explorer.exe'(2520)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-09-15 23:18:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-15 21:18
ComboFix2.txt 2010-09-15 15:36
Před spuštěním: Volných bajtů: 68,457,500,672
Po spuštění: Volných bajtů: 68,301,344,768
- - End Of File - - 1710B6AA1442CC9D270820B4A3D3D8D1
Re: preventivka - stav pc
Na co jste použil killbox?Co počítač?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
BOnioo1775
- Návštěvník
- Příspěvky: 67
- Registrován: 24 dub 2010 09:52
Re: preventivka - stav pc
PC je ok , i predtim byl OK ;ú)) jen mam problem smazat cracklej VideoMach(Portable),kterej mam na plose.Pouzil jsem na nej KillBox ale nepomohlo to. COMODO to vzdycky zablokuje,I kdyz je vyplej.Ale s tim si uz poradim.Stejne tak pri praci s Combofixem ,jsem musel mit zaplej firewall a povolit vsechny pozadavky.Jinak bych Combofix nespustil
Přispějete na provoz fóra?
