tady to je:
ComboFix 10-10-07.01 - Administrator 07.10.2010 22:02:45.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1410 [GMT 2:00]
Spuštěný z: f:\documents and settings\Administrator\Dokumenty\Stažené soubory\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\autorun.inf
D:\autorun.inf
E:\Autorun.inf
f:\docume~1\ADMINI~1\LOCALS~1\Temp\ccInst_E8F75FE4-535E-4739-A45D-8758C698EA79\ccL70U.dll
f:\docume~1\ADMINI~1\LOCALS~1\Temp\SAS169.tmp
f:\docume~1\ADMINI~1\LOCALS~1\Temp\SAS16A.tmp
f:\documents and settings\Administrator\Local Settings\Temp\ccInst_E8F75FE4-535E-4739-A45D-8758C698EA79\ccL70U.dll
f:\documents and settings\Administrator\Local Settings\Temp\SAS169.tmp
f:\documents and settings\Administrator\Local Settings\Temp\SAS16A.tmp
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-07 do 2010-10-07 )))))))))))))))))))))))))))))))
.
2010-10-07 19:59 . 2010-10-07 19:59 -------- d-----w- f:\windows\LastGood
2010-10-07 18:46 . 2010-10-07 18:46 -------- d-----w- f:\program files\trend micro
2010-10-07 18:45 . 2010-10-07 18:46 -------- d-----w- F:\rsit
2010-10-04 18:54 . 2010-10-04 18:54 -------- d-----w- f:\program files\Sun
2010-10-04 18:10 . 2010-10-04 18:10 -------- d-----w- f:\program files\OpenOffice.org 3
2010-10-04 17:37 . 2010-10-04 18:35 -------- d-----w- f:\documents and settings\Administrator\.nbi
2010-10-04 17:33 . 2010-10-04 17:33 -------- d-----w- f:\program files\Notepad++
2010-10-04 17:15 . 2010-10-04 17:15 -------- d-----w- f:\program files\Common Files\Java
2010-10-04 14:06 . 2010-08-05 00:14 875296 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\JRERunOnce.exe
2010-10-04 13:50 . 2010-10-04 13:50 -------- d-----w- f:\windows\system32\Futuremark
2010-10-04 13:50 . 2010-10-04 13:50 -------- d-----w- f:\program files\Common Files\Futuremark Shared
2010-10-04 13:50 . 2008-09-17 13:14 27672 ----a-r- f:\windows\system32\drivers\Entech.sys
2010-10-03 17:08 . 2010-10-03 17:08 -------- d-----w- f:\program files\NVIDIA Corporation
2010-10-03 17:06 . 2007-10-22 01:39 267272 ----a-w- f:\windows\system32\xactengine2_10.dll
2010-10-03 16:59 . 2010-10-03 16:59 -------- d-----w- f:\program files\2K Games
2010-10-03 16:46 . 2010-10-03 16:46 -------- d-----w- f:\program files\PowerISO
2010-10-02 19:24 . 2010-10-02 19:24 -------- d-----w- f:\windows\Sun
2010-10-02 16:01 . 2010-10-02 16:01 -------- d-----w- f:\program files\Bytescout XLS Viewer
2010-10-02 12:02 . 2010-10-02 12:02 -------- d-----w- f:\windows\system32\KB905474
2010-10-02 12:00 . 2010-10-02 12:00 -------- d-----w- f:\program files\MSXML 6.0
2010-10-01 19:20 . 2010-10-01 19:20 -------- d-----w- f:\program files\MyAshampoo
2010-10-01 19:20 . 2010-01-20 10:19 52224 ----a-w- f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
2010-10-01 19:20 . 2010-01-20 10:19 101376 ----a-w- f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
2010-10-01 19:20 . 2010-10-01 19:20 -------- d-----w- f:\program files\Ashampoo
2010-10-01 13:24 . 2010-06-14 14:30 743936 -c----w- f:\windows\system32\dllcache\helpsvc.exe
2010-10-01 13:24 . 2009-10-23 14:27 3555328 -c----w- f:\windows\system32\dllcache\moviemk.exe
2010-10-01 13:24 . 2009-07-31 04:59 1172480 -c----w- f:\windows\system32\dllcache\msxml3.dll
2010-10-01 11:55 . 2010-10-01 15:02 -------- d-----w- f:\windows\system32\CatRoot_bak
2010-10-01 09:51 . 2008-06-14 18:00 272128 -c----w- f:\windows\system32\dllcache\bthport.sys
2010-10-01 09:51 . 2009-12-31 16:14 352640 -c----w- f:\windows\system32\dllcache\srv.sys
2010-10-01 09:51 . 2010-02-24 12:31 454016 -c----w- f:\windows\system32\dllcache\mrxsmb.sys
2010-10-01 09:51 . 2009-06-21 22:07 153088 -c----w- f:\windows\system32\dllcache\triedit.dll
2010-10-01 09:47 . 2008-05-01 14:33 331776 -c----w- f:\windows\system32\dllcache\msadce.dll
2010-10-01 09:47 . 2010-02-12 10:03 293376 ------w- f:\windows\system32\browserchoice.exe
2010-10-01 09:46 . 2009-06-05 07:46 655872 -c----w- f:\windows\system32\dllcache\mstscax.dll
2010-10-01 09:46 . 2008-10-15 17:00 332800 -c----w- f:\windows\system32\dllcache\netapi32.dll
2010-10-01 09:45 . 2008-04-21 21:28 216576 -c----w- f:\windows\system32\dllcache\wordpad.exe
2010-10-01 09:42 . 2010-10-06 12:02 -------- d--h--w- f:\windows\$hf_mig$
2010-09-30 21:00 . 2010-09-30 21:00 -------- d-----w- f:\program files\Crawler
2010-09-30 21:00 . 2010-10-01 14:00 -------- d-----w- f:\program files\Spyware Terminator
2010-09-30 19:08 . 2010-09-30 19:08 2944904 ----a-w- f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\extensions\
toolbar@ask.com\chrome\temp\askToolbar.exe
2010-09-30 11:12 . 2010-09-30 11:12 -------- d-----w- f:\program files\Vstplugins
2010-09-30 11:12 . 2010-09-30 11:12 -------- d-----w- f:\program files\Sony
2010-09-30 11:11 . 2010-09-30 11:11 -------- d-----w- f:\program files\MSBuild
2010-09-30 11:09 . 2010-10-04 13:19 -------- d-----w- f:\windows\system32\XPSViewer
2010-09-30 11:09 . 2010-09-30 11:09 -------- d-----w- f:\program files\Reference Assemblies
2010-09-30 11:09 . 2008-07-06 12:06 89088 ----a-w- f:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-09-30 11:08 . 2006-06-29 11:07 14048 ------w- f:\windows\system32\spmsg2.dll
2010-09-30 10:54 . 2010-09-30 10:56 52770576 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sony Setup\64993CD0-67D1-4244-A2BC-FD73F4DA5B62\dotnetfx3.exe
2010-09-30 10:54 . 2010-09-30 10:54 -------- d-----w- f:\program files\Sony Setup
2010-09-30 10:38 . 2010-09-30 10:38 -------- d-----w- f:\windows\system32\oodag
2010-09-30 09:38 . 2010-09-30 09:38 -------- d-----w- f:\program files\DVDVideoSoftTB
2010-09-30 09:38 . 2010-09-30 09:38 52224 ----a-w- f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
2010-09-30 09:38 . 2010-09-30 09:38 101376 ----a-w- f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
2010-09-30 09:38 . 2010-09-30 09:38 -------- d-----w- f:\program files\Common Files\DVDVideoSoft
2010-09-30 09:38 . 2010-09-30 09:38 -------- d-----w- f:\program files\DVDVideoSoft
2010-09-30 09:23 . 2010-10-07 20:00 -------- d-----w- f:\program files\Norton Internet Security
2010-09-30 09:22 . 2010-10-07 20:00 -------- d-----w- f:\program files\Common Files\Symantec Shared
2010-09-30 09:18 . 2010-09-30 09:18 -------- d-----w- f:\documents and settings\LocalService\Nabídka Start
2010-09-30 09:18 . 2010-10-04 17:15 -------- d-----w- f:\windows\system32\wbem\AutoRecover
2010-09-30 09:12 . 2010-10-02 11:57 -------- d-----w- f:\windows\ServicePackFiles
2010-09-30 09:11 . 2010-09-30 09:13 -------- d-----w- f:\windows\EHome
2010-09-30 08:42 . 2010-09-30 08:42 503808 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2f93c3c6-n\msvcp71.dll
2010-09-30 08:42 . 2010-09-30 08:42 499712 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2f93c3c6-n\jmc.dll
2010-09-30 08:42 . 2010-09-30 08:42 348160 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-2f93c3c6-n\msvcr71.dll
2010-09-30 08:42 . 2010-09-30 08:42 61440 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f7c142f-n\decora-sse.dll
2010-09-30 08:42 . 2010-09-30 08:42 12800 ----a-w- f:\documents and settings\Administrator\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4f7c142f-n\decora-d3d.dll
2010-09-30 08:42 . 2010-07-17 03:00 423656 ----a-w- f:\windows\system32\deployJava1.dll
2010-09-30 08:42 . 2010-10-04 18:54 -------- d-----w- f:\program files\Java
2010-09-30 08:24 . 2010-09-30 08:24 -------- d-----w- f:\program files\MSECache
2010-09-29 19:12 . 2010-09-30 09:23 -------- d-----w- f:\program files\SpeedFan
2010-09-29 19:11 . 2010-10-07 19:31 -------- d-----w- f:\program files\Valve
2010-09-29 18:25 . 2010-09-29 18:25 -------- d-----w- f:\program files\OO Software
2010-09-29 18:15 . 2010-10-01 17:02 -------- d-----w- f:\program files\Ask.com
2010-09-29 18:15 . 2010-09-29 18:15 -------- d-----w- f:\program files\uTorrent
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-07 18:08 . 2010-09-29 16:00 -------- d-----w- f:\program files\QIP 2010
2010-10-07 13:16 . 2001-10-25 12:00 78052 ----a-w- f:\windows\system32\perfc005.dat
2010-10-07 13:16 . 2001-10-25 12:00 429024 ----a-w- f:\windows\system32\perfh005.dat
2010-10-04 13:50 . 2010-09-29 15:13 -------- d--h--w- f:\program files\InstallShield Installation Information
2010-10-03 17:08 . 2010-10-03 17:07 -------- d-----w- f:\program files\Common Files\Wise Installation Wizard
2010-09-30 09:15 . 2010-09-29 15:05 86327 ----a-w- f:\windows\pchealth\HelpCtr\OfflineCache\index.dat
2010-09-30 09:15 . 2010-09-29 15:05 2724 ----a-w- f:\windows\pchealth\HelpCtr\PackageStore\SkuStore.bin
2010-09-30 09:13 . 2010-09-29 15:05 8972 ----a-w- f:\windows\pchealth\HelpCtr\Config\Cntstore.bin
2010-09-29 15:57 . 2010-09-29 15:57 0 ----a-w- f:\windows\ativpsrm.bin
2010-09-29 15:55 . 2010-09-29 15:55 664 ----a-w- f:\windows\system32\d3d9caps.dat
2010-09-29 15:45 . 2010-09-29 15:35 -------- d-----w- f:\program files\ATI Technologies
2010-09-29 15:44 . 2010-09-29 15:44 -------- d-----w- f:\program files\Common Files\ATI Technologies
2010-09-29 15:36 . 2010-09-29 15:11 -------- d-----w- f:\program files\Common Files\InstallShield
2010-09-29 15:30 . 2010-09-29 15:30 -------- d-----w- f:\program files\Common Files\Adobe
2010-09-29 15:27 . 2010-09-29 15:27 0 ----a-w- f:\windows\nsreg.dat
2010-09-29 15:24 . 2010-09-29 15:24 -------- d-----w- f:\program files\Realtek
2010-09-29 15:23 . 2010-09-29 15:23 -------- d-----w- f:\program files\Intel
2010-09-29 15:12 . 2010-09-29 15:11 -------- d-----w- f:\program files\VIA
2010-09-29 15:05 . 2010-09-29 15:05 -------- d-----w- f:\program files\microsoft frontpage
2010-09-29 15:05 . 2010-09-29 15:05 558142 ----a-w- f:\windows\java\Packages\NBXNVL3B.ZIP
2010-09-29 15:05 . 2010-09-29 15:05 2678 ----a-w- f:\windows\java\Packages\Data\EAT7P3BD.DAT
2010-09-29 15:05 . 2010-09-29 15:05 2678 ----a-w- f:\windows\java\Packages\Data\M6CHBPBH.DAT
2010-09-29 15:05 . 2010-09-29 15:05 155995 ----a-w- f:\windows\java\Packages\6LZ5JFXV.ZIP
2010-09-29 15:05 . 2010-09-29 15:05 2678 ----a-w- f:\windows\java\Packages\Data\MZJX35NR.DAT
2010-09-29 15:05 . 2010-09-29 15:05 2678 ----a-w- f:\windows\java\Packages\Data\JLRZD3HR.DAT
2010-09-29 15:05 . 2010-09-29 15:05 2678 ----a-w- f:\windows\java\Packages\Data\A20BJ3JR.DAT
2010-09-29 15:03 . 2010-09-29 15:03 21812 ----a-w- f:\windows\system32\emptyregdb.dat
2010-09-28 19:59 . 2010-09-28 19:59 -------- d-----w- f:\program files\Common Files\Diskeeper Corporation
2010-09-28 19:59 . 2010-09-28 19:59 -------- d-----w- f:\program files\Windows Home Server
2010-09-28 19:59 . 2010-09-28 19:59 -------- d-----w- f:\program files\Diskeeper Corporation
2010-09-28 19:24 . 2010-09-28 19:24 -------- d-----w- f:\program files\Conduit
2010-09-28 19:24 . 2010-09-28 19:24 -------- d-----w- f:\program files\BS_Player
2010-09-28 19:24 . 2010-09-28 19:24 -------- d-----w- f:\program files\Webteh
2010-09-28 17:15 . 2010-09-28 17:11 -------- d-----w- f:\program files\CyberLink
2010-09-21 18:37 . 2010-09-21 18:37 932288 ----a-w- f:\documents and settings\All Users\Data aplikací\Adobe\Reader\9.3\ARM\9390\AdobeARM.exe
2010-09-21 18:37 . 2010-09-21 18:37 70584 ----a-w- f:\documents and settings\All Users\Data aplikací\Adobe\Reader\9.3\ARM\9390\AdobeExtractFiles.dll
2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- f:\documents and settings\All Users\Data aplikací\Adobe\Reader\9.3\ARM\9390\ReaderUpdater.exe
2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- f:\documents and settings\All Users\Data aplikací\Adobe\Reader\9.3\ARM\9390\AcrobatUpdater.exe
2010-08-24 20:56 . 2010-08-24 20:56 1555272 ----a-w- f:\windows\system32\ooscrsav.scr
2010-08-24 20:56 . 2010-08-24 20:56 275272 ----a-w- f:\windows\system32\oodbs.exe
2010-08-24 20:55 . 2010-08-24 20:55 535880 ----a-w- f:\windows\system32\oodssrs.dll
2010-08-24 20:54 . 2010-08-24 20:54 9544 ----a-w- f:\windows\system32\oodbsrs.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "f:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-04-27 08:08 2393184 ----a-w- f:\program files\DVDVideoSoftTB\tbDVDV.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2009-12-31 09:53 2349080 ----a-w- f:\program files\MyAshampoo\tbMyAs.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 13:23 1385864 ----a-w- f:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-12-31 09:53 2349080 ----a-w- f:\program files\BS_Player\tbBS_P.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "f:\program files\BS_Player\tbBS_P.dll" [2009-12-31 2349080]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "f:\program files\DVDVideoSoftTB\tbDVDV.dll" [2010-04-27 2393184]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "f:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "f:\program files\MyAshampoo\tbMyAs.dll" [2009-12-31 2349080]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="f:\documents and settings\Administrator\Data aplikací\QipGuard\QipGuard.exe" [2010-04-12 184272]
"uTorrent"="f:\program files\uTorrent\uTorrent.exe" [2010-09-29 319792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="f:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-02-17 33595392]
"Adobe Reader Speed Launcher"="f:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="f:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"StartCCC"="f:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-14 98304]
"RemoteControl"="f:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"LanguageShortcut"="f:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"UpdatePPShortCut"="f:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"OODefragTray"="f:\program files\OO Software\Defrag\oodtray.exe" [2010-08-24 2770760]
"PWRISOVM.EXE"="f:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="f:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\uTorrent\\uTorrent.exe"=
R2 OODefragAgent;O&O Defrag Agent;f:\program files\OO Software\Defrag\oodag.exe [24.8.2010 22:56 2281800]
R3 DKRtWrt;DKRtWrt;f:\windows\system32\drivers\DKRtWrt.sys [28.9.2010 21:59 45616]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;f:\windows\system32\drivers\viahduaa.sys [29.9.2010 17:12 1057024]
S3 cpuz130;cpuz130;\??\f:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> f:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
--- Ostatní služby/ovladače v paměti ---
*Deregistered* - COH_Mon
*Deregistered* - NAVENG
*Deregistered* - NAVEX15
*Deregistered* - SPBBCDrv
*Deregistered* - SRTSPX
.
Obsah adresáře 'Naplánované úlohy'
2010-10-07 f:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- f:\program files\Ask.com\UpdateTask.exe [2010-05-26 13:23]
2010-10-07 f:\windows\Tasks\WGASetup.job
- f:\windows\system32\KB905474\wgasetup.exe [2010-10-02 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.crawler.com/homepage.aspx?tbid=60342
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - f:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: DirectAnimation Java Classes - file://f:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://f:\windows\Java\classes\xmldso.cab
FF - ProfilePath - f:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\o38v9lbd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2475029&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: f:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - f:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
f:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
f:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
f:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
f:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-RunOnce-isDeleteMe - f:\docume~1\ADMINI~1\LOCALS~1\Temp\isDel.bat
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\f:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="AE332F7C88A66E2B0A7FA2C16189B5D59517B5F1A47D6BA00B5822E73DD944BBFCAAD3ED8D1863111F200B678996894FA3640AC0D335424AA2FDD23570BB30A315DBF5E40995634AE1BDF2383ED53C4474D9A1130B92E4CD6A67385B380CD842CE68D14CD8A7F55E5F4D159CE53429476CE2DAEE5B072268C197709C6A619923A085E7C3BD29A7C54959F430CA722DDD987E570F37D9C5D0AD20DFEFC52651C6A97CFC1F5DCA0A70F781FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794A6171C11EC38DE3DA6A0AC4980AC7933D37FFEAC3EA04583D55370B6329289F436B6C23902F18DD266464AB70DD95894CE4BA66D61EE184D5D0FC2444BA0EE482382629F8236497C81304FEFDCA84C49EB84802094514D0B33DB654DA3E2DFF8676D33CEA03D6D57427BC70B3F015EF4A6DAA02753015AFEB4C55878637F0C20E0003953553A0170A44C649C204010B73FB0003916AB57FC020CFA42B7914465AF76600E9ED32FE56C7CB789ECBE84C6B61CF9E1DCF2026E7E2194795125FE083A42F5347D25C6EB1F19B88C194004E9D5E8517F2EEA3BD1D2AE4D43E5BC5659A906ADCD78BD3AC887E4C4321B83F97CA714A7458D9C87B76A8D33952D4E0742E99D9D38182021D83254195C6D3776F07B5106380A8590C57650B6BCE145F33A2D123F246B43370A7391DAC18F802D49E385DA35B09622B3E9372E5A48FDA2D0E7A5F1950493596060F90F6C8275769E374DF3E997B52ED0FDBC53E0234C3DA8D3CC77E6766E0C73531FA3B74E24CD1E1276875AD43948FC2E0BC2173B7491776D3076435D2774EEE9C5E5D7FC8C5406D382ACDB04702BAEBB027E1A5C319207F6AA792C5585DF1186E88B529D22CBAD1E29E099459C316E2AB36B59D7AFD337F3506EF601C33AADCF352A7F43CB9DF959550493BCF05ED8C0695219041491782F6129CB8511992B2F0C3D8E0366D5692F23DA9A1118D5200D1F61EF3672275235D9DDA68C913306D3832501F743230C11E78D56EE2E5F895E032B4BCED4995DD6642859C4DA62CC2F64A42CC1A4DA063028274184456AEEC8F823E8AB3B8BCA2AE187895EF7A52377ACE33A03C2F30E84A09A2B076186BCA418A35E32954A5A0767DB2D8F6820C0A68DECA8614A8973C9BCBAB52EFBE8748EAC69924BCA41E38BBCED14129F186FFA6D30C8885BDD93FDA241583401E9AAE63617C0E33483D0185E675EA304798F77E401C1278A53E3E4A5C85DD853078950E6B17AEB21469F527ED47E8571D2146042978CEEDDF16C85525264E047E14EB3A721A159526261A47FABBFFDB65605C1060D7796D2E5CA2BE5C2DF14A53DC9BD14B46FA27F583FB9FAC03E5595DBFC6966E1A259597E2D64D3E295BCAA"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1032)
f:\program files\SUPERAntiSpyware\SASWINLO.DLL
f:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-10-07 22:13:31
ComboFix-quarantined-files.txt 2010-10-07 20:13
Před spuštěním: Volných bajtů: 84 022 222 848
Po spuštění: Volných bajtů: 84 365 578 240
- - End Of File - - F3946EFD3EDA397B7C07D3A6E241BB49
