System tools-trojan
Napsal: 22 pro 2010 03:20
Zdravím! Mám stejný problém se Spywarem System tools.Tady zasílám log soubor,který mi vytvořil ComboFix.Doufám že mi pomůžete.děkuji moc
ComboFix 10-12-21.01 - Blažek 22.12.2010 2:19.1.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.351 [GMT 1:00]
Spuštěný z: c:\documents and settings\Blažek\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101221-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Data aplikací\eDpNk01804
c:\documents and settings\All Users\Data aplikací\eDpNk01804\eDpNk01804
c:\documents and settings\All Users\Data aplikací\eDpNk01804\eDpNk01804.exe
c:\documents and settings\Blažek\Data aplikací\.#
c:\documents and settings\Blažek\Data aplikací\.#\MBX@DE4@3A5C28.###
c:\documents and settings\Blažek\Data aplikací\.#\MBX@DE4@3A5D48.###
c:\documents and settings\Blažek\Data aplikací\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\Blažek\Data aplikací\PriceGong
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\z.xml
c:\documents and settings\Blažek\Nabídka Start\Programy\System Tool
c:\windows\system32\alleg41.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 00:35 . 2010-12-22 00:35 -------- d-----w- c:\program files\SpywareBlaster
2010-12-22 00:33 . 2010-12-22 00:34 -------- d-----w- c:\program files\Crawler
2010-12-22 00:33 . 2010-12-22 00:33 141312 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-12-22 00:33 . 2010-12-22 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2010-12-22 00:33 . 2010-12-22 00:43 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Spyware Terminator
2010-12-22 00:33 . 2010-12-22 00:44 -------- d-----w- c:\program files\Spyware Terminator
2010-12-22 00:32 . 2008-06-10 20:22 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2010-12-22 00:32 . 2008-06-02 14:19 29576 ----a-w- c:\windows\system32\drivers\kcom.sys
2010-12-22 00:32 . 2008-06-02 14:19 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2010-12-22 00:32 . 2008-06-02 14:19 42376 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2010-12-22 00:32 . 2010-12-22 00:39 -------- d-----w- c:\program files\Spyware Doctor
2010-12-22 00:32 . 2010-12-22 00:32 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\PC Tools
2010-12-22 00:27 . 2008-09-01 12:13 13307640 ----a-w- C:\sdstart.exe
2010-12-22 00:27 . 2008-09-01 09:36 2869536 ----a-w- C:\setup41.exe
2010-12-22 00:27 . 2008-09-01 08:27 8557184 ----a-w- C:\Setup.exe
2010-12-21 20:02 . 2010-12-21 21:58 -------- d-----w- C:\8d294b15b7f09df5112af9663ad4
2010-12-21 18:20 . 2010-12-21 18:20 -------- d-----w- c:\windows\Easy CD-DA Extractor 11.5.3
2010-12-21 18:20 . 2010-12-21 18:20 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-12-21 17:08 . 2010-12-21 17:08 -------- d-----w- c:\program files\Acclaim Entertainment
2010-12-21 16:31 . 2010-12-21 16:31 -------- d-----w- C:\cc3
2010-12-20 17:33 . 2008-10-10 03:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-12-20 17:33 . 2008-10-10 03:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-12-20 17:33 . 2008-10-10 03:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-12-20 17:33 . 2008-10-27 09:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2010-12-20 17:33 . 2008-10-27 09:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2010-12-20 17:33 . 2008-10-27 09:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2010-12-20 17:32 . 2008-10-27 09:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2010-12-20 17:05 . 2010-12-20 17:06 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\TheLostIncaProphecy
2010-12-19 21:02 . 2010-12-19 21:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Jugilus
2010-12-19 21:01 . 2010-12-19 21:01 -------- d-----w- c:\program files\Crystal Cave Classic
2010-12-19 20:59 . 2010-12-20 17:04 -------- d-----w- c:\program files\Oberon Media
2010-12-19 20:59 . 2010-12-20 17:04 -------- d-----w- c:\program files\MSN Games
2010-12-19 20:58 . 2010-12-19 20:58 -------- d-----w- c:\program files\Little Space Duo
2010-12-19 20:27 . 2010-12-21 18:02 -------- d-----w- c:\program files\AquariaDemo
2010-12-19 19:14 . 2010-12-19 19:14 -------- d-----w- c:\program files\1C
2010-12-19 18:53 . 2010-12-19 18:53 -------- d-----w- c:\program files\Cenega Czech
2010-12-19 18:45 . 2010-12-19 18:45 -------- d-----w- c:\program files\Cenega
2010-12-17 23:14 . 2010-12-17 23:14 -------- d-----w- c:\program files\SirTech
2010-12-16 09:06 . 2010-12-16 09:16 -------- d-----w- c:\program files\Jets'n'Guns Demo
2010-12-16 04:47 . 2007-01-17 11:57 528384 ----a-w- c:\windows\system32\Astro Gemini Screensaver Manager.scr
2010-12-16 04:47 . 2010-12-16 04:47 -------- d-----w- c:\program files\Astro Gemini Software
2010-12-16 04:47 . 2007-02-13 14:53 13619200 ----a-w- c:\windows\system32\Solar System 3D Screensaver.scr
2010-12-16 04:21 . 2010-12-16 04:21 -------- d-----w- c:\program files\MumboJumbo
2010-12-16 00:00 . 2010-12-16 00:00 97248 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-12-16 00:00 . 2010-12-16 00:00 -------- d-----w- c:\program files\Acronis
2010-12-16 00:00 . 2010-12-16 00:00 -------- d-----w- c:\program files\Common Files\Acronis
2010-12-11 22:38 . 2010-12-16 09:29 -------- d-----w- C:\Python22
2010-12-11 14:49 . 2010-12-11 14:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2010-12-06 14:18 . 2010-12-06 14:18 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\ABF software
2010-12-06 14:18 . 2010-12-06 14:18 -------- d-----w- c:\program files\ABF software
2010-12-06 14:14 . 2008-07-25 08:31 28672 ----a-w- c:\program files\Mozilla Firefox\components\flashgetXpi.dll
2010-12-06 14:00 . 2010-12-06 14:00 -------- d-----w- c:\program files\Common Files\Drunken Clock
2010-12-06 14:00 . 2010-12-06 14:00 -------- d-----w- c:\program files\Drunken Clock
2010-12-06 04:57 . 2010-12-21 20:26 -------- d-----w- C:\Downloads
2010-12-06 03:45 . 2010-12-21 21:57 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\BITS
2010-12-06 03:24 . 2010-12-06 03:24 -------- d-----w- C:\profiles
2010-12-06 02:23 . 2010-12-06 02:23 -------- d-----w- c:\program files\FlashGet Network
2010-12-06 02:09 . 2010-12-11 21:35 -------- d-----w- c:\program files\Startup Manager
2010-12-06 02:09 . 2010-12-06 02:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Startup Manager
2010-12-06 00:16 . 2010-12-21 21:58 -------- d-----w- c:\documents and settings\Bla×ek\Plocha
2010-12-05 23:18 . 2010-12-20 11:24 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Vista Start Menu
2010-12-05 23:17 . 2010-12-05 23:18 -------- d-----w- c:\program files\Vista Start Menu
2010-12-05 12:03 . 1996-02-14 13:01 92208 ----a-w- c:\windows\system32\WING.DLL
2010-12-05 11:41 . 2010-12-05 22:52 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\GetRightToGo
2010-12-05 08:19 . 2010-12-05 08:19 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Malwarebytes
2010-12-05 08:19 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-05 08:19 . 2010-12-05 08:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-12-05 08:18 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-05 08:18 . 2010-12-05 08:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-05 07:55 . 2010-12-05 07:55 -------- d-----w- c:\documents and settings\Administrator.BLA-MV5AE1ST90J
2010-12-05 06:46 . 2010-12-05 06:46 248 ----a-w- c:\documents and settings\Blažek\Data aplikací\agtyjkj.bat
2010-12-04 20:06 . 2010-12-21 23:58 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\AskToolbar
2010-12-04 20:06 . 2010-12-07 20:53 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\WeLoveGames
2010-12-04 20:06 . 2010-12-04 20:06 -------- d-----w- c:\program files\WeLoveGames
2010-12-03 23:13 . 2010-12-03 23:13 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\QuickStores
2010-12-03 23:13 . 2010-12-03 23:13 -------- d-----w- c:\program files\Ask.com
2010-12-03 23:12 . 2010-12-03 23:12 -------- d-----w- c:\program files\DsNET Corp
2010-12-03 18:38 . 2010-12-03 18:38 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\FreshDiagnose
2010-12-03 18:35 . 2010-12-03 18:35 -------- d-----w- c:\program files\FreshDevices
2010-12-03 15:48 . 2010-12-03 15:48 -------- d-----w- c:\program files\Valve
2010-11-27 13:31 . 2010-11-27 13:32 -------- d-----w- C:\CANNON
2010-11-27 01:44 . 2010-11-27 01:44 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\fltk.org
2010-11-27 01:34 . 2010-11-27 01:34 -------- d-----w- c:\program files\EKAf Incorporated
2010-11-26 21:45 . 2010-11-26 21:45 -------- d-----w- c:\program files\Street Bike Fury
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 23:39 . 2010-11-10 23:39 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-10-29 19:18 . 2010-10-28 18:35 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-10-29 19:18 . 2010-10-28 18:35 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-10-29 19:18 . 2010-10-28 18:35 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-10-29 18:24 . 2010-10-29 18:24 94208 ----a-w- c:\windows\DIIUnin.exe
2010-10-29 18:24 . 2010-10-29 18:24 2829 ----a-w- c:\windows\DIIUnin.pif
2010-10-16 10:38 . 2003-11-07 13:28 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-16 10:05 . 2006-05-26 07:39 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-28 18:16 . 2010-09-28 18:16 36734 ----a-w- c:\windows\system32\OggDSuninst.exe
2010-10-24 19:19 . 2010-10-24 19:22 252080 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2008-07-25 08:31 . 2010-12-06 14:14 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [2010-10-24 39072]
"{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\WeLoveGames\tbWeLo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-10-24 19:18 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\MyAshampoo\tbMyA0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 14:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\BS_Player\tbBS_0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{2B9B4AD6-BECB-4891-8D9D-6686487A0AA8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"FlashGet"="c:\program files\FlashGet Network\FlashGet universal\flashget.exe" [2008-08-19 1795656]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
"SOUNDMAN"="c:\windows\SOUNDMAN.EXE" [2003-08-15 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
"Gainward"="c:\windows\TBPanel.exe" [2003-06-16 2031616]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360]
"nwiz"="nwiz.exe" [2005-12-10 1519616]
"AGRSMMSG"="AGRSMMSG.exe" [2002-09-25 87751]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-14 208896]
"NvMediaCenter"="NvMCTray.dll" [2005-12-10 86016]
"FlashGet"="c:\program files\FlashGet Network\FlashGet universal\flashget.exe" [2008-08-19 1795656]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2005-12-27 1544099]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-07-16 1166216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
[HKLM\~\startupfolder\C:^Documents and Settings^Blažek^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler.exe]
path=c:\documents and settings\Blažek\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler.exe
backup=c:\windows\pss\PowerReg Scheduler.exeStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\MotoGP2\\motogp2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Mad Tracks Demo\\MadTracksDemo.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Stormregion\\S.W.I.N.E\\swine.exe"=
"c:\\Games\\Q3Ademo\\quake3.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\flashget.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2008 19:29 685816]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [21.10.2008 19:35 149376]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.11.2010 20:05 114768]
S1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [6.10.2009 17:10 114496]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.11.2010 20:05 20560]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 MapMem;MapMem;\??\d:\mapmem.sys --> d:\mapmem.sys [?]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [12.11.2010 18:22 9216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [18.9.2010 13:24 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [18.9.2010 13:24 8320]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Obsah adresáře 'Naplánované úlohy'
2010-12-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 13:42]
2010-12-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 14:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Crawler Search - tbr:iemenu
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Link to &MidpX - c:\program files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Blažek\Data aplikací\Mozilla\Firefox\Profiles\tavgdav9.default\
FF - prefs.js: browser.search.selectedEngine - Google.com (in English)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: PermissionResearch: {32c1ae0f-a1ed-4128-b922-7e83a47d79b7} - %profile%\extensions\{32c1ae0f-a1ed-4128-b922-7e83a47d79b7}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
AddRemove-Defense Commander - c:\program files\Defense Commander\Uninst.isu
AddRemove-Downhill PAKOON! 2.Many Unlimited 2009 - c:\program files\metal oxide software\Downhill PAKOON! 2.Many Unlimited 2009\Uninst.isu
AddRemove-uflex2000 - c:\program files\Ultra FlexBall 2000\Uninst.isu
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-22 02:30
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(372)
c:\windows\system32\l3codecp.acm
c:\windows\system32\iac25_32.ax
c:\windows\system32\qmpeg.acm
.
Celkový čas: 2010-12-22 02:34:02
ComboFix-quarantined-files.txt 2010-12-22 01:33
Před spuštěním: 4 635 455 488
Po spuštění: 6 014 226 432
Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - F2F4D01EA36F5EE5A63FCFFB596BEC1F
ComboFix 10-12-21.01 - Blažek 22.12.2010 2:19.1.1 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.351 [GMT 1:00]
Spuštěný z: c:\documents and settings\Blažek\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101221-1] *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Data aplikací\eDpNk01804
c:\documents and settings\All Users\Data aplikací\eDpNk01804\eDpNk01804
c:\documents and settings\All Users\Data aplikací\eDpNk01804\eDpNk01804.exe
c:\documents and settings\Blažek\Data aplikací\.#
c:\documents and settings\Blažek\Data aplikací\.#\MBX@DE4@3A5C28.###
c:\documents and settings\Blažek\Data aplikací\.#\MBX@DE4@3A5D48.###
c:\documents and settings\Blažek\Data aplikací\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\Blažek\Data aplikací\PriceGong
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Blažek\Data aplikací\PriceGong\Data\z.xml
c:\documents and settings\Blažek\Nabídka Start\Programy\System Tool
c:\windows\system32\alleg41.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-22 do 2010-12-22 )))))))))))))))))))))))))))))))
.
2010-12-22 00:35 . 2010-12-22 00:35 -------- d-----w- c:\program files\SpywareBlaster
2010-12-22 00:33 . 2010-12-22 00:34 -------- d-----w- c:\program files\Crawler
2010-12-22 00:33 . 2010-12-22 00:33 141312 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-12-22 00:33 . 2010-12-22 00:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2010-12-22 00:33 . 2010-12-22 00:43 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Spyware Terminator
2010-12-22 00:33 . 2010-12-22 00:44 -------- d-----w- c:\program files\Spyware Terminator
2010-12-22 00:32 . 2008-06-10 20:22 81288 ----a-w- c:\windows\system32\drivers\iksyssec.sys
2010-12-22 00:32 . 2008-06-02 14:19 29576 ----a-w- c:\windows\system32\drivers\kcom.sys
2010-12-22 00:32 . 2008-06-02 14:19 66952 ----a-w- c:\windows\system32\drivers\iksysflt.sys
2010-12-22 00:32 . 2008-06-02 14:19 42376 ----a-w- c:\windows\system32\drivers\ikfilesec.sys
2010-12-22 00:32 . 2010-12-22 00:39 -------- d-----w- c:\program files\Spyware Doctor
2010-12-22 00:32 . 2010-12-22 00:32 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\PC Tools
2010-12-22 00:27 . 2008-09-01 12:13 13307640 ----a-w- C:\sdstart.exe
2010-12-22 00:27 . 2008-09-01 09:36 2869536 ----a-w- C:\setup41.exe
2010-12-22 00:27 . 2008-09-01 08:27 8557184 ----a-w- C:\Setup.exe
2010-12-21 20:02 . 2010-12-21 21:58 -------- d-----w- C:\8d294b15b7f09df5112af9663ad4
2010-12-21 18:20 . 2010-12-21 18:20 -------- d-----w- c:\windows\Easy CD-DA Extractor 11.5.3
2010-12-21 18:20 . 2010-12-21 18:20 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-12-21 17:08 . 2010-12-21 17:08 -------- d-----w- c:\program files\Acclaim Entertainment
2010-12-21 16:31 . 2010-12-21 16:31 -------- d-----w- C:\cc3
2010-12-20 17:33 . 2008-10-10 03:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-12-20 17:33 . 2008-10-10 03:52 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-12-20 17:33 . 2008-10-10 03:52 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-12-20 17:33 . 2008-10-27 09:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2010-12-20 17:33 . 2008-10-27 09:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2010-12-20 17:33 . 2008-10-27 09:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2010-12-20 17:32 . 2008-10-27 09:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2010-12-20 17:05 . 2010-12-20 17:06 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\TheLostIncaProphecy
2010-12-19 21:02 . 2010-12-19 21:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Jugilus
2010-12-19 21:01 . 2010-12-19 21:01 -------- d-----w- c:\program files\Crystal Cave Classic
2010-12-19 20:59 . 2010-12-20 17:04 -------- d-----w- c:\program files\Oberon Media
2010-12-19 20:59 . 2010-12-20 17:04 -------- d-----w- c:\program files\MSN Games
2010-12-19 20:58 . 2010-12-19 20:58 -------- d-----w- c:\program files\Little Space Duo
2010-12-19 20:27 . 2010-12-21 18:02 -------- d-----w- c:\program files\AquariaDemo
2010-12-19 19:14 . 2010-12-19 19:14 -------- d-----w- c:\program files\1C
2010-12-19 18:53 . 2010-12-19 18:53 -------- d-----w- c:\program files\Cenega Czech
2010-12-19 18:45 . 2010-12-19 18:45 -------- d-----w- c:\program files\Cenega
2010-12-17 23:14 . 2010-12-17 23:14 -------- d-----w- c:\program files\SirTech
2010-12-16 09:06 . 2010-12-16 09:16 -------- d-----w- c:\program files\Jets'n'Guns Demo
2010-12-16 04:47 . 2007-01-17 11:57 528384 ----a-w- c:\windows\system32\Astro Gemini Screensaver Manager.scr
2010-12-16 04:47 . 2010-12-16 04:47 -------- d-----w- c:\program files\Astro Gemini Software
2010-12-16 04:47 . 2007-02-13 14:53 13619200 ----a-w- c:\windows\system32\Solar System 3D Screensaver.scr
2010-12-16 04:21 . 2010-12-16 04:21 -------- d-----w- c:\program files\MumboJumbo
2010-12-16 00:00 . 2010-12-16 00:00 97248 ----a-w- c:\windows\system32\drivers\snapman.sys
2010-12-16 00:00 . 2010-12-16 00:00 -------- d-----w- c:\program files\Acronis
2010-12-16 00:00 . 2010-12-16 00:00 -------- d-----w- c:\program files\Common Files\Acronis
2010-12-11 22:38 . 2010-12-16 09:29 -------- d-----w- C:\Python22
2010-12-11 14:49 . 2010-12-11 14:49 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2010-12-06 14:18 . 2010-12-06 14:18 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\ABF software
2010-12-06 14:18 . 2010-12-06 14:18 -------- d-----w- c:\program files\ABF software
2010-12-06 14:14 . 2008-07-25 08:31 28672 ----a-w- c:\program files\Mozilla Firefox\components\flashgetXpi.dll
2010-12-06 14:00 . 2010-12-06 14:00 -------- d-----w- c:\program files\Common Files\Drunken Clock
2010-12-06 14:00 . 2010-12-06 14:00 -------- d-----w- c:\program files\Drunken Clock
2010-12-06 04:57 . 2010-12-21 20:26 -------- d-----w- C:\Downloads
2010-12-06 03:45 . 2010-12-21 21:57 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\BITS
2010-12-06 03:24 . 2010-12-06 03:24 -------- d-----w- C:\profiles
2010-12-06 02:23 . 2010-12-06 02:23 -------- d-----w- c:\program files\FlashGet Network
2010-12-06 02:09 . 2010-12-11 21:35 -------- d-----w- c:\program files\Startup Manager
2010-12-06 02:09 . 2010-12-06 02:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Startup Manager
2010-12-06 00:16 . 2010-12-21 21:58 -------- d-----w- c:\documents and settings\Bla×ek\Plocha
2010-12-05 23:18 . 2010-12-20 11:24 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Vista Start Menu
2010-12-05 23:17 . 2010-12-05 23:18 -------- d-----w- c:\program files\Vista Start Menu
2010-12-05 12:03 . 1996-02-14 13:01 92208 ----a-w- c:\windows\system32\WING.DLL
2010-12-05 11:41 . 2010-12-05 22:52 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\GetRightToGo
2010-12-05 08:19 . 2010-12-05 08:19 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\Malwarebytes
2010-12-05 08:19 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-05 08:19 . 2010-12-05 08:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-12-05 08:18 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-05 08:18 . 2010-12-05 08:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-05 07:55 . 2010-12-05 07:55 -------- d-----w- c:\documents and settings\Administrator.BLA-MV5AE1ST90J
2010-12-05 06:46 . 2010-12-05 06:46 248 ----a-w- c:\documents and settings\Blažek\Data aplikací\agtyjkj.bat
2010-12-04 20:06 . 2010-12-21 23:58 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\AskToolbar
2010-12-04 20:06 . 2010-12-07 20:53 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\WeLoveGames
2010-12-04 20:06 . 2010-12-04 20:06 -------- d-----w- c:\program files\WeLoveGames
2010-12-03 23:13 . 2010-12-03 23:13 -------- d-----w- c:\documents and settings\Blažek\Local Settings\Data aplikací\QuickStores
2010-12-03 23:13 . 2010-12-03 23:13 -------- d-----w- c:\program files\Ask.com
2010-12-03 23:12 . 2010-12-03 23:12 -------- d-----w- c:\program files\DsNET Corp
2010-12-03 18:38 . 2010-12-03 18:38 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\FreshDiagnose
2010-12-03 18:35 . 2010-12-03 18:35 -------- d-----w- c:\program files\FreshDevices
2010-12-03 15:48 . 2010-12-03 15:48 -------- d-----w- c:\program files\Valve
2010-11-27 13:31 . 2010-11-27 13:32 -------- d-----w- C:\CANNON
2010-11-27 01:44 . 2010-11-27 01:44 -------- d-----w- c:\documents and settings\Blažek\Data aplikací\fltk.org
2010-11-27 01:34 . 2010-11-27 01:34 -------- d-----w- c:\program files\EKAf Incorporated
2010-11-26 21:45 . 2010-11-26 21:45 -------- d-----w- c:\program files\Street Bike Fury
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 23:39 . 2010-11-10 23:39 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-10-29 19:18 . 2010-10-28 18:35 21840 ----atw- c:\windows\system32\SIntfNT.dll
2010-10-29 19:18 . 2010-10-28 18:35 17212 ----atw- c:\windows\system32\SIntf32.dll
2010-10-29 19:18 . 2010-10-28 18:35 12067 ----atw- c:\windows\system32\SIntf16.dll
2010-10-29 18:24 . 2010-10-29 18:24 94208 ----a-w- c:\windows\DIIUnin.exe
2010-10-29 18:24 . 2010-10-29 18:24 2829 ----a-w- c:\windows\DIIUnin.pif
2010-10-16 10:38 . 2003-11-07 13:28 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-16 10:05 . 2006-05-26 07:39 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-09-28 18:16 . 2010-09-28 18:16 36734 ----a-w- c:\windows\system32\OggDSuninst.exe
2010-10-24 19:19 . 2010-10-24 19:22 252080 ----a-w- c:\program files\opera\program\plugins\dapop.dll
2008-07-25 08:31 . 2010-12-06 14:14 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{F4F10C1D-87C7-404A-B4B3-000000000000}"= "c:\progra~1\DAP\SBSearch.dll" [2010-10-24 39072]
"{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{f4f10c1d-87c7-404a-b4b3-000000000000}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{95EFB171-F3DF-4BEC-9EF7-829A800203E6}]
[HKEY_CLASSES_ROOT\SearchHook.SrchHook]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\WeLoveGames\tbWeLo.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-10-24 19:18 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\MyAshampoo\tbMyA0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-26 14:23 1385864 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\BS_Player\tbBS_0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
"{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\tbMyA0.dll" [2010-10-18 3908192]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_0.dll" [2010-10-18 3908192]
"{2B9B4AD6-BECB-4891-8D9D-6686487A0AA8}"= "c:\program files\WeLoveGames\tbWeLo.dll" [2010-11-29 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{2b9b4ad6-becb-4891-8d9d-6686487a0aa8}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-08-29 171464]
"FlashGet"="c:\program files\FlashGet Network\FlashGet universal\flashget.exe" [2008-08-19 1795656]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
"SOUNDMAN"="c:\windows\SOUNDMAN.EXE" [2003-08-15 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 57344]
"Gainward"="c:\windows\TBPanel.exe" [2003-06-16 2031616]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360]
"nwiz"="nwiz.exe" [2005-12-10 1519616]
"AGRSMMSG"="AGRSMMSG.exe" [2002-09-25 87751]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"MP10_EnsureFileVer"="c:\windows\inf\unregmp2.exe" [2008-04-14 208896]
"NvMediaCenter"="NvMCTray.dll" [2005-12-10 86016]
"FlashGet"="c:\program files\FlashGet Network\FlashGet universal\flashget.exe" [2008-08-19 1795656]
"OSSelectorReinstall"="c:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2005-12-27 1544099]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2008-07-16 1166216]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
[HKLM\~\startupfolder\C:^Documents and Settings^Blažek^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler.exe]
path=c:\documents and settings\Blažek\Nabídka Start\Programy\Po spuštění\PowerReg Scheduler.exe
backup=c:\windows\pss\PowerReg Scheduler.exeStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector Express\\PDX.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\MotoGP2\\motogp2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Mad Tracks Demo\\MadTracksDemo.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Stormregion\\S.W.I.N.E\\swine.exe"=
"c:\\Games\\Q3Ademo\\quake3.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\FlashGet Network\\FlashGet universal\\flashget.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"3587:TCP"= 3587:TCP:Skupiny sítě Peer-to-Peer
"3540:UDP"= 3540:UDP:Protokol PNRP (Peer Name Resolution Protocol)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2008 19:29 685816]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [21.10.2008 19:35 149376]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.11.2010 20:05 114768]
S1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [6.10.2009 17:10 114496]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.11.2010 20:05 20560]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 MapMem;MapMem;\??\d:\mapmem.sys --> d:\mapmem.sys [?]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [12.11.2010 18:22 9216]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [18.9.2010 13:24 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [18.9.2010 13:24 8320]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Obsah adresáře 'Naplánované úlohy'
2010-12-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 13:42]
2010-12-22 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-26 14:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.speedbit.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Crawler Search - tbr:iemenu
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Link to &MidpX - c:\program files\Kwyshell\MidpX\JadInvoker\Extent\jad_wrap.htm
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Blažek\Data aplikací\Mozilla\Firefox\Profiles\tavgdav9.default\
FF - prefs.js: browser.search.selectedEngine - Google.com (in English)
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: FastestFox: smarterwiki@wikiatic.com - %profile%\extensions\smarterwiki@wikiatic.com
FF - Ext: PermissionResearch: {32c1ae0f-a1ed-4128-b922-7e83a47d79b7} - %profile%\extensions\{32c1ae0f-a1ed-4128-b922-7e83a47d79b7}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
AddRemove-Defense Commander - c:\program files\Defense Commander\Uninst.isu
AddRemove-Downhill PAKOON! 2.Many Unlimited 2009 - c:\program files\metal oxide software\Downhill PAKOON! 2.Many Unlimited 2009\Uninst.isu
AddRemove-uflex2000 - c:\program files\Ultra FlexBall 2000\Uninst.isu
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-22 02:30
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(372)
c:\windows\system32\l3codecp.acm
c:\windows\system32\iac25_32.ax
c:\windows\system32\qmpeg.acm
.
Celkový čas: 2010-12-22 02:34:02
ComboFix-quarantined-files.txt 2010-12-22 01:33
Před spuštěním: 4 635 455 488
Po spuštění: 6 014 226 432
Current=4 Default=4 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - F2F4D01EA36F5EE5A63FCFFB596BEC1F
