ComboFix 11-03-19.04 - Zdenek Svoboda 20.03.2011 19:06:53.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1029.18.2045.1275 [GMT 1:00]
Running from: c:\users\Zdenek Svoboda\Desktop\ComboFix.exe
Command switches used :: c:\users\Zdenek Svoboda\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Anti Trojan Elite
c:\program files\Anti Trojan Elite\ATEPMON.sys
c:\program files\Anti Trojan Elite\borlndmm.DLL
c:\program files\Anti Trojan Elite\cc3260mt.dll
c:\program files\Anti Trojan Elite\Help\enManual.CHM
c:\program files\Anti Trojan Elite\Help\gbManual.CHM
c:\program files\Anti Trojan Elite\Helper.DLL
c:\program files\Anti Trojan Elite\helper.exe
c:\program files\Anti Trojan Elite\helper2.dll
c:\program files\Anti Trojan Elite\languages\eng.lgu
c:\program files\Anti Trojan Elite\languages\chs.lgu
c:\program files\Anti Trojan Elite\languages\CHT.LGU
c:\program files\Anti Trojan Elite\languages\pol.lgu
c:\program files\Anti Trojan Elite\languages\rus.lgu
c:\program files\Anti Trojan Elite\Lib1.TEL
c:\program files\Anti Trojan Elite\Lib10.TEL
c:\program files\Anti Trojan Elite\Lib11.TEL
c:\program files\Anti Trojan Elite\Lib12.TEL
c:\program files\Anti Trojan Elite\Lib13.TEL
c:\program files\Anti Trojan Elite\Lib14.TEL
c:\program files\Anti Trojan Elite\Lib15.TEL
c:\program files\Anti Trojan Elite\Lib16.TEL
c:\program files\Anti Trojan Elite\Lib17.TEL
c:\program files\Anti Trojan Elite\Lib18.TEL
c:\program files\Anti Trojan Elite\Lib19.TEL
c:\program files\Anti Trojan Elite\Lib2.TEL
c:\program files\Anti Trojan Elite\Lib20.TEL
c:\program files\Anti Trojan Elite\Lib21.TEL
c:\program files\Anti Trojan Elite\Lib22.TEL
c:\program files\Anti Trojan Elite\Lib23.TEL
c:\program files\Anti Trojan Elite\Lib24.TEL
c:\program files\Anti Trojan Elite\Lib25.TEL
c:\program files\Anti Trojan Elite\Lib26.TEL
c:\program files\Anti Trojan Elite\Lib27.TEL
c:\program files\Anti Trojan Elite\Lib28.TEL
c:\program files\Anti Trojan Elite\Lib29.TEL
c:\program files\Anti Trojan Elite\Lib3.TEL
c:\program files\Anti Trojan Elite\Lib30.TEL
c:\program files\Anti Trojan Elite\Lib31.TEL
c:\program files\Anti Trojan Elite\Lib32.TEL
c:\program files\Anti Trojan Elite\Lib33.TEL
c:\program files\Anti Trojan Elite\Lib34.TEL
c:\program files\Anti Trojan Elite\Lib35.TEL
c:\program files\Anti Trojan Elite\Lib36.TEL
c:\program files\Anti Trojan Elite\Lib37.TEL
c:\program files\Anti Trojan Elite\Lib38.TEL
c:\program files\Anti Trojan Elite\Lib39.TEL
c:\program files\Anti Trojan Elite\Lib4.TEL
c:\program files\Anti Trojan Elite\Lib40.TEL
c:\program files\Anti Trojan Elite\Lib41.TEL
c:\program files\Anti Trojan Elite\Lib42.TEL
c:\program files\Anti Trojan Elite\Lib43.TEL
c:\program files\Anti Trojan Elite\Lib44.TEL
c:\program files\Anti Trojan Elite\Lib45.TEL
c:\program files\Anti Trojan Elite\Lib46.TEL
c:\program files\Anti Trojan Elite\Lib47.TEL
c:\program files\Anti Trojan Elite\Lib48.TEL
c:\program files\Anti Trojan Elite\Lib49.TEL
c:\program files\Anti Trojan Elite\Lib5.TEL
c:\program files\Anti Trojan Elite\Lib50.TEL
c:\program files\Anti Trojan Elite\Lib51.TEL
c:\program files\Anti Trojan Elite\Lib52.TEL
c:\program files\Anti Trojan Elite\Lib53.TEL
c:\program files\Anti Trojan Elite\Lib54.TEL
c:\program files\Anti Trojan Elite\Lib55.TEL
c:\program files\Anti Trojan Elite\Lib56.TEL
c:\program files\Anti Trojan Elite\Lib57.TEL
c:\program files\Anti Trojan Elite\Lib58.TEL
c:\program files\Anti Trojan Elite\Lib59.TEL
c:\program files\Anti Trojan Elite\Lib6.TEL
c:\program files\Anti Trojan Elite\Lib60.TEL
c:\program files\Anti Trojan Elite\Lib61.TEL
c:\program files\Anti Trojan Elite\Lib62.TEL
c:\program files\Anti Trojan Elite\Lib63.TEL
c:\program files\Anti Trojan Elite\Lib64.TEL
c:\program files\Anti Trojan Elite\Lib65.TEL
c:\program files\Anti Trojan Elite\Lib66.TEL
c:\program files\Anti Trojan Elite\Lib67.TEL
c:\program files\Anti Trojan Elite\Lib68.TEL
c:\program files\Anti Trojan Elite\Lib69.TEL
c:\program files\Anti Trojan Elite\Lib7.TEL
c:\program files\Anti Trojan Elite\Lib70.TEL
c:\program files\Anti Trojan Elite\Lib71.TEL
c:\program files\Anti Trojan Elite\Lib72.TEL
c:\program files\Anti Trojan Elite\Lib73.TEL
c:\program files\Anti Trojan Elite\Lib74.TEL
c:\program files\Anti Trojan Elite\Lib75.TEL
c:\program files\Anti Trojan Elite\Lib76.TEL
c:\program files\Anti Trojan Elite\Lib77.TEL
c:\program files\Anti Trojan Elite\Lib78.TEL
c:\program files\Anti Trojan Elite\Lib79.TEL
c:\program files\Anti Trojan Elite\Lib8.TEL
c:\program files\Anti Trojan Elite\Lib80.TEL
c:\program files\Anti Trojan Elite\Lib81.TEL
c:\program files\Anti Trojan Elite\Lib82.TEL
c:\program files\Anti Trojan Elite\Lib83.TEL
c:\program files\Anti Trojan Elite\Lib84.TEL
c:\program files\Anti Trojan Elite\Lib85.TEL
c:\program files\Anti Trojan Elite\Lib86.TEL
c:\program files\Anti Trojan Elite\Lib87.TEL
c:\program files\Anti Trojan Elite\Lib88.TEL
c:\program files\Anti Trojan Elite\Lib89.TEL
c:\program files\Anti Trojan Elite\Lib9.TEL
c:\program files\Anti Trojan Elite\Lib90.TEL
c:\program files\Anti Trojan Elite\Lib91.TEL
c:\program files\Anti Trojan Elite\Lib92.TEL
c:\program files\Anti Trojan Elite\Lib93.TEL
c:\program files\Anti Trojan Elite\Lib94.TEL
c:\program files\Anti Trojan Elite\Lib95.TEL
c:\program files\Anti Trojan Elite\Lib96.TEL
c:\program files\Anti Trojan Elite\Lib97.TEL
c:\program files\Anti Trojan Elite\Lib98.TEL
c:\program files\Anti Trojan Elite\Lib99.TEL
c:\program files\Anti Trojan Elite\LibBase.TEL
c:\program files\Anti Trojan Elite\MFC42D.DLL
c:\program files\Anti Trojan Elite\MLGU.DLL
c:\program files\Anti Trojan Elite\MSVCRTD.DLL
c:\program files\Anti Trojan Elite\regpage\images\5GoldDisk-Award-small.gif
c:\program files\Anti Trojan Elite\regpage\images\Art_ATE.gif
c:\program files\Anti Trojan Elite\regpage\images\order.gif
c:\program files\Anti Trojan Elite\regpage\images\reg2.gif
c:\program files\Anti Trojan Elite\regpage\images\sofotex5.gif
c:\program files\Anti Trojan Elite\regpage\images\softforall5stars.gif
c:\program files\Anti Trojan Elite\regpage\images\sr5pt1.gif
c:\program files\Anti Trojan Elite\regpage\reg_big5.htm
c:\program files\Anti Trojan Elite\regpage\reg_cngb.htm
c:\program files\Anti Trojan Elite\regpage\reg_eng.htm
c:\program files\Anti Trojan Elite\SysLoader.dll
c:\program files\Anti Trojan Elite\TERegPct.exe
c:\program files\Anti Trojan Elite\TESysDll.dll
c:\program files\Anti Trojan Elite\TJEnder.exe
c:\program files\Anti Trojan Elite\trojanscan.dll
c:\program files\Anti Trojan Elite\unins000.dat
c:\program files\Anti Trojan Elite\unins000.exe
c:\program files\Anti Trojan Elite\unrar.Dll
c:\program files\Anti Trojan Elite\unrarscan.Dll
c:\program files\Anti Trojan Elite\update.exe
c:\program files\Anti Trojan Elite\update_local.ini
c:\program files\Anti Trojan Elite\updateserver.dat
c:\program files\GridinSoft Trojan Killer
c:\program files\GridinSoft Trojan Killer\acprotect.z
c:\program files\GridinSoft Trojan Killer\activex.a
c:\program files\GridinSoft Trojan Killer\amd.c
c:\program files\GridinSoft Trojan Killer\armadillo.z
c:\program files\GridinSoft Trojan Killer\ascrypt.z
c:\program files\GridinSoft Trojan Killer\asmd.c
c:\program files\GridinSoft Trojan Killer\aspack.z
c:\program files\GridinSoft Trojan Killer\aspr.z
c:\program files\GridinSoft Trojan Killer\bho.a
c:\program files\GridinSoft Trojan Killer\english.lng
c:\program files\GridinSoft Trojan Killer\execrypt.z
c:\program files\GridinSoft Trojan Killer\heur.b
c:\program files\GridinSoft Trojan Killer\ieb.a
c:\program files\GridinSoft Trojan Killer\logs\scan-2011-03-19 [21-50-34].log
c:\program files\GridinSoft Trojan Killer\md.c
c:\program files\GridinSoft Trojan Killer\mew.z
c:\program files\GridinSoft Trojan Killer\mslrh.z
c:\program files\GridinSoft Trojan Killer\naco.c
c:\program files\GridinSoft Trojan Killer\npack.z
c:\program files\GridinSoft Trojan Killer\pk.z
c:\program files\GridinSoft Trojan Killer\pl.a
c:\program files\GridinSoft Trojan Killer\ps.z
c:\program files\GridinSoft Trojan Killer\psign.z
c:\program files\GridinSoft Trojan Killer\rico.c
c:\program files\GridinSoft Trojan Killer\rlpack.z
c:\program files\GridinSoft Trojan Killer\service.a
c:\program files\GridinSoft Trojan Killer\sesi.a
c:\program files\GridinSoft Trojan Killer\smd.c
c:\program files\GridinSoft Trojan Killer\spl.a
c:\program files\GridinSoft Trojan Killer\startup.a
c:\program files\GridinSoft Trojan Killer\swl.c
c:\program files\GridinSoft Trojan Killer\SystemImage.exe
c:\program files\GridinSoft Trojan Killer\trojankiller.exe
c:\program files\GridinSoft Trojan Killer\trojanKiller.chm
c:\program files\GridinSoft Trojan Killer\unins000.dat
c:\program files\GridinSoft Trojan Killer\unins000.exe
c:\program files\GridinSoft Trojan Killer\upack.z
c:\program files\GridinSoft Trojan Killer\upx.z
c:\program files\GridinSoft Trojan Killer\vs.c
c:\program files\GridinSoft Trojan Killer\wl.c
c:\program files\GridinSoft Trojan Killer\xpack.z
c:\program files\GridinSoft Trojan Killer\yoda.z
c:\program files\TNod User & Password Finder
c:\program files\TNod User & Password Finder\CREDITOS.txt
c:\program files\TNod User & Password Finder\LEEME.txt
c:\program files\TNod User & Password Finder\tnodicons.icl
c:\program files\TNod User & Password Finder\TNODUP.exe
c:\program files\TNod User & Password Finder\uninst-tnod.exe
c:\programdata\d2e130
c:\programdata\d2e130\BMd2e_2033.exe
c:\programdata\d2e130\BMP.ico
c:\programdata\d2e130\d2e13059489e51e418fd2b8530b94468.ocx
c:\programdata\d2e130\f264ae4204fe13dfa2eebe26313909d7.ocx
c:\programdata\d2e130\mozcrt19.dll
c:\programdata\d2e130\sqlite3.dll
c:\programdata\d2e130\x6jxvvtm9lkv7tm9q0vjqsng.dll
c:\users\Zdenek Svoboda\AppData\Roaming\Best Malware Protection
c:\users\Zdenek Svoboda\AppData\Roaming\Best Malware Protection\cookies.sqlite
c:\users\Zdenek Svoboda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Best Malware Protection.lnk
c:\users\Zdenek Svoboda\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv
c:\users\Zdenek Svoboda\AppData\Roaming\Microsoft\Windows\Recent\tjd.dll
c:\users\Zdenek Svoboda\AppData\Roaming\Microsoft\Windows\Start Menu\Best Malware Protection.lnk
c:\users\Zdenek Svoboda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Malware Protection.lnk
c:\users\Zdenek Svoboda\Desktop\Best Malware Protection.lnk
.
.
((((((((((((((((((((((((( Files Created from 2011-02-20 to 2011-03-20 )))))))))))))))))))))))))))))))
.
.
2011-03-20 18:13 . 2011-03-20 18:14 -------- d-----w- c:\users\Zdenek Svoboda\AppData\Local\temp
2011-03-20 16:16 . 2011-03-20 16:16 -------- d-----w- C:\rsit
2011-03-20 16:16 . 2011-03-20 16:16 -------- d-----w- c:\program files\trend micro
2011-03-20 09:14 . 2011-03-20 09:15 -------- d-----w- c:\program files\CCleaner
2011-03-20 00:34 . 2010-07-16 13:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2011-03-20 00:34 . 2010-07-16 13:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
2011-03-20 00:34 . 2011-01-17 08:10 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-03-20 00:34 . 2010-12-16 07:38 103232 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-03-20 00:34 . 2010-12-10 15:57 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-03-20 00:34 . 2010-12-10 12:24 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-03-20 00:34 . 2010-12-16 07:46 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-03-20 00:34 . 2011-03-20 00:36 -------- d-----w- c:\program files\PC Tools Security
2011-03-20 00:34 . 2011-03-20 00:34 -------- d-----w- c:\program files\Common Files\PC Tools
2011-03-20 00:34 . 2011-03-20 00:34 -------- d-----w- c:\users\Zdenek Svoboda\AppData\Roaming\PC Tools
2011-03-20 00:28 . 2011-03-20 00:34 -------- d-----w- c:\programdata\PC Tools
2011-03-20 00:17 . 2011-03-20 00:17 -------- d-----w- c:\users\Zdenek Svoboda\AppData\Roaming\Malwarebytes
2011-03-20 00:17 . 2010-03-29 14:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-20 00:17 . 2011-03-20 09:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-20 00:17 . 2011-03-20 00:17 -------- d-----w- c:\programdata\Malwarebytes
2011-03-20 00:17 . 2010-03-29 14:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-20 00:06 . 2011-03-20 00:06 -------- d-----w- c:\program files\Loaris
2011-03-19 18:47 . 2011-03-19 18:47 -------- d-sh--w- c:\programdata\BMEAGP
2011-03-18 14:36 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F57B36BF-2F5E-4303-A4AA-440D6D300250}\mpengine.dll
2011-03-09 18:09 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 18:09 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 18:09 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-09 18:09 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 18:09 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 18:09 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-07 13:32 . 2011-03-07 13:32 -------- d-----w- c:\program files\Common Files\Skype
2011-02-26 14:59 . 2011-03-19 19:10 -------- d-----w- c:\program files\Zrychleni Pocitace
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-10 17:16 . 2011-02-10 17:15 94119 ----a-w- c:\windows\FreeOCR.net Uninstaller.exe
2011-02-02 16:11 . 2009-10-11 10:11 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-02-09 15:19 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 15:18 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 15:18 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 15:18 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 15:18 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 15:18 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 15:18 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 15:18 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 15:18 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 15:18 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 15:18 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 15:18 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 15:18 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 15:19 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 15:19 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 15:18 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 15:18 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 15:19 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24 . 2011-02-09 15:19 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 15:19 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 15:19 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 15:19 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 15:19 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 15:19 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 15:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 15:19 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44 . 2011-02-09 15:19 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44 . 2011-02-09 15:19 797184 ----a-w- c:\windows\system32\FntCache.dll
2011-01-08 08:47 . 2011-02-09 15:17 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 15:17 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:57 . 2011-02-09 15:19 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 11:22 413696 ----a-w- c:\windows\system32\odbc32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-09-03 3220912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-12-27 618496]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-11 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-11 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-11 81920]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-11-02 2508104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 2 (0x2)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-12-10 239168]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2010-07-16 338880]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2010-07-16 656320]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-06-02 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 SMSCIRDA;Ovladac zarízení s infracerveným prenosem SMSC;c:\windows\system32\DRIVERS\SMSCirda.sys [2006-11-02 30720]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-20 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 14:35]
.
.
------- Supplementary Scan -------
.
IE: Prevést cíl vazby do Adobe PDF
IE: Prevést do Adobe PDF
IE: Pripojit cíl vazby k existujícímu PDF
IE: Pripojit k existujícímu PDF
IE: Pøevést cíl vazby do Adobe PDF
IE: Pøevést do Adobe PDF
IE: Pøipojit cíl vazby k existujícímu PDF
IE: Pøipojit k existujícímu PDF
IE: Prevést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pripojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Pripojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: {44D10E67-926C-4869-80AA-CA73FF124089} = 4.2.2.2,4.2.2.3
FF - ProfilePath - c:\users\Zdenek Svoboda\AppData\Roaming\Mozilla\Firefox\Profiles\k0c5u9m4.default\
FF - prefs.js: browser.startup.homepage - hxxp://
www.google.com
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - Ext: IDM CC:
mozilla_cc@internetdownloadmanager.com - c:\users\Zdenek Svoboda\AppData\Roaming\IDM\idmmzcc3
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: Firebug:
firebug@software.joehewitt.com - %profile%\extensions\
firebug@software.joehewitt.com
FF - Ext: Web Developer: {c45c406e-ab73-11d8-be73-000a95be3b12} - %profile%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Anti Trojan Elite_is1 - c:\program files\Anti Trojan Elite\unins000.exe
AddRemove-TNod - c:\program files\TNod User & Password Finder\uninst-TNod.exe
AddRemove-{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1 - c:\program files\GridinSoft Trojan Killer\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-03-20 19:15
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\program files\Launch Manager\LManager.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-03-20 19:19:50 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-20 18:19
ComboFix2.txt 2011-03-20 17:26
.
Pre-Run: 7 488 520 192
Post-Run: 7 259 193 344
.
- - End Of File - - D481A3B48B27A4FF68FC1CBC78E6A8A1
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)
