Prosím o kontrolu.děkuji
Napsal: 03 čer 2011 07:59
Hezký den,
pc se mi zdá celkem zasekaný a pomalý.
Mohl bych poprosit o kontrolu?
Děkuji
ComboFix 11-06-02.02 - User 03.06.2011 8:26.7.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3582.2868 [GMT 2:00]
Spuštěný z: c:\documents and settings\User\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\User\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-03 do 2011-06-03 )))))))))))))))))))))))))))))))
.
.
2011-06-01 11:39 . 2011-06-01 11:39 3505152 ----a-w- c:\temp\driver_canon_m3403enx.exe
2011-05-27 13:55 . 2011-05-27 13:55 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\backburner
2011-05-27 09:52 . 2011-06-02 15:12 -------- d-----w- C:\_timeEdition 1.1.6
2011-05-26 12:51 . 2011-05-27 14:28 -------- d-----w- c:\documents and settings\All Users\3d-io
2011-05-26 12:51 . 2011-05-27 13:50 -------- d-----w- c:\program files\3d-io plugins
2011-05-26 11:51 . 2011-05-26 14:44 -------- d-----w- c:\documents and settings\User\Data aplikací\timeEdition
2011-05-25 11:48 . 2011-05-25 11:48 -------- d-----w- c:\program files\Common Files\ChaosGroup
2011-05-25 11:48 . 2011-05-25 11:48 -------- d-----w- c:\program files\Chaos Group
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\program files\Conduit
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\MyAshampoo
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\program files\MyAshampoo
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\Conduit
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\temp
2011-05-18 06:18 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-05-18 06:18 . 2011-05-18 06:18 -------- d-----w- c:\program files\Ashampoo
2011-05-17 06:23 . 2011-05-17 06:23 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:36 . 2009-12-03 04:00 2013696 ----a-w- c:\windows\system32\WibuKe32.cpl
2011-05-10 09:36 . 2009-12-03 04:00 344576 ----a-w- c:\windows\system32\wibuKJni.dll
2011-05-10 09:36 . 2009-12-03 04:00 333824 ----a-w- c:\windows\system32\WkExt32.dll
2011-05-10 09:36 . 2009-10-21 07:00 356352 ----a-w- c:\windows\system32\WibuXpm4J32.dll
2011-05-10 09:36 . 2000-10-18 01:00 57552 ----a-w- c:\windows\system32\WkDos.exe
2011-05-10 09:36 . 2006-11-09 04:20 16384 ----a-w- c:\windows\system32\drivers\Wibukey2.sys
2011-05-10 09:36 . 2009-12-03 04:00 78648 ----a-w- c:\windows\system32\drivers\WibuKey.sys
2011-05-10 09:36 . 2009-12-03 04:00 150528 ----a-w- c:\windows\system32\WkWin32.dll
2011-05-10 09:36 . 2006-03-06 04:10 54336 ----a-w- c:\windows\system\WkWin.dll
2011-05-10 09:36 . 2011-05-10 09:36 -------- d-----w- c:\program files\WIBUKEY
2011-05-10 09:36 . 2011-05-10 09:36 -------- d-----w- c:\program files\WIBU-SYSTEMS
2011-05-06 10:12 . 2011-05-06 10:12 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-06 10:12 . 2011-05-06 10:12 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-06 10:12 . 2011-05-06 10:12 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-06 10:12 . 2011-05-06 10:12 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-06 10:12 . 2011-05-06 10:12 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-06 10:12 . 2011-05-06 10:12 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-06 10:12 . 2011-05-06 10:12 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-06 10:12 . 2011-05-06 10:12 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-01 14:25 . 2008-12-12 13:24 2516 --sha-w- c:\documents and settings\All Users\Data aplikací\KGyGaAvL.sys
2011-03-07 05:33 . 2007-06-21 10:44 692736 ----a-w- c:\windows\system32\inetcomm.dll
2009-01-05 08:11 . 2009-01-05 08:11 728858 ----a-w- c:\program files\Common Files\unins000.exe
2008-03-09 06:25 . 2009-01-05 08:11 236 ---ha-w- c:\program files\Common Files\dx.reg
2008-02-14 13:23 . 2008-02-14 13:23 231944 ----a-w- c:\program files\gwflash.exe
2007-09-21 18:42 . 2007-09-21 18:42 19008 ----a-w- c:\program files\markfun.a64
2007-08-21 18:49 . 2007-08-21 18:49 125504 ----a-w- c:\program files\MarkFunDrv.dll
2007-08-21 18:49 . 2007-08-21 18:49 17912 ----a-w- c:\program files\markfun.w32
2007-04-04 17:35 . 2007-04-04 17:35 207680 ----a-w- c:\program files\updateutility.exe
2007-03-02 03:48 . 2007-03-02 03:48 240448 ----a-w- c:\program files\gwf32.exe
2006-11-23 22:47 . 2006-11-23 22:47 207680 ----a-w- c:\program files\BIOS_Run.exe
2006-11-23 22:40 . 2006-11-23 22:40 60224 ----a-w- c:\program files\HUADRV.DLL
2005-04-27 18:40 . 2005-04-27 18:40 6800 ----a-w- c:\program files\W95_HUA.vxd
2011-05-06 10:12 . 2011-05-06 10:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyAs.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 15:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2011-01-17 15:54 175912 ----a-w- c:\program files\MyAshampoo\prxtbMyAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyAs.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Ashampoo WinOptimizer Live-Tuner"="c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTuner.exe" [2011-05-12 2656128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Skype.lnk - c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Autodesk Licensing Service"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"SJelite3Launch"=c:\documents and settings\User\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Alcmtr"=ALCMTR.EXE
"RTHDCPL"=RTHDCPL.EXE
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"Adobe_ID0EZEHM"=c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"BDRegion"=c:\program files\Cyberlink\Shared Files\brs.exe
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe_ID0ENQBO"=c:\progra~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
"Adobe Acrobat Speed Launcher"="c:\program files\AdobeCS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\AdobeCS4\Acrobat 9.0\Acrobat\Acrotray.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"36X Raid Configurer"=c:\windows\system32\JMRaidSetup.exe boot
"JMB36X IDE Setup"=c:\windows\JM\JMInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"=
"c:\\Program Files\\gwflash.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Program Files\\GIGABYTE\\@BIOS\\update.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Chaos Group\\V-Ray\\RT for 3ds Max 2010 for x86\\bin\\vray.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"24654:UDP"= 24654:UDP:Enfocus Port
"20486:UDP"= 20486:UDP:Enfocus Port
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"3140:TCP"= 3140:TCP:IP-Clamp License Server
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 14:27 34312]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1.2.2008 18:24 41456]
R2 3d-io License Server v2.0;3d-io License Server v2.0;c:\program files\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [15.12.2009 12:55 34816]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [18.8.2008 14:25 468224]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor32.sys [18.5.2011 8:18 12696]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 16:05 1021256]
R2 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [18.5.2011 8:18 884608]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 IPClampService;IPCLAMP by cebas Computer GmbH;c:\progra~1\cebas\ip-clamp\ipclamp.exe [19.12.2008 16:17 45188]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [12.3.2009 17:36 86016]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.8.2008 5:46 284016]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS.exe [18.5.2011 8:18 406016]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [5.1.2009 10:38 23600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.12.2008 21:57 639224]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2009-04-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-06-03 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 14:12]
.
2011-06-03 c:\windows\Tasks\User_Feed_Synchronization-{34021D25-68A8-4F86-A273-F355F5A91184}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mWindow Title = fucker
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\office~1\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 81.19.0.67 81.19.10.34
FF - ProfilePath - c:\documents and settings\User\Data aplikací\Mozilla\Firefox\Profiles\p4wid1rt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: browser.tabs.tabMinWidth - 110
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-03 08:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (3) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Data aplikací\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"="Student Edition"
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000000
"ProductCode"="{1A3D8A23-3215-46B7-AB97-E304ADABFC18}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="3.0.672.0"
"UniqueId"="002CB909494142EF"
"ScannerBuild"=dword:00001075
"ScannerVersionId"=dword:00000ea5
"ScannerVersion"=""
"FixId"=dword:00000007
"ei2"=hex(b):0c,1d,8d,13,34,23,f6,60
"ei1"=hex(b):00,1d,7d,09,f6,1b,00,00
"ei3"=hex(b):8e,ff,86,4d,00,00,00,00
"ei4"=dword:00000005
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(956)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'explorer.exe'(3804)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-06-03 08:35:57
ComboFix-quarantined-files.txt 2011-06-03 06:35
.
Před spuštěním: Volných bajtů: 204 551 716 864
Po spuštění: Volných bajtů: 204 564 353 024
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 040389D52C686720C0679DCF1E60A50D
pc se mi zdá celkem zasekaný a pomalý.
Mohl bych poprosit o kontrolu?
Děkuji
ComboFix 11-06-02.02 - User 03.06.2011 8:26.7.4 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3582.2868 [GMT 2:00]
Spuštěný z: c:\documents and settings\User\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\User\WINDOWS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-05-03 do 2011-06-03 )))))))))))))))))))))))))))))))
.
.
2011-06-01 11:39 . 2011-06-01 11:39 3505152 ----a-w- c:\temp\driver_canon_m3403enx.exe
2011-05-27 13:55 . 2011-05-27 13:55 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\backburner
2011-05-27 09:52 . 2011-06-02 15:12 -------- d-----w- C:\_timeEdition 1.1.6
2011-05-26 12:51 . 2011-05-27 14:28 -------- d-----w- c:\documents and settings\All Users\3d-io
2011-05-26 12:51 . 2011-05-27 13:50 -------- d-----w- c:\program files\3d-io plugins
2011-05-26 11:51 . 2011-05-26 14:44 -------- d-----w- c:\documents and settings\User\Data aplikací\timeEdition
2011-05-25 11:48 . 2011-05-25 11:48 -------- d-----w- c:\program files\Common Files\ChaosGroup
2011-05-25 11:48 . 2011-05-25 11:48 -------- d-----w- c:\program files\Chaos Group
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\program files\Conduit
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\MyAshampoo
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\program files\MyAshampoo
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\Conduit
2011-05-18 06:19 . 2011-05-18 06:19 -------- d-----w- c:\documents and settings\User\Local Settings\Data aplikací\temp
2011-05-18 06:18 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-05-18 06:18 . 2011-05-18 06:18 -------- d-----w- c:\program files\Ashampoo
2011-05-17 06:23 . 2011-05-17 06:23 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:36 . 2009-12-03 04:00 2013696 ----a-w- c:\windows\system32\WibuKe32.cpl
2011-05-10 09:36 . 2009-12-03 04:00 344576 ----a-w- c:\windows\system32\wibuKJni.dll
2011-05-10 09:36 . 2009-12-03 04:00 333824 ----a-w- c:\windows\system32\WkExt32.dll
2011-05-10 09:36 . 2009-10-21 07:00 356352 ----a-w- c:\windows\system32\WibuXpm4J32.dll
2011-05-10 09:36 . 2000-10-18 01:00 57552 ----a-w- c:\windows\system32\WkDos.exe
2011-05-10 09:36 . 2006-11-09 04:20 16384 ----a-w- c:\windows\system32\drivers\Wibukey2.sys
2011-05-10 09:36 . 2009-12-03 04:00 78648 ----a-w- c:\windows\system32\drivers\WibuKey.sys
2011-05-10 09:36 . 2009-12-03 04:00 150528 ----a-w- c:\windows\system32\WkWin32.dll
2011-05-10 09:36 . 2006-03-06 04:10 54336 ----a-w- c:\windows\system\WkWin.dll
2011-05-10 09:36 . 2011-05-10 09:36 -------- d-----w- c:\program files\WIBUKEY
2011-05-10 09:36 . 2011-05-10 09:36 -------- d-----w- c:\program files\WIBU-SYSTEMS
2011-05-06 10:12 . 2011-05-06 10:12 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-06 10:12 . 2011-05-06 10:12 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-06 10:12 . 2011-05-06 10:12 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-06 10:12 . 2011-05-06 10:12 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-06 10:12 . 2011-05-06 10:12 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-06 10:12 . 2011-05-06 10:12 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-06 10:12 . 2011-05-06 10:12 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-06 10:12 . 2011-05-06 10:12 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-01 14:25 . 2008-12-12 13:24 2516 --sha-w- c:\documents and settings\All Users\Data aplikací\KGyGaAvL.sys
2011-03-07 05:33 . 2007-06-21 10:44 692736 ----a-w- c:\windows\system32\inetcomm.dll
2009-01-05 08:11 . 2009-01-05 08:11 728858 ----a-w- c:\program files\Common Files\unins000.exe
2008-03-09 06:25 . 2009-01-05 08:11 236 ---ha-w- c:\program files\Common Files\dx.reg
2008-02-14 13:23 . 2008-02-14 13:23 231944 ----a-w- c:\program files\gwflash.exe
2007-09-21 18:42 . 2007-09-21 18:42 19008 ----a-w- c:\program files\markfun.a64
2007-08-21 18:49 . 2007-08-21 18:49 125504 ----a-w- c:\program files\MarkFunDrv.dll
2007-08-21 18:49 . 2007-08-21 18:49 17912 ----a-w- c:\program files\markfun.w32
2007-04-04 17:35 . 2007-04-04 17:35 207680 ----a-w- c:\program files\updateutility.exe
2007-03-02 03:48 . 2007-03-02 03:48 240448 ----a-w- c:\program files\gwf32.exe
2006-11-23 22:47 . 2006-11-23 22:47 207680 ----a-w- c:\program files\BIOS_Run.exe
2006-11-23 22:40 . 2006-11-23 22:40 60224 ----a-w- c:\program files\HUADRV.DLL
2005-04-27 18:40 . 2005-04-27 18:40 6800 ----a-w- c:\program files\W95_HUA.vxd
2011-05-06 10:12 . 2011-05-06 10:12 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyAs.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 15:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
2011-01-17 15:54 175912 ----a-w- c:\program files\MyAshampoo\prxtbMyAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\prxtbMyAs.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Ashampoo WinOptimizer Live-Tuner"="c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTuner.exe" [2011-05-12 2656128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Skype.lnk - c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Autodesk Licensing Service"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"SJelite3Launch"=c:\documents and settings\User\Data aplikací\Transcend\SJelite3\SJelite3Launch.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Alcmtr"=ALCMTR.EXE
"RTHDCPL"=RTHDCPL.EXE
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"Adobe_ID0EZEHM"=c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"BDRegion"=c:\program files\Cyberlink\Shared Files\brs.exe
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe"
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe"
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe_ID0ENQBO"=c:\progra~1\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
"Adobe Acrobat Speed Launcher"="c:\program files\AdobeCS4\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files\AdobeCS4\Acrobat 9.0\Acrobat\Acrotray.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"36X Raid Configurer"=c:\windows\system32\JMRaidSetup.exe boot
"JMB36X IDE Setup"=c:\windows\JM\JMInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\GIGABYTE\\@BIOS\\gwflash.exe"=
"c:\\Program Files\\gwflash.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"c:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\3dsmax.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32server.exe"=
"c:\\Program Files\\Autodesk\\3ds Max 2010\\mentalray\\satellite\\raysat_3dsmax2010_32.exe"=
"c:\\Program Files\\GIGABYTE\\@BIOS\\update.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Chaos Group\\V-Ray\\RT for 3ds Max 2010 for x86\\bin\\vray.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server
"24654:UDP"= 24654:UDP:Enfocus Port
"20486:UDP"= 20486:UDP:Enfocus Port
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server
"3140:TCP"= 3140:TCP:IP-Clamp License Server
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 14:27 34312]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1.2.2008 18:24 41456]
R2 3d-io License Server v2.0;3d-io License Server v2.0;c:\program files\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [15.12.2009 12:55 34816]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [18.8.2008 14:25 468224]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor32.sys [18.5.2011 8:18 12696]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 16:05 1021256]
R2 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [18.5.2011 8:18 884608]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S2 IPClampService;IPCLAMP by cebas Computer GmbH;c:\progra~1\cebas\ip-clamp\ipclamp.exe [19.12.2008 16:17 45188]
S2 mi-raysat_3dsmax2010_32;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 32-bit 32-bit;c:\program files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [12.3.2009 17:36 86016]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.8.2008 5:46 284016]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\DfSdkS.exe [18.5.2011 8:18 406016]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [5.1.2009 10:38 23600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4.12.2008 21:57 639224]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2009-04-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-06-03 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 14:12]
.
2011-06-03 c:\windows\Tasks\User_Feed_Synchronization-{34021D25-68A8-4F86-A273-F355F5A91184}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
mWindow Title = fucker
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\office~1\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 81.19.0.67 81.19.10.34
FF - ProfilePath - c:\documents and settings\User\Data aplikací\Mozilla\Firefox\Profiles\p4wid1rt.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.grafika.cz
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: browser.tabs.tabMinWidth - 110
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-V-Ray for 3dsmax 2010 for x86 - c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\wininstaller.exe-uninstall=c:\program files\Chaos Group\V-Ray\3dsmax 2010 for x86\uninstall\install.log
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-03 08:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (3) (LocalSystem)
"AppDataDir"="c:\\Documents and Settings\\All Users\\Data aplikací\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"="Student Edition"
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000000
"ProductCode"="{1A3D8A23-3215-46B7-AB97-E304ADABFC18}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="3.0.672.0"
"UniqueId"="002CB909494142EF"
"ScannerBuild"=dword:00001075
"ScannerVersionId"=dword:00000ea5
"ScannerVersion"=""
"FixId"=dword:00000007
"ei2"=hex(b):0c,1d,8d,13,34,23,f6,60
"ei1"=hex(b):00,1d,7d,09,f6,1b,00,00
"ei3"=hex(b):8e,ff,86,4d,00,00,00,00
"ei4"=dword:00000005
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(956)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
- - - - - - - > 'explorer.exe'(3804)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-06-03 08:35:57
ComboFix-quarantined-files.txt 2011-06-03 06:35
.
Před spuštěním: Volných bajtů: 204 551 716 864
Po spuštění: Volných bajtů: 204 564 353 024
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 040389D52C686720C0679DCF1E60A50D