Prosím kontrolu logu Combofix notebooku
Napsal: 02 dub 2009 16:36
občas se mi hroutí aplikace i hry naposled i ntldr soubor, takže jsem noteboook oživoval vším možným až se rozjel, hroucení přetrvavá sestava hp 8284 1.83Ghzcentr. duo ,256 samostat graf, 4 G paměti, při zhroucení aplikace mě ramka jde na 3.6 -3,8 Gb
ComboFix 09-04-01.01 - albinfrost 2009-04-02 17:18:02.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.3070.2589 [GMT 2:00]
Spuštěný z: d:\a_internet\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
FW: ESET personal firewall *disabled*
* Vytvořen nový Bod Obnovení
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\e100bmsg.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-02 do 2009-04-02 )))))))))))))))))))))))))))))))
.
2009-04-02 17:19 . 2009-04-02 17:19 53,248 --a------ c:\temp\catchme.dll
2009-04-02 17:18 . 2009-04-02 17:18 <DIR> d-------- c:\temp\WPDNSE
2009-04-02 15:44 . 2009-04-02 15:44 <DIR> d-------- c:\windows\Sun
2009-04-01 18:33 . 2008-12-21 18:04 26,154 --a------ c:\windows\system32\oemlogo.bmp
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\program files\NVIDIA Corporation
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\program files\Extras
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2009-04-01 18:30 . 2006-03-01 05:21 1,263,616 --a------ c:\windows\system32\Aurora.scr
2009-04-01 18:30 . 2006-03-01 04:53 773,120 --a------ c:\windows\system32\Bubbles.scr
2009-04-01 18:30 . 2005-12-11 01:53 720,412 --a------ c:\windows\system32\MGB_Scrn.scr
2009-04-01 18:30 . 2006-03-29 08:50 671,744 --a------ c:\windows\system32\DolbyHph.dll
2009-04-01 18:30 . 2006-12-11 01:15 498,176 --a------ c:\windows\system32\vLogon.scr
2009-04-01 18:30 . 2006-03-01 05:21 117,248 --a------ c:\windows\system32\Ribbons.scr
2009-04-01 18:30 . 2006-03-03 14:42 117,248 --a------ c:\windows\system32\Mystify.scr
2009-04-01 18:30 . 2006-03-29 08:51 60,416 --a------ c:\windows\system32\DSETUP.dll
2009-04-01 18:30 . 2006-03-29 08:49 9,856 --a------ c:\windows\system32\drivers\pfc.sys
2009-04-01 18:30 . 2006-05-05 19:21 4,608 --a------ c:\windows\system32\drivers\nvport.sys
2009-04-01 18:29 . 2009-04-01 18:29 <DIR> d-------- c:\program files\Java
2009-04-01 18:29 . 2009-04-01 18:29 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-01 18:29 . 2009-04-01 18:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-01 18:28 . 2009-04-01 18:28 <DIR> d-------- c:\windows\system32\XPSViewer
2009-04-01 18:28 . 2009-04-01 18:28 <DIR> d-------- c:\program files\Reference Assemblies
2009-04-01 18:28 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-04-01 18:23 . 2009-04-01 18:24 <DIR> d-------- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-02 15:18 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\DMCache
2009-04-02 14:56 --------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2009-04-02 14:51 --------- d-----w c:\program files\Spyware Doctor
2009-04-02 14:26 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\uTorrent
2009-04-01 16:30 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-01 15:16 --------- d-----w c:\program files\Common Files\Ahead
2009-04-01 15:16 --------- d-----w c:\program files\Common Files\Adobe
2009-04-01 15:16 --------- d-----w c:\program files\Broadcom
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\TechSmith
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\PC Tools
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Office Genuine Advantage
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\nView_Profiles
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\NVIDIA
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Nero
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Ahead
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\URSoft
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Thunderbird
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Talkback
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\PC Tools
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\InstallShield
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\IDM
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\ICQ
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\gtk-2.0
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\FastStone
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\ESET
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Convivea
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Ahead
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\dllcache\win32k.sys
2009-02-04 04:45 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-16 20:30 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-13 22:43 491,520 ----a-w c:\windows\WebIE.dll
2009-01-13 22:43 45,056 ----a-w c:\windows\TRNOEH.DLL
2009-01-13 22:43 356,352 ----a-w c:\windows\TrnOutl.dll
2009-01-13 22:43 294,912 ----a-w c:\windows\TrnWord.dll
2009-01-13 22:43 26,624 ----a-w c:\windows\OETRN.EXE
2009-01-13 22:43 200,704 ----a-w c:\windows\TRNOET.DLL
2009-01-13 21:15 6,728,192 ----a-w c:\windows\system32\logonuiX.exe
.
------- Sigcheck -------
2008-04-14 08:52 14336 be4a520e29b6391f49e79ccc52044d93 c:\windows\system32\svchost.exe
2008-04-14 08:52 14336 be4a520e29b6391f49e79ccc52044d93 c:\windows\system32\dllcache\svchost.exe
2008-04-14 08:52 578560 e16e0990967374e76f3e40cacafd3d53 c:\windows\system32\user32.dll
2008-04-14 08:52 578560 e16e0990967374e76f3e40cacafd3d53 c:\windows\system32\dllcache\user32.dll
2008-04-14 08:52 82432 951d473917c51f21496d914cf6e5ddd1 c:\windows\system32\ws2_32.dll
2008-04-14 08:52 82432 951d473917c51f21496d914cf6e5ddd1 c:\windows\system32\dllcache\ws2_32.dll
2008-04-14 08:52 667136 3fe5e65a7ed9ec98aee9167ca07812d3 c:\windows\ie7\wininet.dll
2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\ie7updates\KB956390-IE7\wininet.dll
2008-08-26 10:27 826368 0930f57122ff74739e3684d0016877f1 c:\windows\ie7updates\KB958215-IE7\wininet.dll
2008-10-16 22:33 826368 84801e4617b5afb065dd58438850587d c:\windows\ie7updates\KB961260-IE7\wininet.dll
2008-10-16 22:33 826368 84801e4617b5afb065dd58438850587d c:\windows\SoftwareDistribution\Download\2cf2d98cbc4be029ee9881f0a8b57a97\SP2GDR\wininet.dll
2008-10-16 21:49 827904 a72d6cc0f715d415003478294c4ecb2a c:\windows\SoftwareDistribution\Download\2cf2d98cbc4be029ee9881f0a8b57a97\SP2QFE\wininet.dll
2008-10-16 12:39 660480 20275ea77612128219308d1bfac3f7ab c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP2GDR\wininet.dll
2008-10-16 12:36 668672 dc068c9c851b3f601d91bfa93e053993 c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP2QFE\wininet.dll
2008-10-16 03:03 667136 8e7de90524f7dd5db33cc38ad9a1b0b4 c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP3GDR\wininet.dll
2008-10-16 03:06 668160 370940e124256d20de4ca7e51377335c c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP3QFE\wininet.dll
2008-08-26 10:27 826368 0930f57122ff74739e3684d0016877f1 c:\windows\SoftwareDistribution\Download\b036fb87dc9cfdb88c64df1ddd121b4f\SP2GDR\wininet.dll
2008-08-26 11:12 827904 a74381b8d7024b2d8bb5691a93f825b8 c:\windows\SoftwareDistribution\Download\b036fb87dc9cfdb88c64df1ddd121b4f\SP2QFE\wininet.dll
2008-12-21 01:03 826368 793da751c812efc3c6786bbd3b8489a8 c:\windows\system32\wininet.dll
2008-12-21 01:03 826368 793da751c812efc3c6786bbd3b8489a8 c:\windows\system32\dllcache\wininet.dll
2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\system32\dllcache\tcpip.sys
2008-06-20 13:51 361600 cbeebeb899e31ef52b962cb31fc8ca5c c:\windows\system32\drivers\tcpip.sys
2008-04-14 08:52 507904 cddb1f8e1aea356f3ad106f2cf9b7fea c:\windows\system32\winlogon.exe
2008-04-14 08:52 507904 cddb1f8e1aea356f3ad106f2cf9b7fea c:\windows\system32\dllcache\winlogon.exe
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\system32\dllcache\ip6fw.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\system32\drivers\ip6fw.sys
2008-08-14 15:26 2068224 09cd607918c3f5600d8a111155f62ca6 c:\windows\Driver Cache\i386\ntkrnlpa.exe
2008-08-14 15:26 2025984 6045c7424106cca4c9970c7230bd6253 c:\windows\system32\ntkrnlpa.exe
2008-08-14 15:26 2068224 09cd607918c3f5600d8a111155f62ca6 c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 15:26 2191360 91f18ab1e9acbf6e27a5545a8f57c89b c:\windows\Driver Cache\i386\ntoskrnl.exe
2008-08-14 15:26 2147328 ffeb7726951f6d2859df12fbc51f0188 c:\windows\system32\ntoskrnl.exe
2008-08-14 15:26 2191360 91f18ab1e9acbf6e27a5545a8f57c89b c:\windows\system32\dllcache\ntoskrnl.exe
2008-04-14 08:52 1034240 27afd587c462e280ee046b8cca3c2cd1 c:\windows\explorer.exe
2008-04-14 08:52 1034240 27afd587c462e280ee046b8cca3c2cd1 c:\windows\system32\dllcache\explorer.exe
2008-04-14 08:52 108544 f0d2ae69035092bf22dad6b50fab85c2 c:\windows\system32\services.exe
2008-04-14 08:52 108544 f0d2ae69035092bf22dad6b50fab85c2 c:\windows\system32\dllcache\services.exe
2008-04-14 08:52 13312 ed0a176354487ceed65b80a7148ab739 c:\windows\system32\lsass.exe
2008-04-14 08:52 13312 ed0a176354487ceed65b80a7148ab739 c:\windows\system32\dllcache\lsass.exe
2008-04-14 08:52 15360 a756b8f0f7bafba6dfe39f7d169f2519 c:\windows\system32\ctfmon.exe
2008-04-14 08:52 15360 a756b8f0f7bafba6dfe39f7d169f2519 c:\windows\system32\dllcache\ctfmon.exe
2008-04-14 08:52 57856 cb1090bca0e7b40d0b5b4e4d66531809 c:\windows\system32\spoolsv.exe
2008-04-14 08:52 57856 cb1090bca0e7b40d0b5b4e4d66531809 c:\windows\system32\dllcache\spoolsv.exe
2008-04-14 08:52 26112 7dc1830f22e7d275b438127b68030239 c:\windows\system32\userinit.exe
2008-04-14 08:52 26112 7dc1830f22e7d275b438127b68030239 c:\windows\system32\dllcache\userinit.exe
2008-04-14 08:52 295936 a75dd6fc3dbee4fff5ebc9f2c28bb66e c:\windows\system32\termsrv.dll
2008-04-14 08:52 295936 a75dd6fc3dbee4fff5ebc9f2c28bb66e c:\windows\system32\dllcache\termsrv.dll
2008-04-14 08:51 988160 fd91cd95a1c663df54dd371cc8a234de c:\windows\system32\kernel32.dll
2008-04-14 08:51 988160 fd91cd95a1c663df54dd371cc8a234de c:\windows\system32\dllcache\kernel32.dll
2008-04-14 08:51 17408 9fa69781caa7a1da981a24f240a61a60 c:\windows\system32\powrprof.dll
2008-04-14 08:51 17408 9fa69781caa7a1da981a24f240a61a60 c:\windows\system32\dllcache\powrprof.dll
2008-04-14 08:51 110080 6c60ca8ac7470ac01cfd3d24c7283cd1 c:\windows\system32\imm32.dll
2008-04-14 08:51 110080 6c60ca8ac7470ac01cfd3d24c7283cd1 c:\windows\system32\dllcache\imm32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2009-01-14 26624]
"uTorrent"="i:\utorrent\utorrent.exe" [2009-03-04 281392]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\a_programy\Internet\Internet Download Manager\IDMan.exe" [2008-07-15 931248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 c:\windows\system32\CHDAudPropShortcut.exe]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-04-01 577597]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= c:\windows\system32\ir32_32.dll
"vidc.iv32"= c:\windows\system32\ir32_32.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2009-04-01 160792]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-04-01 468224]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2009-04-01 69120]
S3 AF05BDA;AF9005 BDA Device;c:\windows\system32\drivers\AF05BDA.sys [2009-04-01 117376]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-04-01 356920]
S3 UDTTAFAT;DVB-T USB Stick;c:\windows\system32\drivers\UDTTAFAT.sys [2009-04-01 147968]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ASLIAHMU
*Deregistered* - asliahmu
*Deregistered* - mchInjDrv
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
MSConfigStartUp-CTFMON - (no file)
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\a_prog~1\Windows\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout s IDM - c:\a_programy\Internet\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\a_programy\Internet\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\a_programy\Internet\Internet Download Manager\IEGetAll.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
FF - ProfilePath - c:\documents and settings\albinfrost\Data aplikací\Mozilla\Firefox\Profiles\7jtxc9ng.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/?from=icqhp
FF - plugin: c:\a_programy\Internet\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
---- NASTAVENÍ FIREFOXU ----
c:\a_programy\Internet\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 17:19:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):1b,59,fc,18,6d,5b,10,e5,20,bc,0b,ef,7a,5c,9e,59,8f,24,ab,46,c9,
ca,a9,85,48,f4,63,e4,7a,b7,56,dd,28,ff,36,af,b6,95,49,d0,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{e3609ddc-2c35-4ab5-93bf-6c3e6bd8efae}]
@Denied: (Full) (Everyone)
"Model"=dword:00000052
"Therad"=dword:0000000f
.
Celkový čas: 2009-04-02 17:20:38
ComboFix-quarantined-files.txt 2009-04-02 15:20:36
Před spuštěním: Volných bajtů: 20 715 409 408
Po spuštění: Volných bajtů: 20,701,188,096
244 --- E O F --- 2009-03-14 01:38:26
ComboFix 09-04-01.01 - albinfrost 2009-04-02 17:18:02.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.3070.2589 [GMT 2:00]
Spuštěný z: d:\a_internet\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
AV: Spyware Doctor with AntiVirus *On-access scanning disabled* (Updated)
FW: ESET personal firewall *disabled*
* Vytvořen nový Bod Obnovení
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\e100bmsg.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-03-02 do 2009-04-02 )))))))))))))))))))))))))))))))
.
2009-04-02 17:19 . 2009-04-02 17:19 53,248 --a------ c:\temp\catchme.dll
2009-04-02 17:18 . 2009-04-02 17:18 <DIR> d-------- c:\temp\WPDNSE
2009-04-02 15:44 . 2009-04-02 15:44 <DIR> d-------- c:\windows\Sun
2009-04-01 18:33 . 2008-12-21 18:04 26,154 --a------ c:\windows\system32\oemlogo.bmp
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\program files\NVIDIA Corporation
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\program files\Extras
2009-04-01 18:30 . 2009-04-01 18:30 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2009-04-01 18:30 . 2006-03-01 05:21 1,263,616 --a------ c:\windows\system32\Aurora.scr
2009-04-01 18:30 . 2006-03-01 04:53 773,120 --a------ c:\windows\system32\Bubbles.scr
2009-04-01 18:30 . 2005-12-11 01:53 720,412 --a------ c:\windows\system32\MGB_Scrn.scr
2009-04-01 18:30 . 2006-03-29 08:50 671,744 --a------ c:\windows\system32\DolbyHph.dll
2009-04-01 18:30 . 2006-12-11 01:15 498,176 --a------ c:\windows\system32\vLogon.scr
2009-04-01 18:30 . 2006-03-01 05:21 117,248 --a------ c:\windows\system32\Ribbons.scr
2009-04-01 18:30 . 2006-03-03 14:42 117,248 --a------ c:\windows\system32\Mystify.scr
2009-04-01 18:30 . 2006-03-29 08:51 60,416 --a------ c:\windows\system32\DSETUP.dll
2009-04-01 18:30 . 2006-03-29 08:49 9,856 --a------ c:\windows\system32\drivers\pfc.sys
2009-04-01 18:30 . 2006-05-05 19:21 4,608 --a------ c:\windows\system32\drivers\nvport.sys
2009-04-01 18:29 . 2009-04-01 18:29 <DIR> d-------- c:\program files\Java
2009-04-01 18:29 . 2009-04-01 18:29 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-01 18:29 . 2009-04-01 18:29 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-01 18:28 . 2009-04-01 18:28 <DIR> d-------- c:\windows\system32\XPSViewer
2009-04-01 18:28 . 2009-04-01 18:28 <DIR> d-------- c:\program files\Reference Assemblies
2009-04-01 18:28 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-04-01 18:23 . 2009-04-01 18:24 <DIR> d-------- c:\program files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-02 15:18 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\DMCache
2009-04-02 14:56 --------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2009-04-02 14:51 --------- d-----w c:\program files\Spyware Doctor
2009-04-02 14:26 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\uTorrent
2009-04-01 16:30 --------- d--h--w c:\program files\InstallShield Installation Information
2009-04-01 15:16 --------- d-----w c:\program files\Common Files\Ahead
2009-04-01 15:16 --------- d-----w c:\program files\Common Files\Adobe
2009-04-01 15:16 --------- d-----w c:\program files\Broadcom
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\TechSmith
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\PC Tools
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Office Genuine Advantage
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\nView_Profiles
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\NVIDIA
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Nero
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\ESET
2009-04-01 15:15 --------- d-----w c:\documents and settings\All Users\Data aplikací\Ahead
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\URSoft
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Thunderbird
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Talkback
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\PC Tools
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\InstallShield
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\IDM
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\ICQ
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\gtk-2.0
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\FastStone
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\ESET
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Convivea
2009-04-01 15:10 --------- d-----w c:\documents and settings\albinfrost\Data aplikací\Ahead
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-09 14:07 1,846,784 ----a-w c:\windows\system32\dllcache\win32k.sys
2009-02-04 04:45 453,152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-16 20:30 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2009-01-13 22:43 491,520 ----a-w c:\windows\WebIE.dll
2009-01-13 22:43 45,056 ----a-w c:\windows\TRNOEH.DLL
2009-01-13 22:43 356,352 ----a-w c:\windows\TrnOutl.dll
2009-01-13 22:43 294,912 ----a-w c:\windows\TrnWord.dll
2009-01-13 22:43 26,624 ----a-w c:\windows\OETRN.EXE
2009-01-13 22:43 200,704 ----a-w c:\windows\TRNOET.DLL
2009-01-13 21:15 6,728,192 ----a-w c:\windows\system32\logonuiX.exe
.
------- Sigcheck -------
2008-04-14 08:52 14336 be4a520e29b6391f49e79ccc52044d93 c:\windows\system32\svchost.exe
2008-04-14 08:52 14336 be4a520e29b6391f49e79ccc52044d93 c:\windows\system32\dllcache\svchost.exe
2008-04-14 08:52 578560 e16e0990967374e76f3e40cacafd3d53 c:\windows\system32\user32.dll
2008-04-14 08:52 578560 e16e0990967374e76f3e40cacafd3d53 c:\windows\system32\dllcache\user32.dll
2008-04-14 08:52 82432 951d473917c51f21496d914cf6e5ddd1 c:\windows\system32\ws2_32.dll
2008-04-14 08:52 82432 951d473917c51f21496d914cf6e5ddd1 c:\windows\system32\dllcache\ws2_32.dll
2008-04-14 08:52 667136 3fe5e65a7ed9ec98aee9167ca07812d3 c:\windows\ie7\wininet.dll
2007-08-13 19:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\ie7updates\KB956390-IE7\wininet.dll
2008-08-26 10:27 826368 0930f57122ff74739e3684d0016877f1 c:\windows\ie7updates\KB958215-IE7\wininet.dll
2008-10-16 22:33 826368 84801e4617b5afb065dd58438850587d c:\windows\ie7updates\KB961260-IE7\wininet.dll
2008-10-16 22:33 826368 84801e4617b5afb065dd58438850587d c:\windows\SoftwareDistribution\Download\2cf2d98cbc4be029ee9881f0a8b57a97\SP2GDR\wininet.dll
2008-10-16 21:49 827904 a72d6cc0f715d415003478294c4ecb2a c:\windows\SoftwareDistribution\Download\2cf2d98cbc4be029ee9881f0a8b57a97\SP2QFE\wininet.dll
2008-10-16 12:39 660480 20275ea77612128219308d1bfac3f7ab c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP2GDR\wininet.dll
2008-10-16 12:36 668672 dc068c9c851b3f601d91bfa93e053993 c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP2QFE\wininet.dll
2008-10-16 03:03 667136 8e7de90524f7dd5db33cc38ad9a1b0b4 c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP3GDR\wininet.dll
2008-10-16 03:06 668160 370940e124256d20de4ca7e51377335c c:\windows\SoftwareDistribution\Download\83f190f9e0a95cb6bf971f6d27f9deef\SP3QFE\wininet.dll
2008-08-26 10:27 826368 0930f57122ff74739e3684d0016877f1 c:\windows\SoftwareDistribution\Download\b036fb87dc9cfdb88c64df1ddd121b4f\SP2GDR\wininet.dll
2008-08-26 11:12 827904 a74381b8d7024b2d8bb5691a93f825b8 c:\windows\SoftwareDistribution\Download\b036fb87dc9cfdb88c64df1ddd121b4f\SP2QFE\wininet.dll
2008-12-21 01:03 826368 793da751c812efc3c6786bbd3b8489a8 c:\windows\system32\wininet.dll
2008-12-21 01:03 826368 793da751c812efc3c6786bbd3b8489a8 c:\windows\system32\dllcache\wininet.dll
2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d c:\windows\system32\dllcache\tcpip.sys
2008-06-20 13:51 361600 cbeebeb899e31ef52b962cb31fc8ca5c c:\windows\system32\drivers\tcpip.sys
2008-04-14 08:52 507904 cddb1f8e1aea356f3ad106f2cf9b7fea c:\windows\system32\winlogon.exe
2008-04-14 08:52 507904 cddb1f8e1aea356f3ad106f2cf9b7fea c:\windows\system32\dllcache\winlogon.exe
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d c:\windows\system32\dllcache\ndis.sys
2008-04-14 00:50 182656 1df7f42665c94b825322fae71721130d c:\windows\system32\drivers\ndis.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\system32\dllcache\ip6fw.sys
2008-04-14 00:23 36608 3bb22519a194418d5fec05d800a19ad0 c:\windows\system32\drivers\ip6fw.sys
2008-08-14 15:26 2068224 09cd607918c3f5600d8a111155f62ca6 c:\windows\Driver Cache\i386\ntkrnlpa.exe
2008-08-14 15:26 2025984 6045c7424106cca4c9970c7230bd6253 c:\windows\system32\ntkrnlpa.exe
2008-08-14 15:26 2068224 09cd607918c3f5600d8a111155f62ca6 c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 15:26 2191360 91f18ab1e9acbf6e27a5545a8f57c89b c:\windows\Driver Cache\i386\ntoskrnl.exe
2008-08-14 15:26 2147328 ffeb7726951f6d2859df12fbc51f0188 c:\windows\system32\ntoskrnl.exe
2008-08-14 15:26 2191360 91f18ab1e9acbf6e27a5545a8f57c89b c:\windows\system32\dllcache\ntoskrnl.exe
2008-04-14 08:52 1034240 27afd587c462e280ee046b8cca3c2cd1 c:\windows\explorer.exe
2008-04-14 08:52 1034240 27afd587c462e280ee046b8cca3c2cd1 c:\windows\system32\dllcache\explorer.exe
2008-04-14 08:52 108544 f0d2ae69035092bf22dad6b50fab85c2 c:\windows\system32\services.exe
2008-04-14 08:52 108544 f0d2ae69035092bf22dad6b50fab85c2 c:\windows\system32\dllcache\services.exe
2008-04-14 08:52 13312 ed0a176354487ceed65b80a7148ab739 c:\windows\system32\lsass.exe
2008-04-14 08:52 13312 ed0a176354487ceed65b80a7148ab739 c:\windows\system32\dllcache\lsass.exe
2008-04-14 08:52 15360 a756b8f0f7bafba6dfe39f7d169f2519 c:\windows\system32\ctfmon.exe
2008-04-14 08:52 15360 a756b8f0f7bafba6dfe39f7d169f2519 c:\windows\system32\dllcache\ctfmon.exe
2008-04-14 08:52 57856 cb1090bca0e7b40d0b5b4e4d66531809 c:\windows\system32\spoolsv.exe
2008-04-14 08:52 57856 cb1090bca0e7b40d0b5b4e4d66531809 c:\windows\system32\dllcache\spoolsv.exe
2008-04-14 08:52 26112 7dc1830f22e7d275b438127b68030239 c:\windows\system32\userinit.exe
2008-04-14 08:52 26112 7dc1830f22e7d275b438127b68030239 c:\windows\system32\dllcache\userinit.exe
2008-04-14 08:52 295936 a75dd6fc3dbee4fff5ebc9f2c28bb66e c:\windows\system32\termsrv.dll
2008-04-14 08:52 295936 a75dd6fc3dbee4fff5ebc9f2c28bb66e c:\windows\system32\dllcache\termsrv.dll
2008-04-14 08:51 988160 fd91cd95a1c663df54dd371cc8a234de c:\windows\system32\kernel32.dll
2008-04-14 08:51 988160 fd91cd95a1c663df54dd371cc8a234de c:\windows\system32\dllcache\kernel32.dll
2008-04-14 08:51 17408 9fa69781caa7a1da981a24f240a61a60 c:\windows\system32\powrprof.dll
2008-04-14 08:51 17408 9fa69781caa7a1da981a24f240a61a60 c:\windows\system32\dllcache\powrprof.dll
2008-04-14 08:51 110080 6c60ca8ac7470ac01cfd3d24c7283cd1 c:\windows\system32\imm32.dll
2008-04-14 08:51 110080 6c60ca8ac7470ac01cfd3d24c7283cd1 c:\windows\system32\dllcache\imm32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2009-01-14 26624]
"uTorrent"="i:\utorrent\utorrent.exe" [2009-03-04 281392]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"IDMan"="c:\a_programy\Internet\Internet Download Manager\IDMan.exe" [2008-07-15 931248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13594624]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 c:\windows\system32\CHDAudPropShortcut.exe]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-04-01 577597]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 0 (0x0)
"NoStrCmpLogical"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv31"= c:\windows\system32\ir32_32.dll
"vidc.iv32"= c:\windows\system32\ir32_32.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 pctfw2;pctfw2;c:\windows\system32\drivers\pctfw2.sys [2009-04-01 160792]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-04-01 468224]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2009-04-01 69120]
S3 AF05BDA;AF9005 BDA Device;c:\windows\system32\drivers\AF05BDA.sys [2009-04-01 117376]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-04-01 356920]
S3 UDTTAFAT;DVB-T USB Stick;c:\windows\system32\drivers\UDTTAFAT.sys [2009-04-01 147968]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ASLIAHMU
*Deregistered* - asliahmu
*Deregistered* - mchInjDrv
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
MSConfigStartUp-CTFMON - (no file)
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\a_prog~1\Windows\MICROS~1\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout s IDM - c:\a_programy\Internet\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\a_programy\Internet\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\a_programy\Internet\Internet Download Manager\IEGetAll.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
LSP: c:\program files\Common Files\PC Tools\LSP\PCTLsp.dll
FF - ProfilePath - c:\documents and settings\albinfrost\Data aplikací\Mozilla\Firefox\Profiles\7jtxc9ng.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/?from=icqhp
FF - plugin: c:\a_programy\Internet\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
---- NASTAVENÍ FIREFOXU ----
c:\a_programy\Internet\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-02 17:19:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):1b,59,fc,18,6d,5b,10,e5,20,bc,0b,ef,7a,5c,9e,59,8f,24,ab,46,c9,
ca,a9,85,48,f4,63,e4,7a,b7,56,dd,28,ff,36,af,b6,95,49,d0,00,00,00,00,00,00,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{e3609ddc-2c35-4ab5-93bf-6c3e6bd8efae}]
@Denied: (Full) (Everyone)
"Model"=dword:00000052
"Therad"=dword:0000000f
.
Celkový čas: 2009-04-02 17:20:38
ComboFix-quarantined-files.txt 2009-04-02 15:20:36
Před spuštěním: Volných bajtů: 20 715 409 408
Po spuštění: Volných bajtů: 20,701,188,096
244 --- E O F --- 2009-03-14 01:38:26