Takze tady log:
ComboFix 10-01-27.06 - Administrator 29.01.2010 12:23:29.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2015.1438 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-28 do 2010-01-29 )))))))))))))))))))))))))))))))
.
2010-01-28 22:19 . 2010-01-28 22:19 -------- dc----w- C:\ctfmon.exe
2010-01-28 18:16 . 2010-01-28 18:16 -------- d-----w- c:\program files\CheckPoint
2010-01-28 18:15 . 2009-11-22 14:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2010-01-28 18:15 . 2009-11-22 14:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2010-01-28 18:15 . 2010-01-28 18:16 -------- d-----w- c:\windows\system32\ZoneLabs
2010-01-28 18:15 . 2009-11-22 14:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2010-01-28 09:17 . 2010-01-28 09:17 -------- dc----w- C:\rsit
2010-01-28 08:35 . 2010-01-28 09:17 -------- d-----w- c:\program files\trend micro
2010-01-27 12:09 . 2010-01-27 12:09 0 -c--a-w- c:\documents and settings\Administrator\settings.dat
2010-01-25 22:55 . 2010-01-25 22:55 -------- d-----w- c:\program files\dB 1-Click Booster
2010-01-16 01:16 . 2010-01-16 01:16 -------- d-----w- c:\program files\Defraggler
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-29 11:29 . 2010-01-28 18:53 3620044 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-28 18:16 . 2010-01-28 18:16 -------- d-----w- c:\program files\CheckPoint
2010-01-28 18:16 . 2009-10-01 01:39 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-27 00:54 . 2009-10-18 19:58 -------- d-----w- c:\program files\Call of Duty
2010-01-25 17:15 . 2009-09-29 23:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-21 23:32 . 2009-10-08 23:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-20 08:50 . 2009-03-08 16:44 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-07 15:07 . 2009-10-08 23:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-10-08 23:36 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-26 21:32 . 2009-10-14 19:27 -------- d-----w- c:\program files\The KMPlayer
2009-12-26 12:53 . 2009-12-26 12:53 -------- d-----w- c:\program files\DVD Shrink
2009-12-25 09:01 . 2009-10-18 07:40 -------- d-----w- c:\program files\Yamicsoft
2009-12-21 19:08 . 2008-04-14 06:52 916480 ------w- c:\windows\system32\wininet.dll
2009-12-13 00:48 . 2009-12-13 00:48 -------- d-----w- c:\program files\Sunbelt Software
2009-12-13 00:34 . 2009-12-01 23:13 -------- d-----w- c:\program files\Ashampoo
2009-12-03 08:32 . 2009-12-03 08:32 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2009-12-03 08:32 . 2009-12-03 08:32 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-12-03 08:32 . 2009-12-03 08:32 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-03 08:32 . 2009-12-03 08:32 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-12-03 08:32 . 2009-12-03 08:32 -------- d-----w- c:\program files\AVG
2009-12-02 02:14 . 2009-12-02 02:14 -------- d-----w- c:\program files\7-Zip
2009-12-02 01:45 . 2009-11-05 16:45 -------- d-----w- c:\program files\F-Secure
2009-12-01 20:59 . 2009-12-01 20:49 -------- d-----w- c:\program files\Pain Killer
2009-11-30 19:35 . 2008-06-24 11:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-21 16:03 . 2008-04-14 06:51 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-14 14:53 . 2007-08-02 12:00 88828 ----a-w- c:\windows\system32\perfc005.dat
2009-11-14 14:53 . 2007-08-02 12:00 455996 ----a-w- c:\windows\system32\perfh005.dat
.
------- Sigcheck -------
[-] 2009-10-10 18:56 . 18747FCB2508EEEC79415B32F63F3654 . 36864 . . [------] . . c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot_2010-01-28_18.55.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-29 11:30 . 2010-01-29 11:30 16384 c:\windows\Temp\Perflib_Perfdata_7b0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2007-01-17 106496]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-10-10 36864]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"= 1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsNetHood"= 1818575963 (0x6c65445b)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-06 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-12-03 08:32 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\oaKel]
2008-06-25 00:46 81920 ----a-r- c:\windows\system32\oaKelNt.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ oaPassCn scecli
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wireless Console 2]
2007-07-06 04:53 1040384 ----a-w- c:\program files\Wireless Console 2\wcourier.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"StartCCC"=c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" /AUTO
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SMSERIAL"=c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe"
"SkyTel"=SkyTel.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"AVG9_TRAY"=c:\progra~1\AVG\AVG9\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dbeng6.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"=
"c:\\Program Files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtPCS.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GLOBALLYOPENPORTS\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 oaRegMgr;oaRegMgr;c:\windows\system32\drivers\oaRegMgr.sys [25.6.2008 1:46 22098]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3.12.2009 9:32 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3.12.2009 9:32 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15.9.2009 10:42 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15.9.2009 10:42 74480]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [3.12.2009 9:32 285392]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [14.10.2009 14:30 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [14.10.2009 14:30 476528]
R2 rcClient;rcClient;c:\program files\OA10\rcClient --> c:\program files\OA10\rcClient [?]
R3 DCamUSBGene;USB2.0 1.3M PC Cam;c:\windows\system32\drivers\USBGENE.sys [24.6.2008 12:33 142720]
R3 oaServerNT;oaServerNT;c:\program files\OA10\oaServerNt.exe [25.6.2008 1:46 61440]
S0 oaFile;oaFile; [x]
S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys --> c:\windows\system32\DRIVERS\gflmouhid.sys [?]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys --> c:\windows\system32\Drivers\gHidPnp.Sys [?]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys --> c:\windows\system32\DRIVERS\gMouUsb.sys [?]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;c:\windows\system32\drivers\RTL2832U_IRHID.sys [28.11.2009 9:10 37280]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [28.11.2009 9:10 91168]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\drivers\RTL2832UUSB.sys [28.11.2009 9:10 32800]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15.9.2009 10:42 7408]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [31.10.2008 22:23 717296]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-29 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://
www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://
www.google.com/ie
uSearchURL,(Default) = hxxp://
www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\f4f85kj8.default\
FF - prefs.js: browser.startup.homepage - hxxp://
www.seznam.cz/
FF - prefs.js: network.proxy.type - 2
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - component: c:\program files\Mozilla Firefox\extensions\
linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-01-29 12:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rcClient]
"ImagePath"="c:\program files\OA10\rcClient"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-606747145-57989841-1417001333-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,e1,06,bf,b3,06,ec,42,be,16,01,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,60,e1,06,bf,b3,06,ec,42,be,16,01,\
[HKEY_USERS\S-1-5-21-606747145-57989841-1417001333-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="CD7D4FC79BA1A25B552FEF8A0AC0DF40FE9F7B6B1377313897149521328C942D25B800168BD7B796535D5AB0A3A237A5670DEDE79FE578C84FE78CA6964D8EEB40D68100F7173222D78A8C36FA34C8085C4DF2891F47768507249EE244EACBD95D3BC847C9C7F5F51C2DBC16C08207AAB08D2328AD6FCFA3474AE32BDE9CC137DE5F90D84BA9E77F7BD4667F8872EBC6D88FDACFC6862E47BDF0BA066BEEEBB6CBCB585DAD4CF31D749E49D3CB3971896D273A3F4D873C0CBB43C231D3C4C47E4F225F2D811788A3ADC0E8AAE5621715AB3FA46A84C1ABFEB8FE621EE7D0D0A93893AED5BF43185A6D820BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452C038D530D6EB34528EDD5E5BE2F6E66757123CECDF053E7FF9FEBC6142BF074AF61DAFFC81F194608FF2A8900EBDA47C3C32C42239E8B0789D6040289D3AAB904503E0CEC07C13AEC662ADCC968751C89FE1774D4A586B536ADDB1E35DBD85BA601D999290922DF432D8B061A50680202CC68388E5FA9A2EA546C39D02EBD4274B0730E340EBD87433D64B9D752C7DC23C6CE671D19AFCEAC74B7AE58087EE783C3BCDE390669D31DBC1ED4EB311A5B4613FF7A94AA764B07F0732CDBF7ABA171F99733635021BF173E3DB4C03EBEBC05F135E56FD333BE7AD73966E9B4E352C10E7F2015864804475EA2F6C781DD674B09D98229076794069702A5F65B46E29634EF27117D614779366D00E9EA4001F007AF5BA97CA302CF94043C0DF008A3F9ED86FB502C42F20AE4E0390F3AA1657ADA69BD01F2F03DFDD0C0AB5C329C2E67DF7B5039E40BE165FF8D7D869F55AF45006031BA6C627D746DD7E633D4CE15B6D00E88FE4FDC3F5F1A6B64FE577A4962EDC78D19FD8EA501A2770766B29C89A11A900184356D4A0E4F55DE142405E9CC4D79B34F24FAA4C71B8869CE2A16C68BE11C55C19C69938EB6F597FCE05062C45846382F9B9DB919ACA3B872BC0D44C02B6591FBCEF50A5EE7A911E4C21AD2F1354178305CA842B96F85AEEC1B01E11987F2CA8F717C89588E43A356F117B51471FD30056DAC0E51B44080D95C17745F4B2074406A5EA780ADE61C264F72B84AD9E0B46A4623E56110D38A10BE8A63DBE7E03C198A62E82F40065C6C71B887F487101281C01C14F971CB5EDF9BB83104FF0107454CB212A82417B452C64F7B74A994D7A5B7BA2EC7E1E1E392EF67A97B48070B453EB63AD9CFE2A4718636D6E1D7D5E9774B5CB8D4C21E2CD67FA0C73B383BA5EA1FC2A0CE4FB4E5A84C676A2DCE774DC703DBC52B997C9FADACCCA08C03959CF409DC0092C5C178EE066AE98D988242C484088A2B55B6D932F12E07B86BF0C6DA50F83AEFC2988F70DBC495B98EE57E9EB"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1584)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\oaKelNt.dll
c:\program files\OA10\lgFnc.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(1808)
c:\windows\system32\oaPassCn.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'explorer.exe'(2104)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\msiexec.exe
c:\program files\OA10\rcClient.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\mom.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-01-29 12:35:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-29 11:35
ComboFix2.txt 2010-01-28 22:34
ComboFix3.txt 2010-01-28 21:45
ComboFix4.txt 2010-01-28 18:59
ComboFix5.txt 2010-01-29 10:50
Před spuštěním: Volných bajtů: 18 376 028 160
Po spuštění: Volných bajtů: 18 586 218 496
- - End Of File - - E9DD695F15B56429402D85F3EDBCCC75
Soubor z přílohy znovu stáhněte a rozbalte na disk c: (jeho cesta bude c:\ctfmon.exe)
(nesmí to být rar jak jsem odeslal v příloze, musíte ho rozbalit a extrahovat na c:)
Přispějete na provoz fóra?