VIRY.CZ

Prosim o prekontrolovanie logu...Potrebujem vediet,ci je ok , co mi combofix zmazal.

ComboFix 10-02-20.03 - MIchal - Dobrík 20. 02. 10 23:44:12.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1406.864 [GMT 1:00]
Spuštěný z: c:\documents and settings\MIchal - Dobrík\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\hpe79.dll
c:\windows\Options\CABS\_desktop.ini
c:\windows\system32\autorun.ini
c:\windows\system32\autorun\Drivers\LAN\WIN2000\_desktop.ini
c:\windows\system32\autorun\Drivers\LAN\WIN98SE\_desktop.ini
c:\windows\system32\autorun\Drivers\LAN\WINME\_desktop.ini
c:\windows\system32\autorun\Drivers\LAN\WINXP\_desktop.ini
c:\windows\system32\pthreadVC.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.

2010-02-19 17:07 . 2010-02-19 17:07 -------- d-----w- C:\found.001
2010-02-17 12:55 . 2010-02-17 12:55 -------- d-----w- C:\found.000
2010-02-17 08:06 . 2010-02-17 08:06 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-02-13 17:50 . 1998-11-13 11:58 307200 ----a-w- c:\windows\IsUn0405.exe
2010-02-13 04:49 . 2010-02-13 04:49 -------- d-----w- c:\program files\Any DVD Shrink
2010-02-13 04:39 . 2010-02-13 04:39 -------- d-----w- c:\program files\AnvSoft
2010-02-13 04:00 . 2010-02-13 04:00 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-09 17:00 . 2010-02-09 17:00 -------- d-----w- c:\program files\All Audio Converter
2010-01-31 20:25 . 2010-01-31 20:26 -------- d-----w- c:\windows\system32\NtmsData
2010-01-31 19:26 . 2010-01-31 19:26 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-20 17:59 . 2009-12-20 20:09 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-20 08:42 . 2009-11-24 16:47 -------- d-----w- c:\program files\DivX
2010-02-20 08:41 . 2009-11-24 16:47 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-02-19 08:01 . 2009-11-12 10:53 -------- d-----w- c:\program files\Glary Utilities
2010-02-13 17:54 . 2009-11-12 08:45 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-11 18:53 . 2009-12-03 19:43 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-11 18:53 . 2009-12-03 19:42 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-11 18:42 . 2009-12-03 19:43 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-11 18:42 . 2009-12-03 19:43 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-11 18:39 . 2009-12-03 19:43 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-11 18:38 . 2009-12-03 19:43 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-11 18:38 . 2009-12-03 19:43 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-11 18:38 . 2009-12-03 19:43 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-11 18:38 . 2009-12-03 19:43 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-06 20:34 . 2009-12-03 19:42 -------- d-----w- c:\program files\Alwil Software
2010-02-04 03:34 . 2009-11-14 12:26 -------- d-----w- c:\program files\Google
2010-02-02 04:06 . 2006-06-02 16:20 87098 -c--a-w- c:\windows\system32\perfc005.dat
2010-02-02 04:06 . 2006-06-02 16:20 450300 -c--a-w- c:\windows\system32\perfh005.dat
2010-01-23 22:33 . 2009-11-13 06:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-20 17:04 . 2009-11-26 03:53 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 09:37 . 2010-01-18 09:33 -------- d-----w- c:\program files\ICQ7.0
2010-01-18 09:35 . 2006-06-02 16:00 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 15:07 . 2009-11-13 06:25 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-11-13 06:25 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-01-06 13:44 . 2009-12-15 22:04 -------- d-----w- c:\program files\Allok Video to MP4 Converter
2009-12-31 16:50 . 2004-08-18 19:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2006-01-09 19:08 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2004-08-18 19:00 343552 -c--a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 19:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-18 19:00 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-18 19:00 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2004-08-18 19:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 19:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-18 19:00 17920 -c--a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 19:00 8704 -c--a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 19:00 28672 -c--a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2004-08-18 19:00 84992 -c--a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 19:00 48128 -c--a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2004-08-18 19:00 11264 -c--a-w- c:\windows\system32\msrle32.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"SkyTel"="SkyTel.EXE" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-02-11 2756488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-2-13 113664]
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2009-12-2 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-12 08:52 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe"
"ntiMUI"=c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"OODefragTray"=c:\windows\system32\oodtray.exe
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"Startup Cleaner"=c:\program files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\iscsiexe.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3. 12. 09 20:43 162512]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [12. 11. 09 7:26 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21. 6. 08 4:54 66600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3. 12. 09 20:43 19024]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2. 12. 09 18:50 344064]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [26. 11. 09 5:08 54752]
R2 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\iscsiexe.exe [13. 11. 08 22:09 103480]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31. 10. 08 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31. 10. 08 7:24 1365288]
R3 iScsiPrt;iScsiPort Driver;c:\windows\system32\drivers\msiscsi.sys [13. 11. 08 22:09 158264]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [12. 11. 09 7:26 65576]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [20. 12. 09 12:14 27632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21. 11. 09 15:07 691696]
S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2. 12. 09 18:50 405504]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14. 11. 09 13:26 135664]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [20. 12. 09 12:13 90112]
S3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\drivers\AVerA706.sys [22. 12. 09 21:46 1169920]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [2. 12. 09 18:52 1180672]
S3 AVerE506;AVerE506 service;c:\windows\system32\drivers\AVerE506.sys [14. 2. 06 11:49 520192]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [11. 12. 09 5:55 406016]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [5. 8. 09 22:48 704864]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [20. 12. 09 12:13 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [20. 12. 09 12:13 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [20. 12. 09 12:13 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [20. 12. 09 12:14 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [20. 12. 09 12:13 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [20. 12. 09 12:14 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [20. 12. 09 12:14 115752]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - UBHELPER
.
Obsah adresáře 'Naplánované úlohy'

2010-02-20 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-11-12 18:44]

2010-02-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-19 23:08]

2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 12:25]

2010-02-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-14 12:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = hxxp://cs.intl.acer.yahoo.com/
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
TCP: {8F52827C-9D07-4AB2-9EC2-90830EEF49CA} = 208.67.222.222,208.67.220.220
FF - ProfilePath - c:\documents and settings\MIchal - Dobrík\Data aplikací\Mozilla\Firefox\Profiles\rsp5err9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zive.sk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\documents and settings\MIchal - Dobrík\Data aplikací\Mozilla\Firefox\Profiles\rsp5err9.default\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 23:55
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="BBE7534513CDB9BFBD183BE4F6FACCDF5D7D6465D6A8085241B63F203135C7AAA3370716618028D402BEE70A4B4FEADAD51B31E5ADF774EDEBBC95757058D4CEBBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A9C6AECB7A5D14078EDD5E5BE2F6E667D2A52B96BCBCACF1718F719B68C048D7FC030A76F783C1DE41FCC0F281CF8FBBE5C41218F33558D8F93362859499D8B8607B095146D3125DFC15A5842A50464F41AACE1E0AD15224F6A0832E973742A3EE21F57573D84EEF6E4326229172114C753FC9935C1D1E62D5A980313B5A5F28944EE3D0D6ADC7489D0DD8AA39C753A54C4E3C68BB43D5693C05DA30BE681D1C71C237D33B11615B48D7A6811C0A84133D0835106C94A550014AE350D2ECFD99DA9F28F4DE6611E4DFEFCC0CA394338F78029882280751722EF843B89E1598FCD86C42AE7534E4E08B84DDB5B1667D59DF331C3A1BB2ABF10571F617BB319766A792E8FC2625791423A93FEC982319F48BF84AB7E7D41F3179774E1B38B9393CB8DFCE638B8803023555AB24A2154C28C2930300224E29D931376BFA9547CF273088FDE5355149F60363B0D10A2676FE072877975425DAD609BC47ED4A184016E522D28EA516270001932EF0FEE605C70A3D318CF90059591079AD31C08D063766A6FDEBD4138BF0D90A5D80A50B7D17314187ED84ACDCD38AC23D05562FB001F3F4050F2C25F9DCEACCC482176B78C39882AB50D89D3480EE52EBAE5EA4DEAD014FBE0D0CD08A20C548437EDD0222670F379F49D0E4405AE8457F771CBCCAB9B75C5A80473B67D82FCA8AFEFBEFBAE194763A75B83EF5A1581D942ACCE83D64F32657062431D068A189A19062781558623EA575D1045F5B513F1B191D411336C51B0AC05E209975C91AE0C87B051CAE62EDE1EB5039984E1AF4D6972E7C40F5718D9B54A59C286A0BF876BC239F4A133149C0805F8253082F6CDF7F17FACAB1F035896C1B5CF874F784648728F9AF72A3F9695F9AA7D55740B5202C623DCCB9EFAAA336573A9A06DC018047CFE6F0803F0C573792157851AF47597F8CE9F4A3CE6D8F62643531D5B516749F525D47353FEF58BCCC5DA84D177A9E5E094B04C9A2DEC5A6C270F35E35CE3DB5D97BFD4B11798E27C235E7E83F0C58AFBDCCD1C7B3C6133E64B2AC5CBF1A2DB5880075C1D761F13261F4CA03A91EC0E0820448FEFDCD98E5AFE6BB53EECCEA4DF0CEA2DAE9454D1E8899FA4088366964A824E515338449DD801C9408101C6F301C6E0D2052233F2D8FC43687453D35ABEF88BC72B6DBEFED26053E8626A48894068DD0D94FE0B9A8BCB9CD08F97FDBB28F2EF14621AAA85EE278D49B65E5D7349D7B9F1AD246055A4F62A52E763069F3AF3741"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(976)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-21 00:00:01
ComboFix-quarantined-files.txt 2010-02-20 22:59
ComboFix2.txt 2010-01-31 18:38
ComboFix3.txt 2009-12-03 07:32
ComboFix4.txt 2009-11-13 07:13

Před spuštěním: Volných bajtů: 15 577 216 512
Po spuštění: Volných bajtů: 15 589 671 936

- - End Of File - - EA7254DDBC33CC4B5554D293D08E205F

Log vypadá čistý.

VIRY.CZ

Combofix mi zmazal par suborov

Combofix mi zmazal par suborov

Re: Combofix mi zmazal par suborov