Cau,tak tady je ten obsah souboru CF

.
ComboFix 10-03-11.02 - Fakír 11.03.2010 19:48:50.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1384 [GMT 1:00]
Spuštěný z: c:\documents and settings\Fakír\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100223-2] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Fakír\Data aplikací\Microsoft\~DFK35e6d.tmp
c:\documents and settings\Fakír\Data aplikací\Microsoft\1eaadjc.dll
c:\documents and settings\Fakír\Data aplikací\Microsoft\kfgresk.dll
c:\documents and settings\Fakír\Data aplikací\Microsoft\mjcriu.dll
c:\documents and settings\Fakír\Data aplikací\Microsoft\peaadje.dll
c:\documents and settings\Fakír\Data aplikací\Microsoft\qwadjb.dll
c:\documents and settings\Fakír\Data aplikací\Microsoft\rsaadjd.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-11 do 2010-03-11 )))))))))))))))))))))))))))))))
.
2010-03-04 09:26 . 2010-03-04 09:26 86016 ----a-w- c:\windows\system32\frapsvid.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 12:49 . 2007-08-14 19:00 -------- d-----w- c:\program files\FreeCommander
2010-03-11 09:46 . 2007-08-13 10:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-10 18:37 . 2008-03-03 16:32 -------- d-----w- c:\program files\Valve
2010-03-05 21:29 . 2007-08-14 13:39 -------- d-----w- c:\program files\Spyware Terminator
2010-03-05 17:38 . 2008-11-27 16:02 -------- d-----w- c:\program files\dvd hra (D)
2010-01-21 19:20 . 2007-11-09 16:25 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-21 19:20 . 2007-11-09 16:25 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-19 10:38 . 2008-12-25 16:58 -------- d-----w- c:\program files\Blitzkrieg Anthology
2010-01-15 21:40 . 2008-12-22 09:00 -------- d-----w- c:\program files\Hamachi
2010-01-06 20:37 . 2001-10-25 12:00 82514 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 20:37 . 2001-10-25 12:00 440436 ----a-w- c:\windows\system32\perfh005.dat
2010-01-06 20:26 . 2008-03-24 17:30 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-01-05 09:58 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 09:57 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 09:57 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-17 08:00 . 2007-08-13 10:15 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:37 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-19 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-11-12 21760296]
"ares"="c:\program files\Ares\Ares.exe" [2010-03-05 962560]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="c:\windows\system32\JMRaidSetup.exe" [2007-02-06 1953792]
"Gainward"="c:\windows\TBPanel.exe" [2007-04-23 2173744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-23 7774208]
"nwiz"="nwiz.exe" [2007-02-23 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-23 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-05-05 1817600]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Nokia FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2008-12-03 2372840]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\Fakˇr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-1-10 599592]
Microsoft Office Groove.lnk - c:\program files\Microsoft Office\Office12\GROOVE.EXE [2009-2-14 337264]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Nokia Ovi Suite.lnk - c:\program files\Nokia\Ovi\Suite\RunLauncher.exe [2008-11-28 946176]
Photo Loader supervisory.lnk - c:\program files\CASIO\Photo Loader\Plauto.exe [2007-8-24 217088]
Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2007-12-18 589824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Programy\\WINCMD\\TOTALCMD.EXE"=
"c:\\Program Files\\EA Games\\Command and Conquer Generals\\game.dat"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\D-Day\\D-Day.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Microsoft Games\\aom.exe"=
"c:\\Program Files\\EA Games\\MOHAA\\MOHAA.exe"=
"c:\\Sierra\\SWAT3\\Swat.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\patchget.dat"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Westwood\\RA2\\GAME.EXE"=
"c:\\Program Files\\Counter-Strike 1.6 Patch Version 26\\hltv.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ETDED.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\MOHAA\\MOHAA_server.exe"=
"c:\\Program Files\\dvd hra (D)\\Setup\\Data\\CoD2MP_s.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.4.2008 12:12 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.8.2007 14:43 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.4.2008 12:12 20560]
R2 PStrip;PStrip;c:\windows\system32\drivers\PStrip.sys [9.11.2004 22:32 21968]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.8.2007 11:45 639224]
.
Obsah adresáře 'Naplánované úlohy'
2010-02-21 c:\windows\Tasks\Norton Security Scan for Fakír.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-08-28 17:58]
2010-03-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 15:29]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
TCP: {4F027130-B033-43C4-9819-71B637068EEC} = 10.254.230.1,10.154.223.1
FF - ProfilePath - c:\documents and settings\Fakír\Data aplikací\Mozilla\Firefox\Profiles\n5t67kiz.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage -
www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=BT3&o=14979&locale=en_EU&q=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-03-11 19:55
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\docume~1\FAKR~1\LOCALS~1\Temp\catchme.dll 53248 bytes executable
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
.
Celkový čas: 2010-03-11 19:57:38
ComboFix-quarantined-files.txt 2010-03-11 18:57
Před spuštěním: Volných bajtů: 383 332 700 160
Po spuštění: Volných bajtů: 388 741 885 952
- - End Of File - - EFB9DCCBAD4C2AE861517A13189FCA9C