log z Combofixu...
Napsal: 14 bře 2010 20:33
Zdravím... 
,můžete se mi podívat na log..děkuji..!!Ještě bych se zeptal na ten výmaz:c:\$recycle.bin\S-1-5-21-3912559354-1635511067-2486957974-1000..!minule jsem taky,použil Combofix na radu(radců),a pořád se ho nemůžu zbavit..nevím ani co to vlastně je 
děkuji..
ComboFix 10-03-14.01 - Libas 14.03.2010 20:05:06.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1023.342 [GMT 1:00]
Spuštěný z: c:\users\Libas\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-3912559354-1635511067-2486957974-1000
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Libas\AppData\Local\temp
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-11 20:47 . 2008-12-03 19:19 2323664 ----a-w- c:\windows\d3dx9_28.dll
2010-03-09 18:09 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-09 18:09 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-03-09 18:09 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-06 18:35 . 2010-03-06 18:35 -------- d-----w- c:\program files\Lavalys
2010-03-06 16:45 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-25 14:19 . 2010-02-25 14:19 -------- d-----w- c:\users\Libas\AppData\Local\VS Revo Group
2010-02-25 14:19 . 2009-12-30 10:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-02-24 11:28 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 11:28 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 11:28 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 11:28 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 11:28 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:28 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 11:28 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 11:28 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 11:28 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 11:28 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 11:27 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-24 11:27 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-24 11:27 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-23 14:01 . 2010-03-08 20:07 -------- d-----w- c:\program files\VS Revo Group
2010-02-22 15:20 . 2010-02-22 15:26 -------- d-----w- c:\program files\Common Files\AltrixSoft
2010-02-22 13:26 . 2010-02-22 13:29 -------- d-----r- c:\users\Libas\Filmy
2010-02-22 13:02 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2010-02-22 12:38 . 2009-01-09 11:46 39776 ----a-w- c:\windows\system32\DfSdkBt64.exe
2010-02-22 12:38 . 2010-02-22 12:38 -------- d-----w- c:\program files\Ashampoo
2010-02-21 19:59 . 2010-02-21 21:39 1491 ----a-w- c:\users\Libas\AppData\Local\filters.dat
2010-02-21 17:53 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-21 17:53 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-21 17:53 . 2010-02-21 17:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-21 17:52 . 2010-02-28 14:59 -------- d-----w- c:\program files\CCleaner
2010-02-21 10:07 . 2010-02-21 10:07 -------- d-----w- c:\users\Libas\AppData\Roaming\VitySoft
2010-02-21 08:11 . 2010-02-24 12:37 70672 ----a-w- c:\users\Libas\AppData\Local\GDIPFONTCACHEV1.DAT
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-09 18:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-09 18:12 . 2007-05-10 10:30 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 14:05 . 2010-01-27 14:05 117760 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-02 17:55 . 2009-11-15 14:10 -------- d-----w- c:\users\Libas\AppData\Roaming\Vso
2010-02-25 14:13 . 2010-01-18 11:45 -------- d-----w- c:\users\Libas\AppData\Roaming\Skype
2010-02-25 14:11 . 2010-01-18 11:46 -------- d-----w- c:\users\Libas\AppData\Roaming\skypePM
2010-02-24 15:00 . 2007-05-10 10:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-24 08:16 . 2009-11-15 01:17 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-16 14:10 . 2009-11-15 21:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-12 18:10 . 2009-11-15 21:37 -------- d-----w- c:\program files\ICQ6.5
2010-02-12 11:05 . 2010-02-09 09:27 -------- d-----w- c:\program files\Alwil Software
2010-02-12 11:01 . 2010-02-07 15:03 -------- d-----w- c:\programdata\Alwil Software
2010-01-27 18:13 . 2007-01-08 21:09 598600 ----a-w- c:\windows\system32\perfh005.dat
2010-01-27 18:13 . 2007-01-08 21:09 114808 ----a-w- c:\windows\system32\perfc005.dat
2010-01-27 18:05 . 2010-01-27 18:05 9158 ----a-r- c:\users\Libas\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\DIFX
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\USB TV
2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\programdata\ATI
2010-01-27 18:02 . 2009-11-14 23:45 -------- d-----w- c:\program files\ATI Technologies
2010-01-27 17:58 . 2010-01-27 17:58 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-27 16:29 . 2010-01-27 14:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-27 14:07 . 2010-01-27 14:06 52224 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-27 14:04 . 2010-01-27 14:04 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-25 16:04 . 2010-01-25 16:04 -------- d-----w- c:\program files\Common Files\McAfee
2010-01-21 15:50 . 2010-01-18 11:44 -------- d-----r- c:\program files\Skype
2010-01-19 19:45 . 2010-01-19 19:45 -------- d-----w- c:\users\Libas\AppData\Roaming\ATI
2010-01-19 19:20 . 2010-01-19 19:20 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 11:46 . 2010-01-18 11:46 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\program files\Common Files\Skype
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\programdata\Skype
2010-01-06 15:38 . 2010-02-24 11:27 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 11:27 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 11:27 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 11:27 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-02 06:38 . 2010-01-23 10:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 10:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 10:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 10:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-10 200812]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-27 14:23 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk]
backup=c:\windows\pss\BDARemote.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Libas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
2007-01-24 08:27 319488 ----a-w- c:\acer\Empowering Technology\SysMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 16:39 151552 ----a-w- c:\acer\AcerTour\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-03-23 11:04 4423680 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-03-16 07:06 1822720 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e2,64,76,0c,12,66,ca,01
R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
R3 TBXZVOHD;TBXZVOHD;c:\users\Libas\AppData\Local\Temp\TBXZVOHD.exe [x]
R4 0056631265123892mcinstcleanup;McAfee Application Installer Cleanup (0056631265123892);c:\windows\TEMP\005663~1.EXE [x]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
S1 aswSP;avast! Self Protection; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-01-27 74480]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 Acer TV Share Service;Acer TV Share Service;c:\program files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [2007-04-04 269424]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = about:blank
FF - ProfilePath - c:\users\Libas\AppData\Roaming\Mozilla\Firefox\Profiles\ymcbsu4l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 20:12
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(2088)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
Celkový čas: 2010-03-14 20:15:52
ComboFix-quarantined-files.txt 2010-03-14 19:15
Před spuštěním: Volných bajtů: 216 431 099 904
Po spuštění: Volných bajtů: 216 409 018 368
- - End Of File - - C8585A0AA0AF66D1B7881DE713D77272
,můžete se mi podívat na log..děkuji..!!Ještě bych se zeptal na ten výmaz:c:\$recycle.bin\S-1-5-21-3912559354-1635511067-2486957974-1000..!minule jsem taky,použil Combofix na radu(radců),a pořád se ho nemůžu zbavit..nevím ani co to vlastně je děkuji.. ComboFix 10-03-14.01 - Libas 14.03.2010 20:05:06.1.1 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.1023.342 [GMT 1:00]
Spuštěný z: c:\users\Libas\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-3912559354-1635511067-2486957974-1000
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-14 do 2010-03-14 )))))))))))))))))))))))))))))))
.
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Libas\AppData\Local\temp
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-03-14 19:12 . 2010-03-14 19:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-11 20:47 . 2008-12-03 19:19 2323664 ----a-w- c:\windows\d3dx9_28.dll
2010-03-09 18:09 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-09 18:09 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-03-09 18:09 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-06 18:35 . 2010-03-06 18:35 -------- d-----w- c:\program files\Lavalys
2010-03-06 16:45 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-25 14:19 . 2010-02-25 14:19 -------- d-----w- c:\users\Libas\AppData\Local\VS Revo Group
2010-02-25 14:19 . 2009-12-30 10:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-02-24 11:28 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-24 11:28 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-24 11:28 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-24 11:28 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-24 11:28 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:28 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-24 11:28 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-24 11:28 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-24 11:28 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-24 11:28 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-24 11:27 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-24 11:27 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-24 11:27 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-23 14:01 . 2010-03-08 20:07 -------- d-----w- c:\program files\VS Revo Group
2010-02-22 15:20 . 2010-02-22 15:26 -------- d-----w- c:\program files\Common Files\AltrixSoft
2010-02-22 13:26 . 2010-02-22 13:29 -------- d-----r- c:\users\Libas\Filmy
2010-02-22 13:02 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2010-02-22 12:38 . 2009-01-09 11:46 39776 ----a-w- c:\windows\system32\DfSdkBt64.exe
2010-02-22 12:38 . 2010-02-22 12:38 -------- d-----w- c:\program files\Ashampoo
2010-02-21 19:59 . 2010-02-21 21:39 1491 ----a-w- c:\users\Libas\AppData\Local\filters.dat
2010-02-21 17:53 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-21 17:53 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-21 17:53 . 2010-02-21 17:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-21 17:52 . 2010-02-28 14:59 -------- d-----w- c:\program files\CCleaner
2010-02-21 10:07 . 2010-02-21 10:07 -------- d-----w- c:\users\Libas\AppData\Roaming\VitySoft
2010-02-21 08:11 . 2010-02-24 12:37 70672 ----a-w- c:\users\Libas\AppData\Local\GDIPFONTCACHEV1.DAT
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-09 18:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-09 18:12 . 2007-05-10 10:30 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 14:05 . 2010-01-27 14:05 117760 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-03-02 17:55 . 2009-11-15 14:10 -------- d-----w- c:\users\Libas\AppData\Roaming\Vso
2010-02-25 14:13 . 2010-01-18 11:45 -------- d-----w- c:\users\Libas\AppData\Roaming\Skype
2010-02-25 14:11 . 2010-01-18 11:46 -------- d-----w- c:\users\Libas\AppData\Roaming\skypePM
2010-02-24 15:00 . 2007-05-10 10:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-24 08:16 . 2009-11-15 01:17 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-16 14:10 . 2009-11-15 21:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-12 18:10 . 2009-11-15 21:37 -------- d-----w- c:\program files\ICQ6.5
2010-02-12 11:05 . 2010-02-09 09:27 -------- d-----w- c:\program files\Alwil Software
2010-02-12 11:01 . 2010-02-07 15:03 -------- d-----w- c:\programdata\Alwil Software
2010-01-27 18:13 . 2007-01-08 21:09 598600 ----a-w- c:\windows\system32\perfh005.dat
2010-01-27 18:13 . 2007-01-08 21:09 114808 ----a-w- c:\windows\system32\perfc005.dat
2010-01-27 18:05 . 2010-01-27 18:05 9158 ----a-r- c:\users\Libas\AppData\Roaming\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\DIFX
2010-01-27 18:05 . 2010-01-27 18:05 -------- d-----w- c:\program files\USB TV
2010-01-27 18:03 . 2010-01-27 18:03 -------- d-----w- c:\programdata\ATI
2010-01-27 18:02 . 2009-11-14 23:45 -------- d-----w- c:\program files\ATI Technologies
2010-01-27 17:58 . 2010-01-27 17:58 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-27 16:29 . 2010-01-27 14:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-01-27 14:07 . 2010-01-27 14:06 52224 ----a-w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-27 14:04 . 2010-01-27 14:04 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\users\Libas\AppData\Roaming\SUPERAntiSpyware.com
2010-01-27 14:03 . 2010-01-27 14:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-25 16:04 . 2010-01-25 16:04 -------- d-----w- c:\program files\Common Files\McAfee
2010-01-21 15:50 . 2010-01-18 11:44 -------- d-----r- c:\program files\Skype
2010-01-19 19:45 . 2010-01-19 19:45 -------- d-----w- c:\users\Libas\AppData\Roaming\ATI
2010-01-19 19:20 . 2010-01-19 19:20 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 11:46 . 2010-01-18 11:46 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\program files\Common Files\Skype
2010-01-18 11:44 . 2010-01-18 11:44 -------- d-----w- c:\programdata\Skype
2010-01-06 15:38 . 2010-02-24 11:27 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-24 11:27 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-24 11:27 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-06 15:38 . 2010-02-24 11:27 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-02 06:38 . 2010-01-23 10:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-23 10:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-23 10:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-23 10:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 464168]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-10 200812]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-27 14:23 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BDARemote.lnk]
backup=c:\windows\pss\BDARemote.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Libas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
2007-01-24 08:27 319488 ----a-w- c:\acer\Empowering Technology\SysMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 16:39 151552 ----a-w- c:\acer\AcerTour\Reminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-03-23 11:04 4423680 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-03-16 07:06 1822720 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e2,64,76,0c,12,66,ca,01
R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
R3 TBXZVOHD;TBXZVOHD;c:\users\Libas\AppData\Local\Temp\TBXZVOHD.exe [x]
R4 0056631265123892mcinstcleanup;McAfee Application Installer Cleanup (0056631265123892);c:\windows\TEMP\005663~1.EXE [x]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [x]
S1 aswSP;avast! Self Protection; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-01-27 74480]
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-04 266343]
S2 Acer TV Share Service;Acer TV Share Service;c:\program files\Acer Arcade Live\Acer TV Share\Kernel\DMSTV\CLMSServer.exe [2007-04-04 269424]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = about:blank
FF - ProfilePath - c:\users\Libas\AppData\Roaming\Mozilla\Firefox\Profiles\ymcbsu4l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-14 20:12
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(2088)
c:\windows\system32\MsnChatHook.dll
c:\windows\system32\ShowErrMsg.dll
c:\windows\system32\sysenv.dll
c:\windows\system32\BatchCrypto.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\keyManager.dll
.
Celkový čas: 2010-03-14 20:15:52
ComboFix-quarantined-files.txt 2010-03-14 19:15
Před spuštěním: Volných bajtů: 216 431 099 904
Po spuštění: Volných bajtů: 216 409 018 368
- - End Of File - - C8585A0AA0AF66D1B7881DE713D77272