ComboFix 10-10-26.04 - patrik . 10. 2010 20:39:49.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.3070.2188 [GMT 2:00]
Running from: c:\users\patrik\Desktop\beruska.com
Command switches used :: c:\users\patrik\Desktop\CFScript.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
FILE ::
"c:\windows\isRS-000.tmp"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001UA.job"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_2fe5.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\isRS-000.tmp
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3892172656-989301815-4191589665-1001UA.job
.
((((((((((((((((((((((((( Files Created from 2010-09-27 to 2010-10-27 )))))))))))))))))))))))))))))))
.
2010-10-27 18:41 . 2010-10-27 18:41 -------- d-----w- c:\users\patrik\AppData\Local\temp
2010-10-27 18:41 . 2010-10-27 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-27 17:55 . 2010-10-27 17:55 -------- d--h--w- c:\windows\PIF
2010-10-27 11:04 . 2010-10-27 16:09 -------- d-----w- c:\program files\trend micro
2010-10-27 09:23 . 2010-09-01 04:26 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-27 09:23 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-27 09:23 . 2010-08-31 04:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-10-27 09:23 . 2010-08-31 04:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-10-27 09:23 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-10-27 09:23 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll
2010-10-27 09:23 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-27 09:22 . 2010-09-01 02:34 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-10-27 09:22 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-10-27 09:22 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-10-27 09:22 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-10-26 17:41 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-26 17:41 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-26 17:41 . 2010-10-26 23:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-26 17:39 . 2010-10-27 00:05 -------- d-----w- c:\program files\CCleaner
2010-10-26 11:16 . 2010-10-26 11:16 -------- d-----w- c:\users\patrik\AppData\Roaming\SUPERAntiSpyware.com
2010-10-26 11:16 . 2010-10-26 11:16 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-10-26 11:16 . 2010-10-26 11:16 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-26 09:54 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3622F814-C28F-47A9-8D16-42FD3B0D67E8}\mpengine.dll
2010-10-25 16:15 . 2010-10-25 16:15 -------- d-----w- c:\users\patrik\AppData\Roaming\GlarySoft
2010-10-25 16:06 . 2010-10-25 16:06 -------- d-----w- c:\users\patrik\AppData\Roaming\ParetoLogic
2010-10-25 16:06 . 2010-10-25 16:06 -------- d-----w- c:\users\patrik\AppData\Roaming\DriverCure
2010-10-25 12:26 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2010-10-25 09:16 . 2010-10-25 09:17 -------- d-----w- c:\users\patrik\AppData\Local\ElevatedDiagnostics
2010-10-24 16:37 . 2010-10-25 16:19 -------- d-----w- c:\programdata\ParetoLogic
2010-10-24 16:37 . 2010-10-24 16:37 -------- d-----w- c:\programdata\FileCure
2010-10-24 14:44 . 2010-10-24 14:44 -------- d-----w- c:\users\patrik\AppData\Roaming\Malwarebytes
2010-10-24 14:44 . 2010-10-24 14:44 -------- d-----w- c:\programdata\Malwarebytes
2010-10-24 07:03 . 2010-10-27 16:08 -------- d-----w- C:\rsit
2010-10-23 15:51 . 2010-10-23 15:51 -------- d-----w- c:\users\patrik\AppData\Local\CounterPath
2010-10-23 12:32 . 2010-10-23 12:32 -------- d-----w- c:\program files\Common Files\Intel
2010-10-23 12:32 . 2010-10-23 12:32 -------- d-----w- c:\program files\CounterPath
2010-10-22 23:32 . 2010-10-22 23:32 -------- d-----w- c:\users\patrik\AppData\Roaming\VeskrnaMartin
2010-10-17 15:30 . 2010-10-17 15:30 -------- d-----w- c:\program files\AGEIA Technologies
2010-10-17 15:30 . 2010-10-17 15:30 -------- d-----w- c:\windows\system32\AGEIA
2010-10-17 15:30 . 2010-10-17 15:30 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-12 18:53 . 2010-10-12 18:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-10-12 18:53 . 2010-10-12 18:53 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-10-12 12:29 . 2010-10-26 09:49 -------- d-----w- c:\program files\ESET
2010-10-10 13:22 . 2010-10-10 13:22 -------- d-----w- c:\program files\Common Files\Adobe
2010-10-05 10:47 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-10-05 10:46 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-10-04 12:06 . 2010-10-04 12:06 -------- d-----w- c:\users\patrik\AppData\Local\FontCreator
2010-10-04 12:05 . 2010-10-06 09:05 -------- d-----w- c:\users\patrik\AppData\Roaming\FontCreator
2010-10-03 09:28 . 2010-10-03 09:28 -------- d-----w- c:\users\patrik\AppData\Local\Diagnostics
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-07-27 07:21 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-08-29 23:11 . 2010-08-23 14:08 40960 ----a-r- c:\users\patrik\AppData\Roaming\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
2010-08-28 13:34 . 2010-08-28 13:34 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-23 19:30 . 2010-08-23 19:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-08-23 19:30 . 2010-08-23 19:30 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Device Detection"="c:\program files\FUJIFILM\MyFinePix Studio\dd.exe" [2010-10-04 401592]
"Driver Updater"="c:\program files\Carambis\Driver Updater\dupdater.exe" [2010-06-08 4973056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6711840]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-13 1833504]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-07-27 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-05-04 503080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://
www.google.com/ie
uSearchAssistant = hxxp://
www.google.com/ie
uSearchURL,(Default) = hxxp://
www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
Completion time: 2010-10-27 20:42:29
ComboFix-quarantined-files.txt 2010-10-27 18:42
ComboFix2.txt 2010-10-27 18:02
Pre-Run: 27 243 466 752 bytes free
Post-Run: 27 195 920 384 bytes free
- - End Of File - - 1D49EFD3C968589F43CCCCAE482AA52D
no ako to vyzeraa?
PEV je soucast ComboFixu, stejne jako ty slozky - zalohy apod...
Co z Vasi 
moc diik
Přispějete na provoz fóra?