ale když jsem si najel na internet(jiný PC) tak se mi ho podařilo smazat stránku na požádání klidně dodám.Jakmile jsem pak restartoval PC ThinkPoint už se neukázal , ale PC se seká strašně moc, pak jsem najel na tyhlety pěkné stránky a ihned jsem přečetl pár příspěvků atd. - stáhl jsem si ComboFix a udělal LOG a tu vám ho přikládám .... prosím pomozte mi .. projížděl jsem to anti virákama spy.. atd.
Tu:
ComboFix 10-11-20.06 - MOJE 21.11.2010 15:53:32.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3036.2050 [GMT 1:00]
Spuštěný z: c:\users\MOJE\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\YouTube Downloader Toolbar\SeARchsettings.dll
c:\users\MOJE\AppData\Roaming\completescan
c:\users\MOJE\AppData\Roaming\Desktopicon
c:\users\MOJE\AppData\Roaming\Desktopicon\eBay.ico
c:\users\MOJE\AppData\Roaming\Desktopicon\uninst.exe
c:\users\MOJE\AppData\Roaming\chrtmp
c:\users\MOJE\AppData\Roaming\inst.exe
c:\users\MOJE\AppData\Roaming\install
c:\users\MOJE\AppData\Roaming\scgdfgasfbh.bat
c:\users\MOJE\FAVORI~1\CGS12_TBYB_EN.exe
c:\users\MOJE\Favorites\CGS12_TBYB_EN.exe
c:\windows\system32\vbzlib1.dll
E:\install.exe
Nakažená kopie c:\windows\system32\wininit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
Nakažená kopie c:\windows\explorer.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-21 do 2010-11-21 )))))))))))))))))))))))))))))))
.
2010-11-21 15:12 . 2010-11-21 15:14 -------- d-----w- c:\users\MOJE\AppData\Local\temp
2010-11-21 15:12 . 2010-11-21 15:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-20 08:10 . 2010-11-20 08:10 -------- d-----w- c:\users\MOJE\AppData\Local\Threat Expert
2010-11-19 19:45 . 2010-01-22 08:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-11-19 19:45 . 2010-01-22 08:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-11-19 19:45 . 2010-01-22 08:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-11-19 19:45 . 2010-01-22 08:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-11-19 19:44 . 2010-02-05 08:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-11-19 19:44 . 2010-02-05 08:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-11-19 19:44 . 2010-03-10 10:36 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-11-19 19:44 . 2009-11-23 12:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-11-19 19:44 . 2010-02-05 08:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-11-19 19:44 . 2010-11-19 19:45 -------- d-----w- c:\program files\Common Files\PC Tools
2010-11-19 19:44 . 2010-11-21 15:14 -------- d-----w- c:\program files\Spyware Doctor
2010-11-19 19:44 . 2010-11-19 20:48 -------- d-----w- c:\programdata\PC Tools
2010-11-19 19:44 . 2010-11-19 19:44 -------- d-----w- c:\users\MOJE\AppData\Roaming\PC Tools
2010-11-16 18:26 . 2010-11-16 18:26 -------- d-----w- c:\program files\GifCreator
2010-11-16 18:10 . 2010-11-16 18:10 -------- d-----w- c:\program files\FoxArc Magic Animator
2010-11-16 18:01 . 2010-11-16 18:09 -------- d-----w- c:\program files\Photo Toucher
2010-11-16 17:44 . 2005-04-30 22:00 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-11-16 17:44 . 2010-11-16 17:44 -------- d-----w- c:\program files\Common Files\SourceTec
2010-11-16 17:43 . 2010-11-16 17:43 -------- d-----w- c:\program files\SourceTec
2010-11-16 17:33 . 2005-06-15 02:16 926984 ----a-w- c:\windows\system32\wodFtpDLX.OCX
2010-11-16 17:33 . 2010-11-16 17:33 -------- d-----w- c:\users\MOJE\AppData\Roaming\InstallShield Installation Information
2010-11-16 17:33 . 2010-11-16 17:33 -------- d-----w- c:\users\MOJE\AppData\Roaming\CoffeeCup Software
2010-11-16 17:28 . 2010-11-16 17:28 -------- d-----w- c:\program files\Tales Animator
2010-11-16 17:13 . 2009-12-16 02:30 66800 ----a-w- c:\windows\UnDeployV.exe
2010-11-16 17:06 . 2010-11-16 17:06 -------- d-----w- c:\program files\AVTJet Studio
2010-11-09 18:45 . 2010-11-19 20:10 -------- d-sh--r- c:\users\Public\Microsoft-5858-2574
2010-11-02 13:56 . 2010-11-02 13:57 -------- d-----w- c:\users\MOJE\AppData\Roaming\PhotoFiltre Studio X
2010-11-02 13:56 . 2010-11-02 13:56 -------- d-----w- c:\program files\PhotoFiltre Studio X
2010-10-27 16:21 . 2010-11-19 20:10 -------- d-sh--r- c:\users\Public\D-2785-7947-8747
2010-10-27 06:48 . 2010-10-27 15:43 -------- d-----w- c:\users\MOJE\AppData\Roaming\PhotoScape
2010-10-27 06:48 . 2010-10-27 06:48 -------- d-----w- c:\program files\PhotoScape
2010-10-24 06:45 . 2010-10-24 06:45 -------- d-----w- c:\users\MOJE\AppData\Local\Speedchecker
2010-10-24 06:37 . 2010-10-24 06:45 -------- d-----w- c:\program files\Zrychleni Pocitace
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-01 07:11 . 2010-10-13 15:34 462112 ----a-w- c:\program files\Common Files\ZugoInstaller.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}"= "c:\program files\Free_Lunch_Design\tbFre1.dll" [2010-05-04 2349080]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 138552]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
2010-05-04 09:18 2349080 ----a-w- c:\program files\Free_Lunch_Design\tbFre1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}"= "c:\program files\Free_Lunch_Design\tbFre1.dll" [2010-05-04 2349080]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
[HKEY_CLASSES_ROOT\clsid\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC}"= "c:\program files\Free_Lunch_Design\tbFre1.dll" [2010-05-04 2349080]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
[HKEY_CLASSES_ROOT\clsid\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2009-08-14 2198248]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-23 39408]
"Google Update"="c:\users\MOJE\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-06-17 136176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 111928]
"SearchSettings"="c:\program files\YouTube Downloader Toolbar\SearchSettings.exe" [2010-02-19 974848]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-03-29 1086856]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSpeedUp.exe" [2010-09-21 856312]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2009-05-18 1314816]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
c:\users\MOJE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-23 135664]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-03-29 38224]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-03-18 3753224]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-23 1343400]
R3 XDva341;XDva341;c:\windows\system32\XDva341.sys [x]
R3 XDva343;XDva343;c:\windows\system32\XDva343.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
R4 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [2010-02-05 233136]
R4 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg.sys [2010-02-05 70408]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-10 217032]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-04-09 107256]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 123280]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 41616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2010-02-19 380928]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-04-09 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-04-09 38240]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 99152]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 110096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
yksvcs REG_MULTI_SZ yksvc
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2010-11-21 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-12-07 14:35]
2010-11-21 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-12-07 08:55]
2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-23 17:20]
2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-23 17:20]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3170660372-3488450625-92763971-1000Core.job
- c:\users\MOJE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-26 06:38]
2010-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3170660372-3488450625-92763971-1000UA.job
- c:\users\MOJE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-26 06:38]
2010-11-21 c:\windows\Tasks\Registry Reviver-MOJE-Startup.job
- c:\program files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2010-05-27 10:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/sm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\MOJE\AppData\Roaming\Mozilla\Firefox\Profiles\ne3tjli1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - component: c:\program files\YouTube Downloader Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\MOJE\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\MOJE\AppData\Local\Yahoo!\BrowserPlus\2.7.1\Plugins\npybrowserplus_2.7.1.dll
FF - plugin: c:\users\MOJE\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\MOJE\AppData\Roaming\Mozilla\plugins\npPxPlay.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe
HKCU-Run-Messenger (Yahoo!) - ~c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
AddRemove-Animated Screen - c:\program files\Animated Screen\PY_UNINSTAL.EXE SOFTWARE\PySoft\Animated_Screen
AddRemove-eBay Icon - c:\users\MOJE\AppData\Roaming\Desktopicon\uninst.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(3856)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\AEADISRV.EXE
c:\windows\system32\taskhost.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Spyware Doctor\pctsSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-11-21 16:22:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-21 15:22
Před spuštěním: Volných bajtů: 23 064 317 952
Po spuštění: Volných bajtů: 23 232 708 608
- - End Of File - - 7D6D4281982CD08ECAA6A7A7172BBE0C
Přispějete na provoz fóra?