falešný poplach v Malwarebytes?

[jarda.otta]

když vypnu firewall u Esetu tak se nemůžu dostat na web.
dal jsem znova Adresy.exe na Virustotal a výsledek je níže
log z MBAV kde bylo podezření že adresy.exe je virus už jsem asi bohužel smazal.projel jsem celé pc a nenašel.
tak jsem dal poslední. Viz níže.
scan s esetu nic nezachytil.
také mě napadlo jestli ta nízká rychlost nemůže být síťovou kartou. Dnes mám 1mbit místo 30.
tonoucí se stébla chytá.
combofix dám za moment. Děkuji vám za trpělivost


Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.41 2009.10.27 -
AhnLab-V3 5.0.0.2 2009.10.26 -
AntiVir 7.9.1.44 2009.10.26 -
Antiy-AVL 2.0.3.7 2009.10.26 -
Authentium 5.1.2.4 2009.10.27 -
Avast 4.8.1351.0 2009.10.26 -
AVG 8.5.0.423 2009.10.26 -
BitDefender 7.2 2009.10.27 -
CAT-QuickHeal 10.00 2009.10.27 -
ClamAV 0.94.1 2009.10.27 -
Comodo 2744 2009.10.27 -
DrWeb 5.0.0.12182 2009.10.27 -
eSafe 7.0.17.0 2009.10.25 -
eTrust-Vet 35.1.7084 2009.10.26 -
F-Prot 4.5.1.85 2009.10.26 -
F-Secure 9.0.15370.0 2009.10.22 -
Fortinet 3.120.0.0 2009.10.26 -
GData 19 2009.10.27 -
Ikarus T3.1.1.72.0 2009.10.27 -
Jiangmin 11.0.800 2009.10.26 -
K7AntiVirus 7.10.879 2009.10.24 -
Kaspersky 7.0.0.125 2009.10.27 -
McAfee 5783 2009.10.26 -
McAfee+Artemis 5783 2009.10.26 -
McAfee-GW-Edition 6.8.5 2009.10.27 -
Microsoft 1.5202 2009.10.27 -
NOD32 4546 2009.10.27 -
Norman 6.03.02 2009.10.26 -
nProtect 2009.1.8.0 2009.10.26 -
Panda 10.0.2.2 2009.10.26 -
PCTools 4.4.2.0 2009.10.19 -
Prevx 3.0 2009.10.27 -
Rising 21.53.10.00 2009.10.27 -
Sophos 4.46.0 2009.10.27 -
Sunbelt 3.2.1858.2 2009.10.26 -
Symantec 1.4.4.12 2009.10.27 -
TheHacker 6.5.0.2.054 2009.10.26 -
TrendMicro 8.950.0.1094 2009.10.27 -
VBA32 3.12.10.11 2009.10.26 -
ViRobot 2009.10.27.2006 2009.10.27 -
VirusBuster 4.6.5.0 2009.10.26 -


zde je poslední log z mbam


Malwarebytes' Anti-Malware 1.41
Verze databáze: 3038
Windows 6.0.6002 Service Pack 2

27.10.2009 15:48:31
mbam-log-2009-10-27 (15-48-31).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 1
Uplynulý čas: 6 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[Reklama]

[jarda.otta]

ComboFix 09-10-27.07 - jaris 28.10.2009 11:02.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.1109 [GMT 1:00]
Spuštěný z: c:\users\jaris\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\beatles\AUTORUN.INF
c:\users\jaris\eva adam .pps

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-28 do 2009-10-28 )))))))))))))))))))))))))))))))
.

2009-10-27 14:12 . 2009-10-27 14:12 -------- d-----w- C:\_OTM
2009-10-27 13:47 . 2009-06-10 06:42 389632 ----a-w- C:\OTM.exe
2009-10-27 07:48 . 2009-10-27 07:50 17326039 ----a-w- c:\windows\REGBK00.ZIP
2009-10-27 01:06 . 2009-10-27 01:06 -------- d---a-w- c:\windows\rundll16.exe
2009-10-27 01:06 . 2009-10-27 01:06 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-10-27 00:52 . 2009-10-22 15:49 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-10-27 00:52 . 2009-10-22 15:49 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-10-22 15:49 . 2009-10-27 00:52 -------- d-----w- c:\programdata\Kaspersky SDK
2009-10-22 15:48 . 2009-10-22 15:48 -------- d-----w- c:\programdata\MicroWorld
2009-10-21 21:34 . 2009-10-21 21:34 664656 ---ha-w- c:\windows\system32\mlfcache.dat
2009-10-21 05:43 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-21 05:43 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-21 05:43 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-21 05:43 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-21 05:42 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-21 05:42 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-21 05:42 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-21 05:42 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-21 05:42 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-20 11:53 . 2009-10-20 11:53 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-10-20 11:53 . 1999-03-23 07:12 299520 ----a-w- c:\windows\uninst.exe
2009-10-20 11:53 . 2009-10-20 15:12 -------- d-----w- c:\program files\MPresent
2009-10-19 10:23 . 2009-10-19 10:26 -------- d-----w- c:\users\beatles\BEATLES
2009-10-19 10:23 . 1995-12-04 02:00 3699840 ----a-r- c:\users\beatles\BEATLES.EXE
2009-10-19 10:23 . 2009-10-28 10:11 -------- d-----w- c:\users\beatles
2009-10-18 11:17 . 2009-10-18 11:19 -------- d-----w- c:\program files\IrfanView
2009-10-17 14:42 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-10-17 14:42 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-10-17 14:42 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll
2009-10-17 14:42 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-10-17 14:42 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-10-17 14:42 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-10-17 14:42 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-10-16 23:50 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-16 23:50 . 2009-10-16 23:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-16 23:50 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 07:28 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 07:28 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 07:28 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 07:24 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 23:59 . 2009-10-13 23:59 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-10-13 12:38 . 2009-10-13 12:47 -------- d-----w- c:\users\jaris\AppData\Roaming\PhotoFiltre Studio X
2009-10-13 12:38 . 2009-10-13 12:50 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-10-09 12:49 . 2009-10-09 12:49 -------- d-----w- c:\program files\Microsoft LifeCam
2009-10-09 12:47 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-10-09 12:46 . 2009-10-09 13:02 -------- d-----w- C:\e6d8ba1011bf91d78f5a0af379c3af
2009-10-08 08:32 . 2009-10-08 09:49 -------- d-----w- c:\program files\LingvoSoft
2009-10-07 12:56 . 2009-10-07 12:56 -------- d-----w- c:\program files\7-Zip
2009-10-05 19:53 . 2009-10-05 19:53 -------- d-----w- c:\program files\Media Art
2009-10-05 12:50 . 2009-10-08 09:22 -------- d-----w- c:\users\jaris\AppData\Roaming\Ectaco
2009-10-01 11:48 . 2009-10-01 11:48 -------- d-----w- c:\program files\ConvertHelper
2009-10-01 09:00 . 2009-10-01 09:00 -------- d-----w- c:\users\jaris\AppData\Local\IsolatedStorage
2009-10-01 08:04 . 2009-10-01 08:04 -------- d-----w- c:\users\jaris\AppData\Local\Nokia
2009-10-01 08:04 . 2009-10-01 08:04 -------- d-----w- c:\programdata\NokiaMusic

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-28 10:11 . 2009-03-11 18:02 -------- d-----w- c:\users\jaris\AppData\Roaming\Skype
2009-10-27 17:09 . 2007-01-08 21:09 601854 ----a-w- c:\windows\system32\perfh005.dat
2009-10-27 17:09 . 2007-01-08 21:09 115998 ----a-w- c:\windows\system32\perfc005.dat
2009-10-27 07:50 . 2009-05-11 11:46 -------- d-----w- c:\program files\PowerISO
2009-10-25 22:36 . 2009-03-12 13:09 -------- d-----w- c:\users\jaris\AppData\Roaming\uTorrent
2009-10-22 15:16 . 2009-09-03 06:53 -------- d-----w- c:\program files\trend micro
2009-10-22 15:09 . 2009-09-12 06:05 -------- d-----w- c:\users\jaris\AppData\Roaming\Apple Computer
2009-10-21 05:42 . 2009-06-25 12:45 -------- d-----w- c:\program files\Java
2009-10-20 08:23 . 2009-03-13 08:42 -------- d-----w- c:\users\jaris\AppData\Roaming\Vso
2009-10-19 06:32 . 2009-06-28 16:27 -------- d-----w- c:\program files\Common Files\Nokia
2009-10-19 06:32 . 2009-06-28 16:22 -------- d-----w- c:\program files\Nokia
2009-10-18 10:38 . 2009-03-11 18:02 -------- d-----r- c:\program files\Skype
2009-10-17 23:14 . 2009-07-25 13:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-10-17 23:05 . 2009-07-25 13:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-17 22:00 . 2009-05-11 10:40 -------- d-----w- c:\program files\Caricature Software
2009-10-17 14:42 . 2009-04-15 20:54 47360 ----a-w- c:\users\jaris\AppData\Roaming\pcouffin.sys
2009-10-17 14:42 . 2009-04-15 20:53 -------- d-----w- c:\program files\VSO
2009-10-17 07:38 . 2009-09-12 05:57 -------- d-----w- c:\program files\Common Files\Apple
2009-10-17 07:38 . 2009-04-24 09:21 -------- d-----w- c:\programdata\Apple Computer
2009-10-15 23:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-15 08:56 . 2009-03-11 21:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-14 11:29 . 2009-09-06 08:15 -------- d-----w- c:\users\jaris\AppData\Roaming\dvdcss
2009-10-14 07:39 . 2009-03-12 08:58 -------- d-----w- c:\programdata\Microsoft Help
2009-10-09 12:09 . 2009-03-11 21:37 -------- d-----w- c:\program files\ArcSoft
2009-10-08 07:37 . 2009-03-11 16:22 463624 ----a-w- c:\users\jaris\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-05 13:49 . 2009-03-31 10:31 -------- d-----w- c:\program files\ESET
2009-10-04 20:35 . 2009-03-13 13:14 -------- d-----w- c:\program files\Pinnacle
2009-10-04 18:49 . 2009-04-23 12:16 -------- d-----w- c:\program files\Boris FX, Inc
2009-10-04 12:49 . 2009-07-03 14:13 -------- d-----w- c:\program files\Deskshare
2009-10-04 11:28 . 2009-05-22 20:15 -------- d-----w- c:\program files\DScaler
2009-10-02 14:00 . 2009-06-09 21:32 -------- d-----w- c:\program files\Zoner
2009-10-02 13:59 . 2009-05-11 10:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-01 11:16 . 2009-03-13 12:56 -------- d-----w- c:\program files\The KMPlayer
2009-10-01 08:56 . 2009-06-28 16:34 -------- d-----w- c:\users\jaris\AppData\Roaming\Nokia
2009-09-25 08:43 . 2009-08-18 10:38 -------- d-----w- c:\program files\rajce
2009-09-24 12:07 . 2009-09-24 12:07 -------- d-----w- c:\program files\Sjboy Emulator
2009-09-23 03:53 . 2009-05-18 10:19 -------- d-----w- c:\program files\Google
2009-09-22 13:28 . 2009-06-28 16:34 -------- d-----w- c:\users\jaris\AppData\Roaming\PC Suite
2009-09-22 12:15 . 2009-07-06 15:40 -------- d-----w- c:\users\jaris\AppData\Roaming\Image Zone Express
2009-09-22 11:59 . 2009-09-22 11:59 -------- d-----w- c:\program files\Secunia
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Common Files\Real
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Real
2009-09-14 14:44 . 2009-06-28 16:27 -------- d-----w- c:\program files\DIFX
2009-09-14 14:43 . 2009-09-14 14:43 -------- d-----w- c:\program files\Common Files\PCSuite
2009-09-14 14:42 . 2009-06-28 16:21 -------- d-----w- c:\programdata\Installations
2009-09-14 09:29 . 2009-10-14 07:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-12 07:26 . 2009-09-12 07:25 -------- d-----w- c:\users\jaris\AppData\Roaming\JonDo
2009-09-12 06:48 . 2009-03-11 17:53 -------- d-----w- c:\program files\Opera
2009-09-12 06:09 . 2009-09-12 06:09 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-12 06:08 . 2009-09-12 06:07 -------- d-----w- c:\program files\Safari
2009-09-12 06:05 . 2009-09-12 06:04 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-12 06:04 . 2009-09-12 06:04 -------- d-----w- c:\program files\Bonjour
2009-09-12 06:03 . 2009-04-24 09:18 -------- d-----w- c:\program files\QuickTime
2009-09-10 06:23 . 2009-04-10 11:52 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 11:41 . 2009-10-14 07:29 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 15:07 . 2009-07-06 15:40 -------- d-----w- c:\users\jaris\AppData\Roaming\Printer Info Cache
2009-09-02 11:39 . 2009-09-02 11:39 -------- d-----w- c:\program files\CCleaner
2009-08-29 00:27 . 2009-09-02 05:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 05:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-14 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-14 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 05:17 . 2009-10-14 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 03:42 . 2009-10-14 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 16:27 . 2009-09-10 06:20 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 06:19 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 06:19 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 06:19 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 06:19 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 06:19 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 06:19 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 06:19 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 06:19 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 06:19 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 06:20 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-07-31 13:23 . 2009-06-25 12:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2001-09-28 16:00 . 2009-06-19 23:19 243200 ----a-w- c:\program files\UNWISE.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Jing"="c:\program files\TechSmith\Jing\Jing.exe" [2009-05-25 2893064]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-11-12 243072]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]

c:\users\Kreźmerov \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update ESET's licence.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's licence.lnk
backup=c:\windows\pss\Update ESET's licence.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a0,d6,55,00,7c,fa,c9,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6.2.2009 13:23 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17.10.2009 0:50 269648]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [17.10.2009 0:50 19160]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\System32\drivers\Ph3xIB32.sys [3.4.2007 10:43 1131136]
R3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S2 gupdate1c9e9c6e1469ee0;Google Update Service (gupdate1c9e9c6e1469ee0);c:\program files\Google\Update\GoogleUpdate.exe [10.6.2009 13:27 133104]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30.3.2009 15:28 1533808]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\System32\drivers\3xHybrid.sys [22.11.2006 8:53 1121536]
S3 FlyPCI;FlyPCI;c:\windows\System32\drivers\FlyPCI.sys [19.6.2009 8:56 4134]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 13:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 13:48 8320]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]

2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]

2009-10-27 c:\windows\Tasks\Malwarebytes' Scheduled Update for jaris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-10-16 12:53]

2009-10-28 c:\windows\Tasks\User_Feed_Synchronization-{F601E435-7F1B-4885-ADA7-F72CB8713B0C}.job
- c:\windows\system32\msfeedssync.exe [2009-10-14 03:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: &Stáhnout všechny FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\jaris\AppData\Roaming\Mozilla\Firefox\Profiles\3un2dknd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://mystart.magentic.com/?loc=FF_Mag ... ar&search=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-WEBTRAN - (no file)
AddRemove-Visage - c:\windows\maUninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-28 11:12
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2009-10-28 11:13
ComboFix-quarantined-files.txt 2009-10-28 10:13
ComboFix2.txt 2009-07-29 09:41

Před spuštěním: Volných bajtů: 68 963 368 960
Po spuštění: Volných bajtů: 68 904 714 240

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,5
- - End Of File - - 3398C50E7EE8A13FE149C0464B19D198

[jaro3]

Máš správně nainstalované ovladače k síť. kartě?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\REGBK00.ZIP
c:\windows\system32\mlfcache.dat

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[jarda.otta]

ComboFix 09-10-27.08 - jaris 28.10.2009 21:41.3.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.845 [GMT 1:00]
Spuštěný z: c:\users\jaris\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jaris\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 4.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

FILE ::
"c:\windows\REGBK00.ZIP"
"c:\windows\system32\mlfcache.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\REGBK00.ZIP
c:\windows\system32\mlfcache.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-28 do 2009-10-28 )))))))))))))))))))))))))))))))
.

2009-10-28 20:50 . 2009-10-28 20:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-28 20:50 . 2009-10-28 20:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-10-28 20:50 . 2009-10-28 20:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-28 20:50 . 2009-10-28 20:50 -------- d-----w- c:\users\beatles\AppData\Local\temp
2009-10-27 14:12 . 2009-10-27 14:12 -------- d-----w- C:\_OTM
2009-10-27 13:47 . 2009-06-10 06:42 389632 ----a-w- C:\OTM.exe
2009-10-27 01:06 . 2009-10-27 01:06 -------- d---a-w- c:\windows\rundll16.exe
2009-10-27 01:06 . 2009-10-27 01:06 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-10-27 00:52 . 2009-10-22 15:49 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-10-27 00:52 . 2009-10-22 15:49 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-10-22 15:49 . 2009-10-27 00:52 -------- d-----w- c:\programdata\Kaspersky SDK
2009-10-22 15:48 . 2009-10-22 15:48 -------- d-----w- c:\programdata\MicroWorld
2009-10-21 05:43 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-21 05:43 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-21 05:43 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-21 05:43 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-21 05:42 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-10-21 05:42 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-10-21 05:42 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-10-21 05:42 . 2009-08-06 17:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-21 05:42 . 2009-08-06 16:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-20 11:53 . 2009-10-20 11:53 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-10-20 11:53 . 1999-03-23 07:12 299520 ----a-w- c:\windows\uninst.exe
2009-10-20 11:53 . 2009-10-20 15:12 -------- d-----w- c:\program files\MPresent
2009-10-19 10:23 . 2009-10-19 10:26 -------- d-----w- c:\users\beatles\BEATLES
2009-10-19 10:23 . 1995-12-04 02:00 3699840 ----a-r- c:\users\beatles\BEATLES.EXE
2009-10-19 10:23 . 2009-10-28 10:14 -------- d-----w- c:\users\beatles
2009-10-18 11:17 . 2009-10-18 11:19 -------- d-----w- c:\program files\IrfanView
2009-10-17 14:42 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-10-17 14:42 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-10-17 14:42 . 2002-12-10 01:20 102439 ----a-w- c:\windows\system32\sipr3260.dll
2009-10-17 14:42 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-10-17 14:42 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-10-17 14:42 . 2006-05-20 15:16 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2009-10-17 14:42 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-10-16 23:50 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-16 23:50 . 2009-10-16 23:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-16 23:50 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-14 07:28 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 07:28 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 07:28 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 07:24 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-13 23:59 . 2009-10-13 23:59 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-10-13 12:38 . 2009-10-13 12:47 -------- d-----w- c:\users\jaris\AppData\Roaming\PhotoFiltre Studio X
2009-10-13 12:38 . 2009-10-13 12:50 -------- d-----w- c:\program files\PhotoFiltre Studio X
2009-10-09 12:49 . 2009-10-09 12:49 -------- d-----w- c:\program files\Microsoft LifeCam
2009-10-09 12:47 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-10-09 12:46 . 2009-10-09 13:02 -------- d-----w- C:\e6d8ba1011bf91d78f5a0af379c3af
2009-10-08 08:32 . 2009-10-08 09:49 -------- d-----w- c:\program files\LingvoSoft
2009-10-07 12:56 . 2009-10-07 12:56 -------- d-----w- c:\program files\7-Zip
2009-10-05 19:53 . 2009-10-05 19:53 -------- d-----w- c:\program files\Media Art
2009-10-05 12:50 . 2009-10-08 09:22 -------- d-----w- c:\users\jaris\AppData\Roaming\Ectaco
2009-10-01 11:48 . 2009-10-01 11:48 -------- d-----w- c:\program files\ConvertHelper
2009-10-01 09:00 . 2009-10-01 09:00 -------- d-----w- c:\users\jaris\AppData\Local\IsolatedStorage
2009-10-01 08:04 . 2009-10-01 08:04 -------- d-----w- c:\users\jaris\AppData\Local\Nokia
2009-10-01 08:04 . 2009-10-01 08:04 -------- d-----w- c:\programdata\NokiaMusic

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-28 20:50 . 2009-03-11 18:02 -------- d-----w- c:\users\jaris\AppData\Roaming\Skype
2009-10-27 17:09 . 2007-01-08 21:09 601854 ----a-w- c:\windows\system32\perfh005.dat
2009-10-27 17:09 . 2007-01-08 21:09 115998 ----a-w- c:\windows\system32\perfc005.dat
2009-10-27 07:50 . 2009-05-11 11:46 -------- d-----w- c:\program files\PowerISO
2009-10-25 22:36 . 2009-03-12 13:09 -------- d-----w- c:\users\jaris\AppData\Roaming\uTorrent
2009-10-22 15:16 . 2009-09-03 06:53 -------- d-----w- c:\program files\trend micro
2009-10-22 15:09 . 2009-09-12 06:05 -------- d-----w- c:\users\jaris\AppData\Roaming\Apple Computer
2009-10-21 05:42 . 2009-06-25 12:45 -------- d-----w- c:\program files\Java
2009-10-20 08:23 . 2009-03-13 08:42 -------- d-----w- c:\users\jaris\AppData\Roaming\Vso
2009-10-19 06:32 . 2009-06-28 16:27 -------- d-----w- c:\program files\Common Files\Nokia
2009-10-19 06:32 . 2009-06-28 16:22 -------- d-----w- c:\program files\Nokia
2009-10-18 10:38 . 2009-03-11 18:02 -------- d-----r- c:\program files\Skype
2009-10-17 23:14 . 2009-07-25 13:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-10-17 23:05 . 2009-07-25 13:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-17 22:00 . 2009-05-11 10:40 -------- d-----w- c:\program files\Caricature Software
2009-10-17 14:42 . 2009-04-15 20:54 47360 ----a-w- c:\users\jaris\AppData\Roaming\pcouffin.sys
2009-10-17 14:42 . 2009-04-15 20:53 -------- d-----w- c:\program files\VSO
2009-10-17 07:38 . 2009-09-12 05:57 -------- d-----w- c:\program files\Common Files\Apple
2009-10-17 07:38 . 2009-04-24 09:21 -------- d-----w- c:\programdata\Apple Computer
2009-10-15 23:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-15 08:56 . 2009-03-11 21:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-14 11:29 . 2009-09-06 08:15 -------- d-----w- c:\users\jaris\AppData\Roaming\dvdcss
2009-10-14 07:39 . 2009-03-12 08:58 -------- d-----w- c:\programdata\Microsoft Help
2009-10-09 12:09 . 2009-03-11 21:37 -------- d-----w- c:\program files\ArcSoft
2009-10-08 07:37 . 2009-03-11 16:22 463624 ----a-w- c:\users\jaris\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-05 13:49 . 2009-03-31 10:31 -------- d-----w- c:\program files\ESET
2009-10-04 20:35 . 2009-03-13 13:14 -------- d-----w- c:\program files\Pinnacle
2009-10-04 18:49 . 2009-04-23 12:16 -------- d-----w- c:\program files\Boris FX, Inc
2009-10-04 12:49 . 2009-07-03 14:13 -------- d-----w- c:\program files\Deskshare
2009-10-04 11:28 . 2009-05-22 20:15 -------- d-----w- c:\program files\DScaler
2009-10-02 14:00 . 2009-06-09 21:32 -------- d-----w- c:\program files\Zoner
2009-10-02 13:59 . 2009-05-11 10:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-01 11:16 . 2009-03-13 12:56 -------- d-----w- c:\program files\The KMPlayer
2009-10-01 08:56 . 2009-06-28 16:34 -------- d-----w- c:\users\jaris\AppData\Roaming\Nokia
2009-09-25 08:43 . 2009-08-18 10:38 -------- d-----w- c:\program files\rajce
2009-09-24 12:07 . 2009-09-24 12:07 -------- d-----w- c:\program files\Sjboy Emulator
2009-09-23 03:53 . 2009-05-18 10:19 -------- d-----w- c:\program files\Google
2009-09-22 13:28 . 2009-06-28 16:34 -------- d-----w- c:\users\jaris\AppData\Roaming\PC Suite
2009-09-22 12:15 . 2009-07-06 15:40 -------- d-----w- c:\users\jaris\AppData\Roaming\Image Zone Express
2009-09-22 11:59 . 2009-09-22 11:59 -------- d-----w- c:\program files\Secunia
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Common Files\xing shared
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Common Files\Real
2009-09-18 07:58 . 2009-09-18 07:58 -------- d-----w- c:\program files\Real
2009-09-14 14:44 . 2009-06-28 16:27 -------- d-----w- c:\program files\DIFX
2009-09-14 14:43 . 2009-09-14 14:43 -------- d-----w- c:\program files\Common Files\PCSuite
2009-09-14 14:42 . 2009-06-28 16:21 -------- d-----w- c:\programdata\Installations
2009-09-14 09:29 . 2009-10-14 07:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-09-12 07:26 . 2009-09-12 07:25 -------- d-----w- c:\users\jaris\AppData\Roaming\JonDo
2009-09-12 06:48 . 2009-03-11 17:53 -------- d-----w- c:\program files\Opera
2009-09-12 06:09 . 2009-09-12 06:09 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-12 06:08 . 2009-09-12 06:07 -------- d-----w- c:\program files\Safari
2009-09-12 06:05 . 2009-09-12 06:04 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-12 06:04 . 2009-09-12 06:04 -------- d-----w- c:\program files\Bonjour
2009-09-12 06:03 . 2009-04-24 09:18 -------- d-----w- c:\program files\QuickTime
2009-09-10 06:23 . 2009-04-10 11:52 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 11:41 . 2009-10-14 07:29 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 15:07 . 2009-07-06 15:40 -------- d-----w- c:\users\jaris\AppData\Roaming\Printer Info Cache
2009-09-02 11:39 . 2009-09-02 11:39 -------- d-----w- c:\program files\CCleaner
2009-08-29 00:27 . 2009-09-02 05:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 05:23 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-14 07:29 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-14 07:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 05:17 . 2009-10-14 07:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 03:42 . 2009-10-14 07:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 16:27 . 2009-09-10 06:20 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 06:19 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 06:19 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 06:19 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 06:19 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 06:19 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 06:19 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 06:19 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 06:19 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 06:19 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 06:20 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-07-31 13:23 . 2009-06-25 12:46 411368 ----a-w- c:\windows\system32\deploytk.dll
2001-09-28 16:00 . 2009-06-19 23:19 243200 ----a-w- c:\program files\UNWISE.EXE
.

((((((((((((((((((((((((((((( SnapShot@2009-10-28_10.12.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-10-28 11:55 . 2009-10-01 11:55 92160 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22933_none_8444da075fea9e51\iecompat.dll
+ 2009-10-28 11:55 . 2009-10-01 03:59 92160 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18842_none_83af6d0646d60121\iecompat.dll
+ 2006-11-02 13:02 . 2009-10-28 11:56 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2006-11-02 13:02 . 2009-10-27 14:53 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2006-11-02 13:02 . 2009-10-28 11:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2006-11-02 13:02 . 2009-10-27 14:53 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2006-11-02 13:02 . 2009-10-28 11:56 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2006-11-02 13:02 . 2009-10-27 14:53 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-10-28 11:56 . 2009-09-10 15:10 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\spwmp.dll
+ 2009-10-28 11:56 . 2009-09-10 15:10 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\dxmasf.dll
+ 2009-08-13 06:50 . 2009-07-15 12:39 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\spwmp.dll
+ 2009-08-13 06:50 . 2009-07-15 12:39 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\dxmasf.dll
+ 2009-10-28 11:56 . 2009-09-10 20:45 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\spwmp.dll
+ 2009-10-28 11:56 . 2009-09-10 20:45 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\dxmasf.dll
+ 2009-08-13 06:50 . 2009-07-14 12:58 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\spwmp.dll
+ 2009-08-13 06:50 . 2009-07-14 12:59 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\dxmasf.dll
+ 2009-10-28 11:56 . 2009-09-10 17:30 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\spwmp.dll
+ 2009-10-28 11:56 . 2009-09-10 17:31 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\dxmasf.dll
+ 2009-10-28 11:56 . 2009-09-10 17:39 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\spwmp.dll
+ 2009-10-28 11:56 . 2009-09-10 17:40 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\dxmasf.dll
+ 2009-10-28 11:56 . 2009-09-10 15:10 310784 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6002.22223_none_b05140d2ecdc475e\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 14:58 310784 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6002.18111_none_afd0735fd3b858f5\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 15:23 310784 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.22520_none_ae67ce0cefb8a635\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 15:21 310784 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18330_none_add35f6fd6a32535\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 15:14 311296 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6000.21125_none_ac866714f28dca12\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 15:29 311296 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6000.16926_none_abfdf271d96f105d\unregmp2.exe
+ 2009-10-28 11:56 . 2009-09-10 15:10 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 15:10 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\wmplayer.exe
+ 2009-10-28 11:56 . 2009-09-10 15:10 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\wmpconfig.exe
+ 2009-08-13 06:50 . 2009-07-15 12:39 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 14:58 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\wmplayer.exe
+ 2009-08-13 06:50 . 2009-07-15 12:39 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\wmpconfig.exe
+ 2009-10-28 11:56 . 2009-09-10 15:23 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 15:23 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\wmplayer.exe
+ 2009-10-28 11:56 . 2009-09-10 15:23 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\wmpconfig.exe
+ 2009-08-13 06:50 . 2009-07-14 10:58 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 15:21 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\wmplayer.exe
+ 2009-08-13 06:50 . 2009-07-14 10:59 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\wmpconfig.exe
+ 2009-10-28 11:56 . 2009-09-10 15:14 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 15:14 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\wmplayer.exe
+ 2009-10-28 11:56 . 2009-09-10 15:14 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\wmpconfig.exe
+ 2009-10-28 11:56 . 2009-09-10 15:29 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\wmpshare.exe
+ 2009-10-28 11:56 . 2009-09-10 15:29 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\wmplayer.exe
+ 2009-10-28 11:56 . 2009-09-10 15:29 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\wmpconfig.exe
+ 2009-10-28 11:56 . 2009-09-10 15:10 1418752 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6002.22223_none_b05140d2ecdc475e\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 14:58 1418752 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6002.18111_none_afd0735fd3b858f5\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 15:23 1418752 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.22520_none_ae67ce0cefb8a635\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 15:21 1418752 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6001.18330_none_add35f6fd6a32535\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 15:14 1418240 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6000.21125_none_ac866714f28dca12\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 15:29 1418240 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.0.6000.16926_none_abfdf271d96f105d\setup_wm.exe
+ 2009-10-28 11:56 . 2009-09-10 15:11 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\wmploc.DLL
+ 2009-10-28 11:56 . 2009-09-10 14:59 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\wmploc.DLL
+ 2009-10-28 11:56 . 2009-09-10 15:24 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\wmploc.DLL
+ 2009-10-28 11:56 . 2009-09-10 15:21 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\wmploc.DLL
+ 2009-10-28 11:56 . 2009-09-10 15:14 8147968 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\wmploc.DLL
+ 2009-10-28 11:56 . 2009-09-10 15:29 8147968 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\wmploc.DLL
- 2006-11-02 10:22 . 2009-10-22 14:44 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2006-11-02 10:22 . 2009-10-28 11:53 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-10-28 20:38 . 2009-10-28 20:38 6410240 c:\windows\ERDNT\Hiv-backup\schema.dat
+ 2009-10-28 11:56 . 2009-09-10 17:10 10627584 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.22223_none_0dc73a70656b2706\wmp.dll
+ 2009-10-28 11:56 . 2009-09-10 16:49 10627584 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6002.18111_none_0d466cfd4c47389d\wmp.dll
+ 2009-10-28 11:56 . 2009-09-10 20:46 10627584 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22520_none_0bddc7aa684785dd\wmp.dll
+ 2009-10-28 11:56 . 2009-09-10 17:33 10626048 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18330_none_0b49590d4f3204dd\wmp.dll
+ 2009-10-28 11:56 . 2009-09-10 17:31 10622464 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.21125_none_09fc60b26b1ca9ba\wmp.dll
+ 2009-10-28 11:56 . 2009-09-10 17:40 10622464 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16926_none_0973ec0f51fdf005\wmp.dll
+ 2009-05-05 19:51 . 2009-10-28 11:54 150175554 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Jing"="c:\program files\TechSmith\Jing\Jing.exe" [2009-05-25 2893064]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-11-12 243072]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-31 149280]

c:\users\Kreźmerov \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update ESET's licence.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Update ESET's licence.lnk
backup=c:\windows\pss\Update ESET's licence.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):a0,d6,55,00,7c,fa,c9,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6.2.2009 13:23 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 14:23 727720]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17.10.2009 0:50 269648]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [17.10.2009 0:50 19160]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\System32\drivers\Ph3xIB32.sys [3.4.2007 10:43 1131136]
R3 PSI;PSI;c:\windows\System32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S2 gupdate1c9e9c6e1469ee0;Google Update Service (gupdate1c9e9c6e1469ee0);c:\program files\Google\Update\GoogleUpdate.exe [10.6.2009 13:27 133104]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30.3.2009 15:28 1533808]
S3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\System32\drivers\3xHybrid.sys [22.11.2006 8:53 1121536]
S3 FlyPCI;FlyPCI;c:\windows\System32\drivers\FlyPCI.sys [19.6.2009 8:56 4134]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\System32\drivers\nmwcdnsu.sys [19.3.2009 13:48 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\System32\drivers\nmwcdnsuc.sys [19.3.2009 13:48 8320]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - KGLCYPOD
*NewlyCreated* - MBR
*Deregistered* - kglcypod
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'

2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]

2009-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 12:27]

2009-10-28 c:\windows\Tasks\Malwarebytes' Scheduled Update for jaris.job
- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-10-16 12:53]

2009-10-28 c:\windows\Tasks\User_Feed_Synchronization-{F601E435-7F1B-4885-ADA7-F72CB8713B0C}.job
- c:\windows\system32\msfeedssync.exe [2009-10-14 03:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: &Stáhnout všechny FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\jaris\AppData\Roaming\Mozilla\Firefox\Profiles\3un2dknd.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://mystart.magentic.com/?loc=FF_Mag ... ar&search=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-28 21:50
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\users\jaris\AppData\Local\Temp\catchme.dll 53248 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
Celkový čas: 2009-10-28 21:52
ComboFix-quarantined-files.txt 2009-10-28 20:52
ComboFix2.txt 2009-10-28 10:14
ComboFix3.txt 2009-07-29 09:41

Před spuštěním: Volných bajtů: 68 715 642 880
Po spuštění: Volných bajtů: 68 683 202 560

Current=1 Default=1 Failed=0 LastKnownGood=1 Sets=1,2,3,5

[jaro3]

Nemůžeš stejný problém řešit na dvou fórech....
Dořeš to na viry.cz, tohle nemá žádnou cenu..
Tady dávám lock...

[jarda.otta]

OMLOUVÁM SE. JEN SE MĚ DLOUHO NEOZÍVAL TAK JSEM TO ZKUSIL ZDE.PŘERUŠÍM TO TAK.JEŠTĚ JEDNOU SE OMLOUVÁM,