pomoc - malware Ultimate Defender
Moderátoři: Mods_senior, Security team
Pravidla fóra
Návod na použití programu HijackThis || Návod na vyčištění počítače CCleanerem || FAQ: Antiviry
Návod na použití programu HijackThis || Návod na vyčištění počítače CCleanerem || FAQ: Antiviry
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: 02 led 2008 11:53
pomoc - malware Ultimate Defender
Ahoj, mam v systemu malware Ultimate Defender. Bohuzel se mi ho nepodarilo odstranit. Mohl by mi nekdo poradit, jak na nej? Predem dekuji
Myslím, že budeš stopovat proces app.exe. Ale radši počkáme na log HJT.
http://64.246.4.148/directory/files/app.exe/
http://64.246.4.148/directory/files/app.exe/
HP COMPAQ 6720s/ C2D T2410/ 15.4" WXGA BV/ 2GB/ 160GB 5.4k/ DVD±RW/ WF/ BT/ VIS HB
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: 02 led 2008 11:53
ahoj, dnes odpoledne se mi podarilo malware odstranit pomoci COMBOFIX...
tak tady se schovaval:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\zgbqdczk
C:\Program Files\zgbqdczk\xmpefsxq.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\PerfInfo
C:\WINDOWS\system32\acmqqkwc.dll
C:\WINDOWS\system32\acqrliaj.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\cwkqqmca.ini
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\gmhqdxru.dll
C:\WINDOWS\system32\gtrrayxe.dll
C:\WINDOWS\system32\jailrqca.ini
C:\WINDOWS\system32\jfysbqjp.dll
C:\WINDOWS\system32\jijtvsbo.ini
C:\WINDOWS\system32\jtpijgmd.dll
C:\WINDOWS\system32\jwginjto.ini
C:\WINDOWS\system32\ligcpxlt.dll
C:\WINDOWS\system32\ndaTqsVqrX.dll
C:\WINDOWS\system32\njprckha
C:\WINDOWS\system32\njprckha\bg1.gif
C:\WINDOWS\system32\njprckha\bgtop.gif
C:\WINDOWS\system32\njprckha\bottom1.gif
C:\WINDOWS\system32\njprckha\essentials.gif
C:\WINDOWS\system32\njprckha\icon1.ico
C:\WINDOWS\system32\njprckha\install1.gif
C:\WINDOWS\system32\njprckha\left1.gif
C:\WINDOWS\system32\njprckha\li.gif
C:\WINDOWS\system32\njprckha\logo.gif
C:\WINDOWS\system32\njprckha\main.htm
C:\WINDOWS\system32\njprckha\mainframe.htm
C:\WINDOWS\system32\njprckha\reinstall1.gif
C:\WINDOWS\system32\njprckha\right1.gif
C:\WINDOWS\system32\njprckha\s1.htm
C:\WINDOWS\system32\njprckha\s2.htm
C:\WINDOWS\system32\njprckha\s3.htm
C:\WINDOWS\system32\njprckha\SMTop1.gif
C:\WINDOWS\system32\njprckha\SMTop2.gif
C:\WINDOWS\system32\njprckha\SMTop3.gif
C:\WINDOWS\system32\njprckha\SMTop4.gif
C:\WINDOWS\system32\njprckha\soft1_off.gif
C:\WINDOWS\system32\njprckha\soft1_off_ext.gif
C:\WINDOWS\system32\njprckha\soft1_on.gif
C:\WINDOWS\system32\njprckha\soft1_on_ext.gif
C:\WINDOWS\system32\njprckha\soft2_off.gif
C:\WINDOWS\system32\njprckha\soft2_off_ext.gif
C:\WINDOWS\system32\njprckha\soft2_on.gif
C:\WINDOWS\system32\njprckha\soft2_on_ext.gif
C:\WINDOWS\system32\njprckha\soft3_off.gif
C:\WINDOWS\system32\njprckha\soft3_off_ext.gif
C:\WINDOWS\system32\njprckha\soft3_on.gif
C:\WINDOWS\system32\njprckha\soft3_on_ext.gif
C:\WINDOWS\system32\njprckha\softbottom_off.gif
C:\WINDOWS\system32\njprckha\softbottom_on.gif
C:\WINDOWS\system32\njprckha\softleft_off.gif
C:\WINDOWS\system32\njprckha\softleft_on.gif
C:\WINDOWS\system32\njprckha\top1.gif
C:\WINDOWS\system32\njprckha\top2.gif
C:\WINDOWS\system32\njprckha\turnoff1.gif
C:\WINDOWS\system32\njprckha\turnon1.gif
C:\WINDOWS\system32\nnnllkk.dll
C:\WINDOWS\system32\obsvtjij.dll
C:\WINDOWS\system32\pjeobjow.dll
C:\WINDOWS\system32\qlfwpxwy.dll
C:\WINDOWS\system32\stvwa.ini
C:\WINDOWS\system32\stvwa.ini2
C:\WINDOWS\system32\winexz32.dll
... diky moc za nabidnutou pomoc :)
Po tydnu boje s malwarem jsem si myslela, ze ho snad z pocitace nedostanu ... spyhunter ci spybot search&destroy ho sice nasly, ale nedokazaly ho uplne odstranit.
Jeste jednou diky :)
tak tady se schovaval:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\zgbqdczk
C:\Program Files\zgbqdczk\xmpefsxq.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\PerfInfo
C:\WINDOWS\system32\acmqqkwc.dll
C:\WINDOWS\system32\acqrliaj.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\cwkqqmca.ini
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\gmhqdxru.dll
C:\WINDOWS\system32\gtrrayxe.dll
C:\WINDOWS\system32\jailrqca.ini
C:\WINDOWS\system32\jfysbqjp.dll
C:\WINDOWS\system32\jijtvsbo.ini
C:\WINDOWS\system32\jtpijgmd.dll
C:\WINDOWS\system32\jwginjto.ini
C:\WINDOWS\system32\ligcpxlt.dll
C:\WINDOWS\system32\ndaTqsVqrX.dll
C:\WINDOWS\system32\njprckha
C:\WINDOWS\system32\njprckha\bg1.gif
C:\WINDOWS\system32\njprckha\bgtop.gif
C:\WINDOWS\system32\njprckha\bottom1.gif
C:\WINDOWS\system32\njprckha\essentials.gif
C:\WINDOWS\system32\njprckha\icon1.ico
C:\WINDOWS\system32\njprckha\install1.gif
C:\WINDOWS\system32\njprckha\left1.gif
C:\WINDOWS\system32\njprckha\li.gif
C:\WINDOWS\system32\njprckha\logo.gif
C:\WINDOWS\system32\njprckha\main.htm
C:\WINDOWS\system32\njprckha\mainframe.htm
C:\WINDOWS\system32\njprckha\reinstall1.gif
C:\WINDOWS\system32\njprckha\right1.gif
C:\WINDOWS\system32\njprckha\s1.htm
C:\WINDOWS\system32\njprckha\s2.htm
C:\WINDOWS\system32\njprckha\s3.htm
C:\WINDOWS\system32\njprckha\SMTop1.gif
C:\WINDOWS\system32\njprckha\SMTop2.gif
C:\WINDOWS\system32\njprckha\SMTop3.gif
C:\WINDOWS\system32\njprckha\SMTop4.gif
C:\WINDOWS\system32\njprckha\soft1_off.gif
C:\WINDOWS\system32\njprckha\soft1_off_ext.gif
C:\WINDOWS\system32\njprckha\soft1_on.gif
C:\WINDOWS\system32\njprckha\soft1_on_ext.gif
C:\WINDOWS\system32\njprckha\soft2_off.gif
C:\WINDOWS\system32\njprckha\soft2_off_ext.gif
C:\WINDOWS\system32\njprckha\soft2_on.gif
C:\WINDOWS\system32\njprckha\soft2_on_ext.gif
C:\WINDOWS\system32\njprckha\soft3_off.gif
C:\WINDOWS\system32\njprckha\soft3_off_ext.gif
C:\WINDOWS\system32\njprckha\soft3_on.gif
C:\WINDOWS\system32\njprckha\soft3_on_ext.gif
C:\WINDOWS\system32\njprckha\softbottom_off.gif
C:\WINDOWS\system32\njprckha\softbottom_on.gif
C:\WINDOWS\system32\njprckha\softleft_off.gif
C:\WINDOWS\system32\njprckha\softleft_on.gif
C:\WINDOWS\system32\njprckha\top1.gif
C:\WINDOWS\system32\njprckha\top2.gif
C:\WINDOWS\system32\njprckha\turnoff1.gif
C:\WINDOWS\system32\njprckha\turnon1.gif
C:\WINDOWS\system32\nnnllkk.dll
C:\WINDOWS\system32\obsvtjij.dll
C:\WINDOWS\system32\pjeobjow.dll
C:\WINDOWS\system32\qlfwpxwy.dll
C:\WINDOWS\system32\stvwa.ini
C:\WINDOWS\system32\stvwa.ini2
C:\WINDOWS\system32\winexz32.dll
... diky moc za nabidnutou pomoc :)
Po tydnu boje s malwarem jsem si myslela, ze ho snad z pocitace nedostanu ... spyhunter ci spybot search&destroy ho sice nasly, ale nedokazaly ho uplne odstranit.
Jeste jednou diky :)
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: 02 led 2008 11:53
ahoj,
posilam log ... diky :)
ComboFix 07-12-31.4 - jana 2008-01-04 13:26:17.2 - NTFSx86
Running from: C:\malo_pouzivane\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-02 12:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 11:18 . 2008-01-02 11:18 <DIR> d-------- C:\Program Files\Jvjswclt
2008-01-01 20:29 . 2008-01-01 20:29 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-01 20:24 . 2008-01-01 20:26 <DIR> d-------- C:\Program Files\Crawler
2008-01-01 20:24 . 2008-01-01 23:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-01 20:23 . 2008-01-02 11:00 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-01-01 17:14 . 2008-01-01 17:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-01 17:08 . 2008-01-01 17:08 <DIR> d-------- C:\Program Files\Sdduxcme
2007-12-31 18:15 . 2008-01-01 14:01 2,662 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-31 18:04 . 2007-12-31 18:04 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-31 17:19 . 2008-01-01 17:09 1,031,379 --ahs---- C:\WINDOWS\system32\hsqkmgfu.ini
2007-12-30 13:45 . 2007-12-30 13:45 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-29 15:37 . 2007-12-29 15:57 1,031,148 --ahs---- C:\WINDOWS\system32\okoyxbcj.ini
2007-12-29 15:18 . 2007-12-29 15:18 <DIR> d-------- C:\Program Files\Yamicsoft
2007-12-28 14:31 . 2007-12-28 14:24 1,031,268 --ahs---- C:\WINDOWS\system32\pcovnrjj.ini
2007-12-26 23:22 . 2007-12-26 23:22 <DIR> d-------- C:\Documents and Settings\jana\.idlerc
2007-12-25 22:57 . 2007-12-25 22:56 102,400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys
2007-12-25 22:57 . 2007-12-25 22:56 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
2007-12-25 22:56 . 2007-12-25 22:56 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2007-12-25 22:56 . 2007-12-25 22:56 216,576 --a------ C:\WINDOWS\system32\monln.dll
2007-12-25 21:46 . 2007-12-25 22:32 1,018,631 --ahs---- C:\WINDOWS\system32\uxddlmow.ini
2007-12-25 20:15 . 2007-12-28 12:53 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-12-25 20:08 . 2007-03-23 21:33 229,376 --a------ C:\WINDOWS\CMDLIC.DLL
2007-12-25 20:08 . 2004-08-17 14:49 24,576 --a------ C:\WINDOWS\system32\wsock32.dlb
2007-12-25 20:07 . 2007-12-26 20:42 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\BOC423
2007-12-25 20:07 . 2007-04-19 08:35 240,368 --a------ C:\WINDOWS\UNBOC.EXE
2007-12-25 20:07 . 2008-01-04 10:53 28,512 --a------ C:\WINDOWS\BOC423.INI
2007-12-23 18:53 . 2007-12-25 19:36 474 --ahs---- C:\WINDOWS\system32\mewfxdgs.ini
2007-12-22 23:42 . 2007-12-28 23:36 <DIR> d-------- C:\_j_DVD
2007-12-22 22:46 . 2005-09-03 14:45 45,056 --a------ C:\WINDOWS\system32\Interop.ChilkatZip2Lib.dll
2007-12-22 22:42 . 2007-12-22 22:46 <DIR> d-------- C:\Program Files\EDDICA
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a--c--- C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a--c--- C:\WINDOWS\system32\dllcache\slip.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-22 00:26 . 2007-12-26 22:19 <DIR> d-------- C:\Program Files\Common Files\StarCam
2007-12-22 00:26 . 2006-06-27 13:50 10,148,480 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-12-22 00:26 . 2006-05-12 11:27 831,488 --a------ C:\WINDOWS\vsnpstd3.exe
2007-12-22 00:26 . 2006-06-19 11:43 262,144 --a------ C:\WINDOWS\tsnpstd3.exe
2007-12-22 00:26 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-12-22 00:26 . 2004-11-08 13:41 94,208 --a------ C:\WINDOWS\amcap.exe
2007-12-22 00:26 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-12-22 00:26 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-12-22 00:26 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2007-12-22 00:26 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-18 23:10 . 2007-12-18 23:10 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-12-18 23:10 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2007-12-18 23:10 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-12-18 23:10 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-18 23:10 . 2007-12-07 18:28 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-18 23:10 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2007-12-18 23:10 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2007-12-18 22:46 . 2007-12-25 22:52 320 --ahs---- C:\WINDOWS\system32\jjkmp.ini
2007-12-18 21:17 . 2007-12-18 21:59 286,720 --------- C:\WINDOWS\Setup1.exe
2007-12-18 21:17 . 2007-12-18 21:59 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-12-05 20:13 . 2007-12-26 22:11 <DIR> d-------- C:\Program Files\TotalAudioConverter
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-01 19:14 --------- d-----w C:\Program Files\SpywareBlaster
2007-12-30 11:27 --------- d-----w C:\Program Files\AdunanzA
2007-12-27 11:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Nero
2007-12-25 21:56 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-12-25 21:56 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-12-25 21:56 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2007-12-25 21:56 --------- d-----w C:\Program Files\Comodo
2007-12-25 21:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Comodo
2007-12-25 21:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 21:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-18 22:09 --------- d-----w C:\Program Files\DivX
2007-11-26 21:23 --------- d-----w C:\Program Files\GPLGS
2007-11-26 21:17 --------- d-----w C:\Program Files\Acro Software
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 15:10 --------- d-----w C:\Program Files\ICQ6
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-18 10:06 949376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-05 09:41 8429568]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 19:15 271672]
"VideoraiPodConverter"="C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe" [2005-11-11 19:32 483328]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-21 20:16 1115728]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-06-19 11:43 262144]
"BOC-423"="C:\PROGRA~1\Comodo\CBOClean\BOC423.exe" [2007-04-20 08:28 343280]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-12-25 22:56 110592]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2007-11-30 13:47 847872]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-01 20:27 2776576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 14:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\jana\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
monln.dll 2007-12-25 22:56 216576 C:\WINDOWS\system32\monln.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 --a------ C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
R0 Cavasm;Cavasm;C:\WINDOWS\system32\DRIVERS\cavasm.sys [2007-12-25 22:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-01 20:29]
R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service;"C:\Program Files\Comodo\common\CAVASpy\cavasm.exe" [2007-12-26 20:54]
R3 BOCDRIVE;BOClean Kernel Monitor.;C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15:14]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-07-05 05:33]
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-11-04 17:29]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 18:33:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 13:30:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
Completion time: 2008-01-04 13:31:05
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 12:31:00
.
2007-12-11 21:13:26 --- E O F ---
posilam log ... diky :)
ComboFix 07-12-31.4 - jana 2008-01-04 13:26:17.2 - NTFSx86
Running from: C:\malo_pouzivane\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-02 12:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 11:18 . 2008-01-02 11:18 <DIR> d-------- C:\Program Files\Jvjswclt
2008-01-01 20:29 . 2008-01-01 20:29 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-01 20:24 . 2008-01-01 20:26 <DIR> d-------- C:\Program Files\Crawler
2008-01-01 20:24 . 2008-01-01 23:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-01 20:23 . 2008-01-02 11:00 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-01-01 17:14 . 2008-01-01 17:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-01 17:08 . 2008-01-01 17:08 <DIR> d-------- C:\Program Files\Sdduxcme
2007-12-31 18:15 . 2008-01-01 14:01 2,662 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-31 18:04 . 2007-12-31 18:04 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-31 17:19 . 2008-01-01 17:09 1,031,379 --ahs---- C:\WINDOWS\system32\hsqkmgfu.ini
2007-12-30 13:45 . 2007-12-30 13:45 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-29 15:37 . 2007-12-29 15:57 1,031,148 --ahs---- C:\WINDOWS\system32\okoyxbcj.ini
2007-12-29 15:18 . 2007-12-29 15:18 <DIR> d-------- C:\Program Files\Yamicsoft
2007-12-28 14:31 . 2007-12-28 14:24 1,031,268 --ahs---- C:\WINDOWS\system32\pcovnrjj.ini
2007-12-26 23:22 . 2007-12-26 23:22 <DIR> d-------- C:\Documents and Settings\jana\.idlerc
2007-12-25 22:57 . 2007-12-25 22:56 102,400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys
2007-12-25 22:57 . 2007-12-25 22:56 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
2007-12-25 22:56 . 2007-12-25 22:56 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2007-12-25 22:56 . 2007-12-25 22:56 216,576 --a------ C:\WINDOWS\system32\monln.dll
2007-12-25 21:46 . 2007-12-25 22:32 1,018,631 --ahs---- C:\WINDOWS\system32\uxddlmow.ini
2007-12-25 20:15 . 2007-12-28 12:53 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-12-25 20:08 . 2007-03-23 21:33 229,376 --a------ C:\WINDOWS\CMDLIC.DLL
2007-12-25 20:08 . 2004-08-17 14:49 24,576 --a------ C:\WINDOWS\system32\wsock32.dlb
2007-12-25 20:07 . 2007-12-26 20:42 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\BOC423
2007-12-25 20:07 . 2007-04-19 08:35 240,368 --a------ C:\WINDOWS\UNBOC.EXE
2007-12-25 20:07 . 2008-01-04 10:53 28,512 --a------ C:\WINDOWS\BOC423.INI
2007-12-23 18:53 . 2007-12-25 19:36 474 --ahs---- C:\WINDOWS\system32\mewfxdgs.ini
2007-12-22 23:42 . 2007-12-28 23:36 <DIR> d-------- C:\_j_DVD
2007-12-22 22:46 . 2005-09-03 14:45 45,056 --a------ C:\WINDOWS\system32\Interop.ChilkatZip2Lib.dll
2007-12-22 22:42 . 2007-12-22 22:46 <DIR> d-------- C:\Program Files\EDDICA
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a--c--- C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a--c--- C:\WINDOWS\system32\dllcache\slip.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-22 00:26 . 2007-12-26 22:19 <DIR> d-------- C:\Program Files\Common Files\StarCam
2007-12-22 00:26 . 2006-06-27 13:50 10,148,480 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-12-22 00:26 . 2006-05-12 11:27 831,488 --a------ C:\WINDOWS\vsnpstd3.exe
2007-12-22 00:26 . 2006-06-19 11:43 262,144 --a------ C:\WINDOWS\tsnpstd3.exe
2007-12-22 00:26 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-12-22 00:26 . 2004-11-08 13:41 94,208 --a------ C:\WINDOWS\amcap.exe
2007-12-22 00:26 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-12-22 00:26 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-12-22 00:26 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2007-12-22 00:26 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-18 23:10 . 2007-12-18 23:10 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-12-18 23:10 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2007-12-18 23:10 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-12-18 23:10 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-18 23:10 . 2007-12-07 18:28 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-18 23:10 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2007-12-18 23:10 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2007-12-18 22:46 . 2007-12-25 22:52 320 --ahs---- C:\WINDOWS\system32\jjkmp.ini
2007-12-18 21:17 . 2007-12-18 21:59 286,720 --------- C:\WINDOWS\Setup1.exe
2007-12-18 21:17 . 2007-12-18 21:59 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-12-05 20:13 . 2007-12-26 22:11 <DIR> d-------- C:\Program Files\TotalAudioConverter
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-01 19:14 --------- d-----w C:\Program Files\SpywareBlaster
2007-12-30 11:27 --------- d-----w C:\Program Files\AdunanzA
2007-12-27 11:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Nero
2007-12-25 21:56 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-12-25 21:56 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-12-25 21:56 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2007-12-25 21:56 --------- d-----w C:\Program Files\Comodo
2007-12-25 21:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Comodo
2007-12-25 21:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 21:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-18 22:09 --------- d-----w C:\Program Files\DivX
2007-11-26 21:23 --------- d-----w C:\Program Files\GPLGS
2007-11-26 21:17 --------- d-----w C:\Program Files\Acro Software
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 15:10 --------- d-----w C:\Program Files\ICQ6
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-18 10:06 949376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-05 09:41 8429568]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 19:15 271672]
"VideoraiPodConverter"="C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe" [2005-11-11 19:32 483328]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-21 20:16 1115728]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-06-19 11:43 262144]
"BOC-423"="C:\PROGRA~1\Comodo\CBOClean\BOC423.exe" [2007-04-20 08:28 343280]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-12-25 22:56 110592]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2007-11-30 13:47 847872]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-01 20:27 2776576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 14:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\jana\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
monln.dll 2007-12-25 22:56 216576 C:\WINDOWS\system32\monln.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 --a------ C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
R0 Cavasm;Cavasm;C:\WINDOWS\system32\DRIVERS\cavasm.sys [2007-12-25 22:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-01 20:29]
R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service;"C:\Program Files\Comodo\common\CAVASpy\cavasm.exe" [2007-12-26 20:54]
R3 BOCDRIVE;BOClean Kernel Monitor.;C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15:14]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-07-05 05:33]
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-11-04 17:29]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 18:33:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 13:30:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
Completion time: 2008-01-04 13:31:05
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 12:31:00
.
2007-12-11 21:13:26 --- E O F ---
Tohle nech prosím otestovat na http://www.virustotal.com :
C:\WINDOWS\system32\wsock32.dlb
C:\WINDOWS\BOC423.INI
C:\WINDOWS\system32\lame_acm.xml
C:\WINDOWS\system32\monln.dll
Pak to kdyžtak smažeme ze zbytkem.
C:\WINDOWS\system32\wsock32.dlb
C:\WINDOWS\BOC423.INI
C:\WINDOWS\system32\lame_acm.xml
C:\WINDOWS\system32\monln.dll
Pak to kdyžtak smažeme ze zbytkem.
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: 02 led 2008 11:53
ahoj,
tak jsem to tam proverila a vse je v poradku (viz prilohy) :)
tak jsem to tam proverila a vse je v poradku (viz prilohy) :)
- Přílohy
-
- boc423ini.pdf
- (87.65 KiB) Staženo 32 x
-
- lame_acm-xml.pdf
- (87.68 KiB) Staženo 32 x
-
- monln-dll.pdf
- (87.46 KiB) Staženo 26 x