pomoc - malware Ultimate Defender
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: leden 08
- Pohlaví:
- Stav:
Offline
pomoc - malware Ultimate Defender
Ahoj, mam v systemu malware Ultimate Defender. Bohuzel se mi ho nepodarilo odstranit. Mohl by mi nekdo poradit, jak na nej? Predem dekuji :-)
Myslím, že budeš stopovat proces app.exe. Ale radši počkáme na log HJT.
http://64.246.4.148/directory/files/app.exe/
http://64.246.4.148/directory/files/app.exe/
HP COMPAQ 6720s/ C2D T2410/ 15.4" WXGA BV/ 2GB/ 160GB 5.4k/ DVD±RW/ WF/ BT/ VIS HB
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: leden 08
- Pohlaví:
- Stav:
Offline
ahoj, dnes odpoledne se mi podarilo malware odstranit pomoci COMBOFIX...
tak tady se schovaval:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\zgbqdczk
C:\Program Files\zgbqdczk\xmpefsxq.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\PerfInfo
C:\WINDOWS\system32\acmqqkwc.dll
C:\WINDOWS\system32\acqrliaj.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\cwkqqmca.ini
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\gmhqdxru.dll
C:\WINDOWS\system32\gtrrayxe.dll
C:\WINDOWS\system32\jailrqca.ini
C:\WINDOWS\system32\jfysbqjp.dll
C:\WINDOWS\system32\jijtvsbo.ini
C:\WINDOWS\system32\jtpijgmd.dll
C:\WINDOWS\system32\jwginjto.ini
C:\WINDOWS\system32\ligcpxlt.dll
C:\WINDOWS\system32\ndaTqsVqrX.dll
C:\WINDOWS\system32\njprckha
C:\WINDOWS\system32\njprckha\bg1.gif
C:\WINDOWS\system32\njprckha\bgtop.gif
C:\WINDOWS\system32\njprckha\bottom1.gif
C:\WINDOWS\system32\njprckha\essentials.gif
C:\WINDOWS\system32\njprckha\icon1.ico
C:\WINDOWS\system32\njprckha\install1.gif
C:\WINDOWS\system32\njprckha\left1.gif
C:\WINDOWS\system32\njprckha\li.gif
C:\WINDOWS\system32\njprckha\logo.gif
C:\WINDOWS\system32\njprckha\main.htm
C:\WINDOWS\system32\njprckha\mainframe.htm
C:\WINDOWS\system32\njprckha\reinstall1.gif
C:\WINDOWS\system32\njprckha\right1.gif
C:\WINDOWS\system32\njprckha\s1.htm
C:\WINDOWS\system32\njprckha\s2.htm
C:\WINDOWS\system32\njprckha\s3.htm
C:\WINDOWS\system32\njprckha\SMTop1.gif
C:\WINDOWS\system32\njprckha\SMTop2.gif
C:\WINDOWS\system32\njprckha\SMTop3.gif
C:\WINDOWS\system32\njprckha\SMTop4.gif
C:\WINDOWS\system32\njprckha\soft1_off.gif
C:\WINDOWS\system32\njprckha\soft1_off_ext.gif
C:\WINDOWS\system32\njprckha\soft1_on.gif
C:\WINDOWS\system32\njprckha\soft1_on_ext.gif
C:\WINDOWS\system32\njprckha\soft2_off.gif
C:\WINDOWS\system32\njprckha\soft2_off_ext.gif
C:\WINDOWS\system32\njprckha\soft2_on.gif
C:\WINDOWS\system32\njprckha\soft2_on_ext.gif
C:\WINDOWS\system32\njprckha\soft3_off.gif
C:\WINDOWS\system32\njprckha\soft3_off_ext.gif
C:\WINDOWS\system32\njprckha\soft3_on.gif
C:\WINDOWS\system32\njprckha\soft3_on_ext.gif
C:\WINDOWS\system32\njprckha\softbottom_off.gif
C:\WINDOWS\system32\njprckha\softbottom_on.gif
C:\WINDOWS\system32\njprckha\softleft_off.gif
C:\WINDOWS\system32\njprckha\softleft_on.gif
C:\WINDOWS\system32\njprckha\top1.gif
C:\WINDOWS\system32\njprckha\top2.gif
C:\WINDOWS\system32\njprckha\turnoff1.gif
C:\WINDOWS\system32\njprckha\turnon1.gif
C:\WINDOWS\system32\nnnllkk.dll
C:\WINDOWS\system32\obsvtjij.dll
C:\WINDOWS\system32\pjeobjow.dll
C:\WINDOWS\system32\qlfwpxwy.dll
C:\WINDOWS\system32\stvwa.ini
C:\WINDOWS\system32\stvwa.ini2
C:\WINDOWS\system32\winexz32.dll
... diky moc za nabidnutou pomoc :)
Po tydnu boje s malwarem jsem si myslela, ze ho snad z pocitace nedostanu ... spyhunter ci spybot search&destroy ho sice nasly, ale nedokazaly ho uplne odstranit.
Jeste jednou diky :)
tak tady se schovaval:
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\zgbqdczk
C:\Program Files\zgbqdczk\xmpefsxq.dll
C:\WINDOWS\cookies.ini
C:\WINDOWS\PerfInfo
C:\WINDOWS\system32\acmqqkwc.dll
C:\WINDOWS\system32\acqrliaj.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\cwkqqmca.ini
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\gmhqdxru.dll
C:\WINDOWS\system32\gtrrayxe.dll
C:\WINDOWS\system32\jailrqca.ini
C:\WINDOWS\system32\jfysbqjp.dll
C:\WINDOWS\system32\jijtvsbo.ini
C:\WINDOWS\system32\jtpijgmd.dll
C:\WINDOWS\system32\jwginjto.ini
C:\WINDOWS\system32\ligcpxlt.dll
C:\WINDOWS\system32\ndaTqsVqrX.dll
C:\WINDOWS\system32\njprckha
C:\WINDOWS\system32\njprckha\bg1.gif
C:\WINDOWS\system32\njprckha\bgtop.gif
C:\WINDOWS\system32\njprckha\bottom1.gif
C:\WINDOWS\system32\njprckha\essentials.gif
C:\WINDOWS\system32\njprckha\icon1.ico
C:\WINDOWS\system32\njprckha\install1.gif
C:\WINDOWS\system32\njprckha\left1.gif
C:\WINDOWS\system32\njprckha\li.gif
C:\WINDOWS\system32\njprckha\logo.gif
C:\WINDOWS\system32\njprckha\main.htm
C:\WINDOWS\system32\njprckha\mainframe.htm
C:\WINDOWS\system32\njprckha\reinstall1.gif
C:\WINDOWS\system32\njprckha\right1.gif
C:\WINDOWS\system32\njprckha\s1.htm
C:\WINDOWS\system32\njprckha\s2.htm
C:\WINDOWS\system32\njprckha\s3.htm
C:\WINDOWS\system32\njprckha\SMTop1.gif
C:\WINDOWS\system32\njprckha\SMTop2.gif
C:\WINDOWS\system32\njprckha\SMTop3.gif
C:\WINDOWS\system32\njprckha\SMTop4.gif
C:\WINDOWS\system32\njprckha\soft1_off.gif
C:\WINDOWS\system32\njprckha\soft1_off_ext.gif
C:\WINDOWS\system32\njprckha\soft1_on.gif
C:\WINDOWS\system32\njprckha\soft1_on_ext.gif
C:\WINDOWS\system32\njprckha\soft2_off.gif
C:\WINDOWS\system32\njprckha\soft2_off_ext.gif
C:\WINDOWS\system32\njprckha\soft2_on.gif
C:\WINDOWS\system32\njprckha\soft2_on_ext.gif
C:\WINDOWS\system32\njprckha\soft3_off.gif
C:\WINDOWS\system32\njprckha\soft3_off_ext.gif
C:\WINDOWS\system32\njprckha\soft3_on.gif
C:\WINDOWS\system32\njprckha\soft3_on_ext.gif
C:\WINDOWS\system32\njprckha\softbottom_off.gif
C:\WINDOWS\system32\njprckha\softbottom_on.gif
C:\WINDOWS\system32\njprckha\softleft_off.gif
C:\WINDOWS\system32\njprckha\softleft_on.gif
C:\WINDOWS\system32\njprckha\top1.gif
C:\WINDOWS\system32\njprckha\top2.gif
C:\WINDOWS\system32\njprckha\turnoff1.gif
C:\WINDOWS\system32\njprckha\turnon1.gif
C:\WINDOWS\system32\nnnllkk.dll
C:\WINDOWS\system32\obsvtjij.dll
C:\WINDOWS\system32\pjeobjow.dll
C:\WINDOWS\system32\qlfwpxwy.dll
C:\WINDOWS\system32\stvwa.ini
C:\WINDOWS\system32\stvwa.ini2
C:\WINDOWS\system32\winexz32.dll
... diky moc za nabidnutou pomoc :)
Po tydnu boje s malwarem jsem si myslela, ze ho snad z pocitace nedostanu ... spyhunter ci spybot search&destroy ho sice nasly, ale nedokazaly ho uplne odstranit.
Jeste jednou diky :)
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: leden 08
- Pohlaví:
- Stav:
Offline
ahoj,
posilam log ... diky :)
ComboFix 07-12-31.4 - jana 2008-01-04 13:26:17.2 - NTFSx86
Running from: C:\malo_pouzivane\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-02 12:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 11:18 . 2008-01-02 11:18 <DIR> d-------- C:\Program Files\Jvjswclt
2008-01-01 20:29 . 2008-01-01 20:29 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-01 20:24 . 2008-01-01 20:26 <DIR> d-------- C:\Program Files\Crawler
2008-01-01 20:24 . 2008-01-01 23:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-01 20:23 . 2008-01-02 11:00 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-01-01 17:14 . 2008-01-01 17:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-01 17:08 . 2008-01-01 17:08 <DIR> d-------- C:\Program Files\Sdduxcme
2007-12-31 18:15 . 2008-01-01 14:01 2,662 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-31 18:04 . 2007-12-31 18:04 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-31 17:19 . 2008-01-01 17:09 1,031,379 --ahs---- C:\WINDOWS\system32\hsqkmgfu.ini
2007-12-30 13:45 . 2007-12-30 13:45 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-29 15:37 . 2007-12-29 15:57 1,031,148 --ahs---- C:\WINDOWS\system32\okoyxbcj.ini
2007-12-29 15:18 . 2007-12-29 15:18 <DIR> d-------- C:\Program Files\Yamicsoft
2007-12-28 14:31 . 2007-12-28 14:24 1,031,268 --ahs---- C:\WINDOWS\system32\pcovnrjj.ini
2007-12-26 23:22 . 2007-12-26 23:22 <DIR> d-------- C:\Documents and Settings\jana\.idlerc
2007-12-25 22:57 . 2007-12-25 22:56 102,400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys
2007-12-25 22:57 . 2007-12-25 22:56 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
2007-12-25 22:56 . 2007-12-25 22:56 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2007-12-25 22:56 . 2007-12-25 22:56 216,576 --a------ C:\WINDOWS\system32\monln.dll
2007-12-25 21:46 . 2007-12-25 22:32 1,018,631 --ahs---- C:\WINDOWS\system32\uxddlmow.ini
2007-12-25 20:15 . 2007-12-28 12:53 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-12-25 20:08 . 2007-03-23 21:33 229,376 --a------ C:\WINDOWS\CMDLIC.DLL
2007-12-25 20:08 . 2004-08-17 14:49 24,576 --a------ C:\WINDOWS\system32\wsock32.dlb
2007-12-25 20:07 . 2007-12-26 20:42 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\BOC423
2007-12-25 20:07 . 2007-04-19 08:35 240,368 --a------ C:\WINDOWS\UNBOC.EXE
2007-12-25 20:07 . 2008-01-04 10:53 28,512 --a------ C:\WINDOWS\BOC423.INI
2007-12-23 18:53 . 2007-12-25 19:36 474 --ahs---- C:\WINDOWS\system32\mewfxdgs.ini
2007-12-22 23:42 . 2007-12-28 23:36 <DIR> d-------- C:\_j_DVD
2007-12-22 22:46 . 2005-09-03 14:45 45,056 --a------ C:\WINDOWS\system32\Interop.ChilkatZip2Lib.dll
2007-12-22 22:42 . 2007-12-22 22:46 <DIR> d-------- C:\Program Files\EDDICA
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a--c--- C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a--c--- C:\WINDOWS\system32\dllcache\slip.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-22 00:26 . 2007-12-26 22:19 <DIR> d-------- C:\Program Files\Common Files\StarCam
2007-12-22 00:26 . 2006-06-27 13:50 10,148,480 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-12-22 00:26 . 2006-05-12 11:27 831,488 --a------ C:\WINDOWS\vsnpstd3.exe
2007-12-22 00:26 . 2006-06-19 11:43 262,144 --a------ C:\WINDOWS\tsnpstd3.exe
2007-12-22 00:26 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-12-22 00:26 . 2004-11-08 13:41 94,208 --a------ C:\WINDOWS\amcap.exe
2007-12-22 00:26 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-12-22 00:26 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-12-22 00:26 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2007-12-22 00:26 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-18 23:10 . 2007-12-18 23:10 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-12-18 23:10 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2007-12-18 23:10 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-12-18 23:10 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-18 23:10 . 2007-12-07 18:28 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-18 23:10 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2007-12-18 23:10 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2007-12-18 22:46 . 2007-12-25 22:52 320 --ahs---- C:\WINDOWS\system32\jjkmp.ini
2007-12-18 21:17 . 2007-12-18 21:59 286,720 --------- C:\WINDOWS\Setup1.exe
2007-12-18 21:17 . 2007-12-18 21:59 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-12-05 20:13 . 2007-12-26 22:11 <DIR> d-------- C:\Program Files\TotalAudioConverter
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-01 19:14 --------- d-----w C:\Program Files\SpywareBlaster
2007-12-30 11:27 --------- d-----w C:\Program Files\AdunanzA
2007-12-27 11:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Nero
2007-12-25 21:56 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-12-25 21:56 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-12-25 21:56 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2007-12-25 21:56 --------- d-----w C:\Program Files\Comodo
2007-12-25 21:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Comodo
2007-12-25 21:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 21:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-18 22:09 --------- d-----w C:\Program Files\DivX
2007-11-26 21:23 --------- d-----w C:\Program Files\GPLGS
2007-11-26 21:17 --------- d-----w C:\Program Files\Acro Software
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 15:10 --------- d-----w C:\Program Files\ICQ6
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-18 10:06 949376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-05 09:41 8429568]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 19:15 271672]
"VideoraiPodConverter"="C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe" [2005-11-11 19:32 483328]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-21 20:16 1115728]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-06-19 11:43 262144]
"BOC-423"="C:\PROGRA~1\Comodo\CBOClean\BOC423.exe" [2007-04-20 08:28 343280]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-12-25 22:56 110592]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2007-11-30 13:47 847872]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-01 20:27 2776576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 14:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\jana\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
monln.dll 2007-12-25 22:56 216576 C:\WINDOWS\system32\monln.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 --a------ C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
R0 Cavasm;Cavasm;C:\WINDOWS\system32\DRIVERS\cavasm.sys [2007-12-25 22:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-01 20:29]
R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service;"C:\Program Files\Comodo\common\CAVASpy\cavasm.exe" [2007-12-26 20:54]
R3 BOCDRIVE;BOClean Kernel Monitor.;C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15:14]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-07-05 05:33]
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-11-04 17:29]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 18:33:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 13:30:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
Completion time: 2008-01-04 13:31:05
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 12:31:00
.
2007-12-11 21:13:26 --- E O F ---
posilam log ... diky :)
ComboFix 07-12-31.4 - jana 2008-01-04 13:26:17.2 - NTFSx86
Running from: C:\malo_pouzivane\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-12-04 to 2008-01-04 )))))))))))))))))))))))))))))))
.
2008-01-02 12:36 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-02 11:18 . 2008-01-02 11:18 <DIR> d-------- C:\Program Files\Jvjswclt
2008-01-01 20:29 . 2008-01-01 20:29 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-01-01 20:24 . 2008-01-01 20:26 <DIR> d-------- C:\Program Files\Crawler
2008-01-01 20:24 . 2008-01-01 23:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-01-01 20:23 . 2008-01-02 11:00 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-01 17:16 . 2008-01-01 17:16 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-01-01 17:14 . 2008-01-01 17:14 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-01 17:08 . 2008-01-01 17:08 <DIR> d-------- C:\Program Files\Sdduxcme
2007-12-31 18:15 . 2008-01-01 14:01 2,662 --a------ C:\WINDOWS\system32\tmp.reg
2007-12-31 18:04 . 2007-12-31 18:04 <DIR> d-------- C:\Program Files\Trend Micro
2007-12-31 17:19 . 2008-01-01 17:09 1,031,379 --ahs---- C:\WINDOWS\system32\hsqkmgfu.ini
2007-12-30 13:45 . 2007-12-30 13:45 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-29 15:37 . 2007-12-29 15:57 1,031,148 --ahs---- C:\WINDOWS\system32\okoyxbcj.ini
2007-12-29 15:18 . 2007-12-29 15:18 <DIR> d-------- C:\Program Files\Yamicsoft
2007-12-28 14:31 . 2007-12-28 14:24 1,031,268 --ahs---- C:\WINDOWS\system32\pcovnrjj.ini
2007-12-26 23:22 . 2007-12-26 23:22 <DIR> d-------- C:\Documents and Settings\jana\.idlerc
2007-12-25 22:57 . 2007-12-25 22:56 102,400 --a------ C:\WINDOWS\system32\drivers\cavasm.sys
2007-12-25 22:57 . 2007-12-25 22:56 73,728 --a------ C:\WINDOWS\system32\CavEmLSP.dll
2007-12-25 22:56 . 2007-12-25 22:56 434,252 --a------ C:\WINDOWS\system32\MSVCRTD.DLL
2007-12-25 22:56 . 2007-12-25 22:56 216,576 --a------ C:\WINDOWS\system32\monln.dll
2007-12-25 21:46 . 2007-12-25 22:32 1,018,631 --ahs---- C:\WINDOWS\system32\uxddlmow.ini
2007-12-25 20:15 . 2007-12-28 12:53 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2007-12-25 20:08 . 2007-03-23 21:33 229,376 --a------ C:\WINDOWS\CMDLIC.DLL
2007-12-25 20:08 . 2004-08-17 14:49 24,576 --a------ C:\WINDOWS\system32\wsock32.dlb
2007-12-25 20:07 . 2007-12-26 20:42 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\BOC423
2007-12-25 20:07 . 2007-04-19 08:35 240,368 --a------ C:\WINDOWS\UNBOC.EXE
2007-12-25 20:07 . 2008-01-04 10:53 28,512 --a------ C:\WINDOWS\BOC423.INI
2007-12-23 18:53 . 2007-12-25 19:36 474 --ahs---- C:\WINDOWS\system32\mewfxdgs.ini
2007-12-22 23:42 . 2007-12-28 23:36 <DIR> d-------- C:\_j_DVD
2007-12-22 22:46 . 2005-09-03 14:45 45,056 --a------ C:\WINDOWS\system32\Interop.ChilkatZip2Lib.dll
2007-12-22 22:42 . 2007-12-22 22:46 <DIR> d-------- C:\Program Files\EDDICA
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-12-22 00:30 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-12-22 00:30 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-12-22 00:29 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-12-22 00:29 . 2004-08-03 23:10 19,328 --a--c--- C:\WINDOWS\system32\dllcache\wstcodec.sys
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2007-12-22 00:29 . 2004-08-17 15:49 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 15,360 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-12-22 00:29 . 2004-08-03 23:10 11,136 --a--c--- C:\WINDOWS\system32\dllcache\slip.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-12-22 00:28 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-12-22 00:28 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 54,272 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2007-12-22 00:27 . 2004-08-17 15:49 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-12-22 00:27 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-12-22 00:26 . 2007-12-26 22:19 <DIR> d-------- C:\Program Files\Common Files\StarCam
2007-12-22 00:26 . 2006-06-27 13:50 10,148,480 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-12-22 00:26 . 2006-05-12 11:27 831,488 --a------ C:\WINDOWS\vsnpstd3.exe
2007-12-22 00:26 . 2006-06-19 11:43 262,144 --a------ C:\WINDOWS\tsnpstd3.exe
2007-12-22 00:26 . 2006-04-12 12:11 147,456 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-12-22 00:26 . 2004-11-08 13:41 94,208 --a------ C:\WINDOWS\amcap.exe
2007-12-22 00:26 . 2006-05-26 15:40 61,440 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-12-22 00:26 . 2005-11-23 13:55 53,248 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-12-22 00:26 . 2004-02-27 17:36 15,498 --a------ C:\WINDOWS\snpstd3.ini
2007-12-22 00:26 . 2004-02-27 17:36 13,023 --a------ C:\WINDOWS\snpstd3.src
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-19 11:49 . 2007-12-19 11:50 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Media Player Classic
2007-12-18 23:10 . 2007-12-18 23:10 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2007-12-18 23:10 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2007-12-18 23:10 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-12-18 23:10 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-18 23:10 . 2007-12-07 18:28 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-12-18 23:10 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2007-12-18 23:10 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2007-12-18 22:46 . 2007-12-25 22:52 320 --ahs---- C:\WINDOWS\system32\jjkmp.ini
2007-12-18 21:17 . 2007-12-18 21:59 286,720 --------- C:\WINDOWS\Setup1.exe
2007-12-18 21:17 . 2007-12-18 21:59 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-12-05 20:13 . 2007-12-26 22:11 <DIR> d-------- C:\Program Files\TotalAudioConverter
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
2007-12-05 20:13 . 2007-12-05 20:13 <DIR> d-------- C:\Documents and Settings\jana\Data aplikací\Softplicity
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-02 18:43 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Skype
2008-01-01 19:14 --------- d-----w C:\Program Files\SpywareBlaster
2007-12-30 11:27 --------- d-----w C:\Program Files\AdunanzA
2007-12-27 11:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Nero
2007-12-25 21:56 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-12-25 21:56 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-12-25 21:56 1,060,864 ----a-w C:\WINDOWS\system32\mfc71.dll
2007-12-25 21:56 --------- d-----w C:\Program Files\Comodo
2007-12-25 21:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Comodo
2007-12-25 21:55 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 21:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-25 19:07 --------- d-----w C:\Documents and Settings\jana\Data aplikací\Comodo
2007-12-18 22:09 --------- d-----w C:\Program Files\DivX
2007-11-26 21:23 --------- d-----w C:\Program Files\GPLGS
2007-11-26 21:17 --------- d-----w C:\Program Files\Acro Software
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-24 18:26 --------- d-----w C:\Documents and Settings\jana\Data aplikací\EBookSys
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-11 15:10 --------- d-----w C:\Program Files\ICQ6
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-07 17:52 --------- d-----w C:\Documents and Settings\jana\Data aplikací\My Games
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-11-05 22:15 --------- d-----w C:\Documents and Settings\jana\Data aplikací\InstallShield Installation Information
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-08-18 10:06 949376]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-05 09:41 8429568]
"AudioDeck"="C:\Program Files\VIAudioi\SBADeck\ADeck.exe" [2004-04-19 10:44 7916032]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10 271360]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-08-15 19:15 271672]
"VideoraiPodConverter"="C:\Program Files\VideoraiPodConverter\VideoraiPodConverter.exe" [2005-11-11 19:32 483328]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-21 20:16 1115728]
"tsnpstd3"="C:\WINDOWS\tsnpstd3.exe" [2006-06-19 11:43 262144]
"BOC-423"="C:\PROGRA~1\Comodo\CBOClean\BOC423.exe" [2007-04-20 08:28 343280]
"cnfgCav"="C:\Program Files\Comodo\Comodo AntiVirus\CMain.exe" [2007-12-25 22:56 110592]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2007-11-30 13:47 847872]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-01-01 20:27 2776576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 14:49 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]
C:\Documents and Settings\jana\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 19:24:54]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\monln]
monln.dll 2007-12-25 22:56 216576 C:\WINDOWS\system32\monln.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 --a------ C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized
R0 Cavasm;Cavasm;C:\WINDOWS\system32\DRIVERS\cavasm.sys [2007-12-25 22:56]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-01-01 20:29]
R2 Comodo Anti-Virus and Anti-Spyware Service;Comodo Anti-Virus and Anti-Spyware Service;"C:\Program Files\Comodo\common\CAVASpy\cavasm.exe" [2007-12-26 20:54]
R3 BOCDRIVE;BOClean Kernel Monitor.;C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [2007-04-17 15:14]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-07-05 05:33]
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-11-04 17:29]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
.
Contents of the 'Scheduled Tasks' folder
"2008-01-03 18:33:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 13:30:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
Completion time: 2008-01-04 13:31:05
C:\qoobox\ComboFix-quarantined-files.txt 2008-01-04 12:31:00
.
2007-12-11 21:13:26 --- E O F ---
Tohle nech prosím otestovat na http://www.virustotal.com :
C:\WINDOWS\system32\wsock32.dlb
C:\WINDOWS\BOC423.INI
C:\WINDOWS\system32\lame_acm.xml
C:\WINDOWS\system32\monln.dll
Pak to kdyžtak smažeme ze zbytkem.
C:\WINDOWS\system32\wsock32.dlb
C:\WINDOWS\BOC423.INI
C:\WINDOWS\system32\lame_acm.xml
C:\WINDOWS\system32\monln.dll
Pak to kdyžtak smažeme ze zbytkem.
-
mandarina55
- nováček
- Příspěvky: 4
- Registrován: leden 08
- Pohlaví:
- Stav:
Offline
ahoj,
tak jsem to tam proverila a vse je v poradku (viz prilohy) :)
tak jsem to tam proverila a vse je v poradku (viz prilohy) :)
- Přílohy
-
- boc423ini.pdf
- (87.65 KiB) Staženo 28 x
-
- lame_acm-xml.pdf
- (87.68 KiB) Staženo 28 x
-
- monln-dll.pdf
- (87.46 KiB) Staženo 21 x
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 98 hostů