Cau "Bledule" pardon Bledulko sem na chvíli odběhl - trvalo to déle - s tebou sem ještě neměl tu čest tak se ukaž jak tě chlapci vyškolili..
ComboFix 10-07-20.03 - Spravce 21.07.2010 8:51.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.685 [GMT 2:00]
Spuštěný z: d:\documents and settings\Spravce\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\Fnaqoa.exe
d:\windows\system32\Dvbpws.dll
d:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-21 do 2010-07-21 )))))))))))))))))))))))))))))))
.
2010-07-19 13:06 . 2008-04-13 20:15 26368 -c--a-w- d:\windows\system32\dllcache\usbstor.sys
2010-07-18 03:35 . 2008-08-04 15:40 350 ----a-w- d:\windows\system32\AF15IRTBL.bin
2010-07-18 03:24 . 2008-05-11 23:08 32768 ----a-w- d:\windows\system\VRAIDlog.dll
2010-07-18 03:17 . 2010-07-18 03:17 -------- d-----w- d:\program files\Intel
2010-07-18 03:17 . 2010-02-23 10:00 256712 ----a-w- d:\windows\system32\PROUnstl.exe
2010-07-18 02:38 . 2010-07-18 02:38 -------- d-----w- d:\program files\Driver-Soft
2010-07-18 01:47 . 2010-07-18 01:47 -------- d-----w- D:\WFDB
2010-07-18 01:27 . 2008-04-14 03:59 14592 -c--a-w- d:\windows\system32\dllcache\kbdhid.sys
2010-07-18 01:27 . 2008-04-14 03:59 14592 ----a-w- d:\windows\system32\drivers\kbdhid.sys
2010-07-18 01:27 . 2008-04-13 20:15 10368 -c--a-w- d:\windows\system32\dllcache\hidusb.sys
2010-07-18 01:27 . 2008-04-13 20:15 10368 ----a-w- d:\windows\system32\drivers\hidusb.sys
2010-07-18 01:23 . 2005-04-27 14:36 245408 ----a-w- d:\windows\system32\unicows.dll
2010-07-18 01:23 . 2010-07-18 01:23 -------- d-----w- d:\program files\Common Files\ArcSoft
2010-07-18 01:22 . 2004-12-23 15:27 27392 ----a-w- d:\windows\system32\drivers\ULCDRHlp.sys
2010-07-18 01:22 . 2010-07-18 01:22 -------- d-----w- d:\program files\Common Files\Ulead Systems
2010-07-18 01:21 . 2010-07-18 03:35 -------- d-----w- d:\windows\system32\WinFast
2010-07-18 01:21 . 2010-07-18 01:21 -------- d-----w- d:\program files\Leadtek Research Inc
2010-07-18 01:10 . 2009-09-30 09:33 24576 ----a-w- d:\windows\system32\AsIO.dll
2010-07-18 01:10 . 2009-08-04 08:28 11296 ----a-w- d:\windows\system32\drivers\AsIO.sys
2010-07-18 01:10 . 2009-07-06 08:48 11448 ----a-w- d:\windows\system32\drivers\AsUpIO.sys
2010-07-18 00:18 . 2010-07-18 03:47 217180 ----a-w- d:\windows\system32\nvdrsdb0.bin
2010-07-18 00:18 . 2010-07-18 03:47 1 ----a-w- d:\windows\system32\nvdrssel.bin
2010-07-18 00:18 . 2010-07-18 00:50 217180 ----a-w- d:\windows\system32\nvdrsdb1.bin
2010-07-18 00:18 . 2010-06-07 23:57 600680 ----a-w- d:\windows\system32\nvuninst.exe
2010-07-18 00:18 . 2010-07-18 00:19 -------- d-----w- d:\program files\NVIDIA Corporation
2010-07-18 00:18 . 2010-06-07 23:57 61440 ----a-w- d:\windows\system32\OpenCL.dll
2010-07-18 00:18 . 2010-06-07 23:57 2632296 ----a-w- d:\windows\system32\nvcuvenc.dll
2010-07-18 00:18 . 2010-06-07 23:57 2165352 ----a-w- d:\windows\system32\nvcuvid.dll
2010-07-18 00:18 . 2010-06-07 23:57 4554752 ----a-w- d:\windows\system32\nvcuda.dll
2010-07-18 00:18 . 2010-06-07 23:57 2186342 ----a-w- d:\windows\system32\nvdata.bin
2010-07-18 00:18 . 2010-06-07 23:57 10256384 ----a-w- d:\windows\system32\nvcompiler.dll
2010-07-18 00:18 . 2010-07-18 00:18 -------- d-----w- D:\NVIDIA
2010-07-18 00:17 . 2010-06-07 23:57 600680 ----a-w- d:\windows\system32\nvudisp.exe
2010-07-17 23:39 . 2010-07-17 23:39 -------- d-----w- d:\program files\SystemRequirementsLab
2010-07-17 23:39 . 2010-07-17 23:39 -------- d-----w- d:\documents and settings\Spravce\SystemRequirementsLab
2010-07-17 23:38 . 2010-07-17 23:38 -------- d-----w- d:\windows\Sun
2010-07-17 22:23 . 2010-07-18 03:24 -------- d-----w- d:\program files\VIA
2010-07-17 22:23 . 2007-09-20 08:43 331184 ------w- d:\windows\system32\difxapi.dll
2010-07-17 22:23 . 2010-07-18 01:23 -------- d-----w- d:\program files\Common Files\InstallShield
2010-07-16 17:52 . 2010-07-16 17:52 -------- d-----w- d:\program files\Common Files\Adobe
2010-07-16 16:32 . 2010-07-16 16:38 -------- d-----w- d:\windows\SxsCaPendDel
2010-07-16 15:28 . 2010-07-16 15:28 -------- d-sh--w- d:\documents and settings\Spravce\IECompatCache
2010-07-16 15:26 . 2010-07-16 15:26 -------- d-sh--w- d:\documents and settings\Spravce\PrivacIE
2010-07-15 14:12 . 2010-07-15 14:12 -------- d-----w- d:\program files\MozBackup
2010-07-15 13:50 . 2010-07-15 13:59 -------- d-----w- d:\windows\ie8updates
2010-07-15 13:11 . 2010-07-15 13:11 -------- d-----w- d:\windows\system32\Adobe
2010-07-15 12:34 . 2010-07-15 12:34 0 ----a-w- d:\windows\nsreg.dat
2010-07-12 22:07 . 2008-04-13 22:15 2944 ----a-w- d:\windows\system32\drivers\drmkaud.sys
2010-07-12 22:07 . 2008-04-13 22:09 4992 ----a-w- d:\windows\system32\drivers\MSPQM.sys
2010-07-12 22:07 . 2008-04-13 22:47 83072 ----a-w- d:\windows\system32\drivers\wdmaud.sys
2010-07-12 22:07 . 2008-04-13 22:15 172416 ----a-w- d:\windows\system32\drivers\kmixer.sys
2010-07-12 22:07 . 2008-04-13 22:15 6272 ----a-w- d:\windows\system32\drivers\splitter.sys
2010-07-12 22:07 . 2008-04-13 22:45 60800 ----a-w- d:\windows\system32\drivers\sysaudio.sys
2010-07-12 22:07 . 2008-04-13 20:09 142592 ----a-w- d:\windows\system32\drivers\aec.sys
2010-07-12 22:07 . 2008-04-13 22:09 7552 ----a-w- d:\windows\system32\drivers\MSKSSRV.sys
2010-07-12 22:07 . 2008-04-13 22:09 5376 ----a-w- d:\windows\system32\drivers\MSPCLOCK.sys
2010-07-12 22:07 . 2008-04-13 22:15 56576 ----a-w- d:\windows\system32\drivers\swmidi.sys
2010-07-12 22:07 . 2008-04-13 22:15 52864 ----a-w- d:\windows\system32\drivers\DMusic.sys
2010-07-12 22:07 . 2001-08-17 19:59 3072 ----a-w- d:\windows\system32\drivers\audstub.sys
2010-07-12 22:06 . 2008-04-14 05:44 58496 ----a-w- d:\windows\system32\drivers\redbook.sys
2010-07-12 22:06 . 2010-07-18 00:20 -------- d-----w- d:\windows\nview
2010-07-12 22:06 . 2008-04-14 04:51 4096 -c--a-w- d:\windows\system32\dllcache\ksuser.dll
2010-07-12 22:06 . 2008-04-14 04:51 4096 ----a-w- d:\windows\system32\ksuser.dll
2010-07-12 22:06 . 2008-04-13 20:49 146048 -c--a-w- d:\windows\system32\dllcache\portcls.sys
2010-07-12 22:06 . 2008-04-13 20:49 146048 ----a-w- d:\windows\system32\drivers\portcls.sys
2010-07-12 22:06 . 2008-04-13 20:15 60160 -c--a-w- d:\windows\system32\dllcache\drmk.sys
2010-07-12 22:06 . 2008-04-13 20:15 60160 ----a-w- d:\windows\system32\drivers\drmk.sys
2010-07-12 22:06 . 2008-04-14 06:52 75264 ----a-w- d:\windows\system32\usbui.dll
2010-07-12 22:03 . 2010-07-21 06:51 -------- d-----w- d:\windows\system32\CatRoot2
2010-07-12 22:03 . 2010-07-18 03:23 -------- d-----w- d:\windows\system32\CatRoot
2010-07-12 22:03 . 2010-07-18 02:08 -------- d--h--r- d:\documents and settings\All Users\Data aplikací
2010-07-12 22:03 . 2010-07-12 20:12 -------- d--h--r- d:\documents and settings\Default User\Data aplikací
2010-07-12 22:02 . 2010-07-12 20:18 -------- d-----w- D:\Documents and Settings
2010-07-12 22:02 . 2010-07-12 20:14 -------- d--h--w- d:\documents and settings\Default User
2010-07-12 22:02 . 2010-07-12 20:11 -------- d-----w- d:\documents and settings\All Users
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-19 13:24 . 2010-07-12 20:33 -------- d-----w- d:\program files\ICQ7.2
2010-07-18 13:32 . 2010-07-12 20:31 -------- d-----w- d:\program files\Wise Disk Cleaner
2010-07-18 03:35 . 2010-07-12 20:34 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-07-18 03:15 . 2010-07-12 20:26 -------- d-----w- d:\program files\FreeRapid-0.83u1
2010-07-18 02:10 . 2010-07-12 20:32 -------- d-----w- d:\program files\Wise Registry Cleaner
2010-07-16 19:16 . 2010-07-12 20:14 -------- d-----w- d:\program files\Recepty
2010-07-16 18:29 . 2010-07-12 20:13 -------- d-----w- d:\program files\Ant Movie Catalog
2010-07-16 17:10 . 2004-08-18 12:00 76388 ----a-w- d:\windows\system32\perfc005.dat
2010-07-16 17:10 . 2004-08-18 12:00 426308 ----a-w- d:\windows\system32\perfh005.dat
2010-07-16 17:04 . 2010-07-12 20:11 76487 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-16 17:04 . 2010-07-12 20:11 2378 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-07-16 17:03 . 2010-07-12 20:11 8972 ----a-w- d:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-07-12 20:52 . 2010-07-12 20:50 -------- d-----w- d:\program files\Common Files\Ahead
2010-07-12 20:50 . 2010-07-12 20:50 -------- d-----w- d:\program files\Nero
2010-07-12 20:44 . 2010-07-12 20:41 -------- d-----w- d:\program files\epson
2010-07-12 20:38 . 2010-07-12 20:38 -------- d-----w- d:\program files\Microsoft.NET
2010-07-12 20:33 . 2010-07-12 20:33 -------- d-----w- d:\program files\CCleaner
2010-07-12 20:28 . 2010-07-12 20:28 -------- d-----w- d:\program files\Alwil Software
2010-07-12 20:26 . 2010-07-12 20:26 -------- d-----w- d:\program files\IVT Corporation
2010-07-12 20:22 . 2010-07-12 20:22 -------- d-----w- d:\program files\MSBuild
2010-07-12 20:22 . 2010-07-12 20:22 -------- d-----w- d:\program files\Reference Assemblies
2010-07-12 20:14 . 2010-07-12 20:14 -------- d-----w- d:\program files\microsoft frontpage
2010-07-12 20:14 . 2010-07-12 20:14 -------- d-----w- d:\program files\VisualTaskTips
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----w- d:\program files\VideoLAN
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----r- d:\program files\Skype
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----w- d:\program files\PSPad editor
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----w- d:\program files\GSpot
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----w- d:\program files\Defraggler
2010-07-12 20:13 . 2010-07-12 20:13 -------- d-----w- d:\program files\Lavalys
2010-07-12 20:12 . 2010-07-12 20:12 -------- d-----w- d:\program files\Common Files\Java
2010-07-12 20:12 . 2010-07-12 20:12 423656 ----a-w- d:\windows\system32\deployJava1.dll
2010-07-12 20:12 . 2010-07-12 20:12 -------- d-----w- d:\program files\Java
2010-07-12 20:09 . 2010-07-12 20:09 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2010-07-12 20:09 . 2010-07-12 20:09 -------- d-----w- d:\program files\Windows Media Connect 2
2010-07-12 19:22 . 2001-10-24 10:25 77891 ----a-w- d:\windows\system32\usrmlnka.exe
2010-07-12 19:19 . 2010-07-12 19:19 381056 ----a-w- d:\windows\system32\drivers\senfilt.sys
2010-07-12 19:19 . 2010-07-12 19:19 266880 ----a-w- d:\windows\system32\drivers\smwdm.sys
2010-07-12 19:19 . 2010-07-12 19:19 65536 ----a-w- d:\windows\system32\a3d.dll
2010-07-12 19:19 . 2010-07-12 19:19 5810 ----a-w- d:\windows\system32\drivers\ASACPI.sys
2010-07-12 19:19 . 2010-07-12 19:19 55808 ----a-w- d:\windows\system32\EtCoInst.dll
2010-07-12 19:19 . 2010-07-12 19:19 19456 ----a-w- d:\windows\system32\IntelNic.dll
2010-07-12 19:19 . 2010-07-12 19:19 116176 ----a-w- d:\windows\system32\drivers\aeaudio.sys
2010-07-12 19:17 . 2010-07-12 19:17 27904 ----a-w- d:\windows\system32\drivers\VIAAGP1.SYS
2010-07-12 19:16 . 2010-07-12 19:17 997376 ----a-w- d:\windows\system32\syssetup.dll
2010-07-12 19:16 . 2010-07-12 19:16 4096 ----a-w- d:\windows\system32\wmvdmoe2.dll
2010-07-12 19:16 . 2010-07-12 19:16 4096 ----a-w- d:\windows\system32\wmvdmod.dll
2010-07-12 19:16 . 2010-07-12 19:16 1329152 ----a-w- d:\windows\system32\wmspdmoe.dll
2010-07-12 19:16 . 2010-07-12 19:16 99840 ----a-w- d:\windows\system32\wmpshell.dll
2010-07-12 19:16 . 2010-07-12 19:16 8257536 ----a-w- d:\windows\system32\wmploc.dll
2010-07-12 19:16 . 2010-07-12 19:16 4096 ----a-w- d:\windows\system32\wmsdmoe2.dll
2010-07-12 19:16 . 2010-07-12 19:16 4096 ----a-w- d:\windows\system32\wmsdmod.dll
2010-07-12 19:16 . 2010-07-12 19:16 242688 ----a-w- d:\windows\system32\wmpasf.dll
2010-07-12 19:14 . 2010-07-12 19:14 24576 ----a-w- d:\windows\system32\nlsdl.dll
2010-07-12 19:14 . 2010-07-12 19:14 23552 ----a-w- d:\windows\system32\normaliz.dll
2010-07-12 19:14 . 2010-07-12 19:14 265720 ----a-w- d:\windows\system32\msdbg2.dll
2010-07-12 19:14 . 2010-07-12 19:14 26112 ----a-w- d:\windows\system32\idndl.dll
2010-07-12 19:13 . 2010-07-12 19:13 48128 ----a-w- d:\windows\system32\mshtmler.dll
2010-07-12 19:13 . 2010-07-12 19:13 156160 ----a-w- d:\windows\system32\msls31.dll
2010-07-12 19:13 . 2010-07-12 19:13 45568 ----a-w- d:\windows\system32\mshta.exe
2010-07-12 19:13 . 2010-07-12 19:13 43008 ----a-w- d:\windows\system32\licmgr10.dll
2010-07-12 19:13 . 2010-07-12 19:13 34816 ----a-w- d:\windows\system32\imgutil.dll
2010-07-12 19:13 . 2010-07-12 19:13 71680 ----a-w- d:\windows\system32\iesetup.dll
2010-07-12 19:13 . 2010-07-12 19:13 72704 ----a-w- d:\windows\system32\admparse.dll
2010-07-12 19:13 . 2010-07-12 19:13 18944 ----a-w- d:\windows\system32\corpol.dll
2010-07-12 19:11 . 2010-07-12 19:11 1792 ----a-w- d:\windows\system32\nlite.cmd
2010-07-02 21:52 . 2010-07-12 20:26 -------- d-----w- d:\program files\Sumatra PDF1_1
2010-06-29 15:55 . 2010-07-12 20:26 -------- d-----w- d:\program files\MWSnap
2010-06-29 15:55 . 2010-07-12 20:26 -------- d-----w- d:\program files\ICONLIB
2010-06-29 15:55 . 2010-07-12 20:26 -------- d-----w- d:\program files\USBDiskEjector
2010-06-28 20:57 . 2010-07-12 20:28 38848 ----a-w- d:\windows\avastSS.scr
2010-06-28 20:57 . 2010-07-12 20:28 165032 ----a-w- d:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-07-12 20:28 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-07-12 20:28 165456 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-07-12 20:28 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-07-12 20:28 100176 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-07-12 20:28 94544 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-07-12 20:28 17744 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-07-12 20:28 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\UC.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\RAR.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\PKZIP.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\PKUNZIP.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\NOCLOSE.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\LHA.PIF
2010-06-17 05:55 . 2010-07-12 20:30 545 ----a-w- d:\windows\ARJ.PIF
2010-06-14 14:31 . 2010-07-12 20:10 744448 ----a-w- d:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-07 23:57 . 2005-12-10 01:06 6300544 ----a-w- d:\windows\system32\nv4_disp.dll
2010-06-07 23:57 . 2005-12-10 01:06 232040 ----a-w- d:\windows\system32\nvcodins.dll
2010-06-07 23:57 . 2005-12-10 01:06 232040 ----a-w- d:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2005-12-10 01:06 15192064 ----a-w- d:\windows\system32\nvoglnt.dll
2010-06-07 23:57 . 2005-12-10 01:06 1359872 ----a-w- d:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2005-12-10 01:06 10531200 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
2010-06-07 15:35 . 2010-06-07 15:35 81920 ----a-w- d:\windows\system32\nvwddi.dll
2010-06-07 15:35 . 2010-06-07 15:35 253952 ----a-w- d:\windows\system32\nvrsth.dll
2010-06-07 15:35 . 2010-06-07 15:35 277608 ----a-w- d:\windows\system32\nvmccs.dll
2010-06-07 15:35 . 2010-06-07 15:35 110696 ----a-w- d:\windows\system32\nvmctray.dll
2010-06-07 15:35 . 2010-06-07 15:35 154728 ----a-w- d:\windows\system32\nvsvc32.exe
2010-06-07 15:35 . 2010-06-07 15:35 13902440 ----a-w- d:\windows\system32\nvcpl.dll
2010-06-02 02:55 . 2010-07-12 20:26 74072 ----a-w- d:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-07-12 20:26 527192 ----a-w- d:\windows\system32\XAudio2_7.dll
.
------- Sigcheck -------
[-] 2010-07-12 . B84B22372D6170FFA7858C3B405B1A16 . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll
d:\windows\System32\regsvc.dll ... chybí !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EVEREST AutoStart"="d:\program files\Lavalys\EVEREST Ultimate Edition\everest.exe" [2009-02-04 2350176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="d:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-12-16 94208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="d:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"NvMediaCenter"="d:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"ArcSoft Connection Service"="d:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2010-05-13 26194728]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2010-07-12 128512]
d:\documents and settings\Spravce\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Visual Task Tips.lnk - d:\program files\VisualTaskTips\VisualTaskTips.exe [2008-6-22 65536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-06-08 11:39 133368 ----a-w- d:\program files\ICQ7.2\ICQ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- d:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44 248552 ----a-w- d:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2008-06-20 13:58 2887680 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
2008-07-11 09:46 90112 ----a-w- c:\program files\WinFast\WFDTV\DTVSchdl.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ.exe"=
"d:\\Program Files\\ICQ7.2\\aolload.exe"=
"d:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"d:\\Program Files\\Nero\\Nero 7\\Core\\nero.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 AsUpIO;AsUpIO;d:\windows\system32\drivers\AsUpIO.sys [18.7.2010 3:10 11448]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [12.7.2010 22:28 165456]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [12.7.2010 22:28 17744]
R2 VRAID Log Service;VRAID Log Service;d:\program files\VIA\RAID\vialogsv.exe [18.7.2010 5:24 52888]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;d:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [12.7.2010 22:13 26224]
S3 cpudrv;cpudrv;d:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 Start BT in service;Start BT in service;d:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [21.4.2007 14:54 52080]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - EVERESTDRIVER
.
.
------- Doplňkový sken -------
.
uStart Page =
hxxp://www.google.com/IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - d:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - d:\documents and settings\Spravce\Data aplikací\Mozilla\Firefox\Profiles\2d718ojg.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.sweetim.com/search.asp?src=2&q=FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.seznam.cz/FF - prefs.js: keyword.URL -
hxxp://search.icq.com/search/afe_result ... 2.0.0.0&q=FF - plugin: d:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-07-21 09:01
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\d:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3148)
d:\program files\VisualTaskTips\VttHooks.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\wpdshserviceobj.dll
d:\windows\system32\portabledevicetypes.dll
d:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\nvsvc32.exe
d:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
d:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\RUNDLL32.EXE
d:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
d:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
d:\windows\system32\wscntfy.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\program files\Alwil Software\Avast5\setup\avast.setup
.
**************************************************************************
.
Celkový čas: 2010-07-21 09:02:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-21 07:02
Před spuštěním: Volných bajtů: 16 152 027 136
Po spuštění: Volných bajtů: 16 188 592 128
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=" Stara instalace Win XP" /noexecute=optin /fastdetect
- - End Of File - - 0BB488001517A6BE8814017E6FCE68EF
.
, aby na to Jaro3 nebyl sám 
)
