RAMASST

KSSA · Příspěvekod **KSSA** » 07 čer 2009 18:46

ComboFix 09-06-06.04 - Štěpán 07.06.2009 18:31.3 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1534.889 [GMT 2:00]
Spuštěný z: c:\documents and settings\Štěpán\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Štěpán\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-05-07 do 2009-06-07 )))))))))))))))))))))))))))))))
.

2009-06-06 21:50 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-06 21:50 . 2009-06-06 21:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-06 21:50 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-06 21:25 . 2009-06-06 21:25 -------- d-----w- c:\program files\Trend Micro
2009-06-06 21:11 . 2006-09-22 12:06 92160 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2009-06-06 21:10 . 2009-06-06 21:11 -------- d-----w- c:\program files\MagicDisc
2009-06-06 21:05 . 2009-06-06 21:06 -------- d-----w- c:\program files\DAEMON Tools
2009-06-06 15:46 . 2009-06-06 15:46 -------- d-----w- c:\program files\VideoLAN
2009-06-02 19:50 . 2009-06-02 19:50 -------- d-----w- c:\program files\Skype
2009-06-02 19:50 . 2009-06-02 19:50 -------- d-----w- c:\program files\Common Files\Skype
2009-06-01 21:37 . 2009-06-07 15:38 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-06-01 21:37 . 2009-06-07 15:38 -------- d-----w- c:\program files\ArcSoft
2009-06-01 21:35 . 2009-06-01 21:35 -------- d--h--w- c:\windows\$hf_mig$
2009-06-01 21:35 . 2008-05-02 13:32 464384 -c----w- c:\windows\system32\dllcache\imapi2fs.dll
2009-06-01 21:35 . 2008-05-02 13:32 464384 ------w- c:\windows\system32\imapi2fs.dll
2009-06-01 21:35 . 2008-05-02 13:32 317440 -c----w- c:\windows\system32\dllcache\imapi2.dll
2009-06-01 21:35 . 2008-05-02 13:32 317440 ------w- c:\windows\system32\imapi2.dll
2009-06-01 21:35 . 2008-05-02 09:05 62592 -c----w- c:\windows\system32\dllcache\cdrom.sys
2009-06-01 21:34 . 2009-06-01 22:47 -------- d-----w- c:\program files\Kodak
2009-06-01 00:35 . 2009-06-01 00:39 -------- d-----w- c:\program files\PSPad editor
2009-05-30 11:25 . 2009-05-30 11:25 -------- d-----w- c:\windows\system32\AGEIA
2009-05-30 11:25 . 2009-05-30 11:25 -------- d-----w- c:\program files\AGEIA Technologies
2009-05-30 11:25 . 2009-05-30 11:25 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-05-25 11:25 . 2009-05-25 11:25 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-05-25 11:25 . 2009-05-26 03:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-05-24 14:02 . 2004-08-17 13:49 153088 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2009-05-24 14:02 . 2004-08-17 13:49 153088 ----a-w- c:\windows\system32\irftp.exe
2009-05-24 14:02 . 2004-08-17 13:49 26624 -c--a-w- c:\windows\system32\dllcache\irmon.dll
2009-05-24 14:02 . 2004-08-17 13:49 26624 ----a-w- c:\windows\system32\irmon.dll
2009-05-24 14:02 . 2004-08-17 13:49 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll
2009-05-24 14:02 . 2004-08-17 13:49 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-05-19 01:58 . 2009-05-19 01:58 -------- d-----w- c:\program files\CENZURA
2009-05-18 21:06 . 2009-05-18 21:06 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-18 16:43 . 2009-05-18 16:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-18 16:43 . 2009-05-18 16:43 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-18 16:43 . 2009-05-18 16:43 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-18 16:43 . 2009-05-18 16:43 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-18 16:42 . 2009-06-07 08:37 -------- d-----w- c:\windows\system32\drivers\Avg
2009-05-18 15:42 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2009-05-18 15:42 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll
2009-05-18 15:28 . 2009-05-18 15:28 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-05-18 14:25 . 2004-10-01 23:33 32339 -c--a-w- c:\windows\system32\dllcache\uniansi.dll
2009-05-18 14:24 . 2004-10-01 23:32 10129408 -c--a-w- c:\windows\system32\dllcache\hwxkor.dll
2009-05-18 14:23 . 2004-08-17 13:49 68608 -c--a-w- c:\windows\system32\dllcache\isatq.dll
2009-05-18 14:22 . 2004-08-17 13:49 726078 -c--a-w- c:\windows\system32\dllcache\srchui.dll
2009-05-18 14:22 . 2004-08-17 13:49 58434 -c--a-w- c:\windows\system32\dllcache\srchctls.dll
2009-05-18 14:22 . 2004-08-17 13:49 3166208 -c--a-w- c:\windows\system32\dllcache\msgr3en.dll
2009-05-18 14:22 . 2004-08-17 13:49 5632 -c--a-w- c:\windows\system32\dllcache\wmm2res2.dll
2009-05-18 14:22 . 2004-08-17 13:49 4096 -c--a-w- c:\windows\system32\dllcache\wmm2eres.dll
2009-05-18 14:22 . 2004-08-17 13:49 7680 -c--a-w- c:\windows\system32\dllcache\wmm2ext.dll
2009-05-18 14:22 . 2004-08-17 13:49 502272 -c--a-w- c:\windows\system32\dllcache\wmm2fxa.dll
2009-05-18 14:22 . 2004-08-17 13:49 4263936 -c--a-w- c:\windows\system32\dllcache\wmm2res.dll
2009-05-18 14:22 . 2004-08-17 13:49 402432 -c--a-w- c:\windows\system32\dllcache\wmm2filt.dll
2009-05-18 14:22 . 2004-08-17 13:49 325632 -c--a-w- c:\windows\system32\dllcache\wmm2fxb.dll
2009-05-18 14:22 . 2004-08-17 13:49 167936 -c--a-w- c:\windows\system32\dllcache\wmm2ae.dll
2009-05-18 14:22 . 2004-08-17 13:49 3555328 -c--a-w- c:\windows\system32\dllcache\moviemk.exe
2009-05-18 13:37 . 2004-08-03 20:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2009-05-17 23:21 . 2009-05-17 23:21 -------- d-----w- c:\program files\PowerQuest
2009-05-17 20:21 . 2009-05-17 20:21 -------- d-----w- c:\program files\Adobe Media Player
2009-05-17 14:46 . 2009-05-17 14:46 -------- d-----w- c:\program files\Hamachi
2009-05-17 00:38 . 2009-05-17 00:38 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-12 14:25 . 2009-05-12 14:25 -------- d-----w- c:\program files\Alcohol Soft
2009-05-11 21:07 . 2009-05-17 20:03 -------- d-----w- c:\program files\Macromedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-07 15:38 . 2009-04-19 20:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-07 10:34 . 2009-01-08 21:00 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-05-25 21:44 . 2009-03-06 13:21 -------- d-----w- c:\program files\uTorrent
2009-05-25 11:21 . 2009-01-13 23:20 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-05-18 23:20 . 2008-08-14 05:57 73312 ----a-w- c:\windows\system32\drivers\adfs.sys
2009-05-18 15:49 . 2009-01-10 17:17 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-18 14:29 . 2004-10-01 23:33 68916 ----a-w- c:\windows\system32\perfc005.dat
2009-05-18 14:29 . 2004-10-01 23:33 389938 ----a-w- c:\windows\system32\perfh005.dat
2009-05-18 14:21 . 2009-01-08 18:43 22916 ----a-w- c:\windows\system32\emptyregdb.dat
2009-05-17 20:02 . 2009-02-02 21:07 -------- d-----w- c:\program files\Opera
2009-05-17 14:46 . 2009-03-12 20:28 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-04-28 19:53 . 2009-04-28 19:53 -------- d-----w- c:\program files\Common Files\xing shared
2009-04-28 19:53 . 2009-04-28 19:53 -------- d-----w- c:\program files\Common Files\Real
2009-04-28 19:53 . 2009-04-28 19:53 -------- d-----w- c:\program files\Real
2009-04-28 19:53 . 2005-03-23 09:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-04-22 17:41 . 2009-04-22 14:26 -------- d-----w- c:\program files\FlashGet
2009-04-22 00:15 . 2009-03-31 16:13 -------- d-----w- c:\program files\StrongDC++
2009-04-20 15:13 . 2009-04-20 15:01 -------- d-----w- c:\program files\Common Files\Logitech
2009-04-20 15:13 . 2009-04-20 15:01 -------- d-----w- c:\program files\Logitech
2009-04-19 20:24 . 2009-04-19 20:24 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-04-19 20:24 . 2009-04-19 20:24 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-04-19 20:04 . 2009-04-19 20:04 -------- d-----w- c:\program files\Atari
2009-04-19 12:21 . 2009-04-19 12:21 -------- d-----w- c:\program files\Phone Remote Control
2009-04-14 21:38 . 2009-04-14 21:37 -------- d-----w- c:\program files\XP Codec Pack
2009-04-14 21:35 . 2009-02-21 21:45 -------- d-----w- c:\program files\DivX
2009-04-14 21:34 . 2009-01-11 02:41 -------- d-----w- c:\program files\AC3Filter
2009-04-14 21:24 . 2009-01-08 19:26 -------- d-----w- c:\program files\Gigabyte
2009-04-14 21:16 . 2009-01-29 22:13 -------- d-----w- c:\program files\CCleaner
2009-03-16 12:18 . 2009-04-14 21:47 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-03-16 12:18 . 2009-04-14 21:47 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-03-16 12:18 . 2009-04-14 21:47 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-03-16 12:18 . 2009-04-14 21:47 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-07_08.51.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-07 15:22 . 2009-06-07 15:22 16384 c:\windows\Temp\Perflib_Perfdata_1b4.dat
- 2009-06-06 11:17 . 2009-06-06 11:17 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2009-06-07 10:43 . 2009-06-07 10:43 295606 c:\windows\Installer\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}\Burnout.exe
+ 2009-06-07 10:38 . 2009-06-07 10:38 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2009-06-06 11:17 . 2009-06-06 11:17 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2009-06-07 10:38 . 2009-06-07 10:38 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 220544]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-08-06 23165736]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-12-20 94208]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-28 198160]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-03-11 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-18 1947928]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-07-03 16876032]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SoundMan.exe [2008-06-18 77824]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2004-08-17 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-18 16:43 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WellPhone XT Sagem"="c:\program files\SmartCom\WellPhone XT Sagem\wellphone2.exe" /background
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\GRETECH\\GomPlayer\\GOM.exe"=
"d:\\Hry\\FarCry2\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Hry\\Activision\\CoDWaWmp.exe"=
"d:\\Hry\\Activision\\CoDWaW.exe"=
"d:\\Hry\\FarCry\\Bin32\\FarCry.exe"=
"d:\\Hry\\FarCry2\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Hry\\FarCry2\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Hry\\Counter-Strike Source\\hl2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\program files\totalcmd\TOTALCMD.EXE"= c:\program files\totalcmd\TOTALCMD.EXE:10.0.12.202/255.255.255.255:Enabled:Total Commander
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\StrongDC++\\StrongDC.exe"=
"d:\\Hry\\Tom Clancys HAWX\\HAWX.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"f:\\Hry\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"f:\\Hry\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"f:\\Hry\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12:TCP"= 12:TCP:TEST
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [16.1.2009 2:57 2915944]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [18.5.2009 18:43 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [18.5.2009 18:43 108552]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [12.2.2009 20:42 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 5:54 66600]
R2 Apache2.2;Apache2.2;d:\xampp\apache\bin\apache.exe [5.3.2007 12:23 16896]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [18.5.2009 18:42 298776]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 8:24 95528]
R2 SmartcomSCPService;SmartcomSCPService;c:\program files\Common Files\SmartCom\Services\SmartcomSCPService.exe [23.2.2009 23:08 64664]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 8:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [12.2.2009 20:42 65576]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15.8.2008 5:46 288112]
S3 UsbSagCom;Mobile Device Full USB Driver;c:\windows\system32\drivers\UsbSagCom.sys [23.2.2009 22:46 51712]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - ACDAEMON
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: {1CFB1C74-5BB6-466E-A3A7-A155D0EED1E9} = 80.188.178.129,80.188.178.132
FF - ProfilePath - c:\documents and settings\Štěpán\Data aplikací\Mozilla\Firefox\Profiles\v320s6gh.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.sites - hxxp://s1.travian.cz http://s2.travian.cz http://s3.travian.cz http://s4.travian.cz http://s5.travian.cz http://s6.travian.cz http://s7.travian.cz http://s8.travian.cz http://s9.travian.cz http://s10.travian.cz http://s11.travian.cz http://s12.travian.cz http://s13.travian.cz http://s14.travian.cz http://s15.travian.cz http://speed.travian.cz http://s1.travian.sk http://s2.travian.sk http://s3.travian.sk http://s4.travian.sk http://s5.travian.sk http://s6.travian.sk http://s7.travian.sk http://s8.travian.sk http://s9.travian.sk http://s10.travian.sk http://speed.travian.sk
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccessc:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 18:36
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1464)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3040)
c:\windows\system32\msi.dll
.
Celkový čas: 2009-06-07 18:39
ComboFix-quarantined-files.txt 2009-06-07 16:38
ComboFix2.txt 2009-06-07 15:28
ComboFix3.txt 2009-06-07 08:54

Před spuštěním: 6 435 454 976
Po spuštění: 6 421 090 304

277

Reklama

Damned · Příspěvekod **Damned** » 07 čer 2009 19:11

Ten EAX4 Unified Redist by mělo být něco od Creative labs asi nějaký ovladače na audio-video.

V logu nevidím již nic špatné. Z hlediska virů a šmejdů máš počítač čistý.

Odinstaluj ComboFix.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

RAMASST

Re: RAMASST

Re: RAMASST

Kdo je online