a jeste jsem si nainstaloval ten CCLEANER
dam SPUSTIT CLEANER a naslo mi to spousty veci
.....a co dal, co s tim co to naslo ?
Kontrola logu
-
zlobyl
- Tvůrce článků
-
Level 4.5
- Příspěvky: 1760
- Registrován: duben 06
- Bydliště: Slaný
- Pohlaví:
- Stav:
Offline
- Kontakt:
Podle toho logu jsi asi nechal zkontrolovat jen asi systémové soubory nebo nějak tak.
A v tom logu musí být i cesty k těm objektům!
Pokud ti to nebude vadit, tak zkus udělat ten test znovu.(viz.moje nápověda)
A v tom logu musí být i cesty k těm objektům!
Pokud ti to nebude vadit, tak zkus udělat ten test znovu.(viz.moje nápověda)
Prosím, omluvte mou častou nepřítomnost na fóru.Bohužel jsou věci, které člověk nemůže ovlivnit a já tudíž nemám moc času, abych se sem dostal.Budu se snažit tady být vždy, když to bude možné, ale nic zaručit nemohu.Je mi to líto.
vadit mi to rozhodne nebude, je to v mem zajmu ze 
Object scanned
Sat Aug 11 13:12:47 2007 => ERROR!!! Invalid Entry system32\DRIVERS\s24trans.sys in SYSTEM\CurrentControlSet\Services\s24trans...
Sat Aug 11 13:12:47 2007 => ERROR!!! ScanFile Fails...
Sat Aug 11 13:12:48 2007 => ERROR!!! Invalid Entry system32\DRIVERS\UIUSYS.SYS in SYSTEM\CurrentControlSet\Services\UIUSys...
Sat Aug 11 13:12:49 2007 => ERROR!!! Invalid Entry "C:\Program Files\Windows Media Player\WMPNetwk.exe" in SYSTEM\CurrentControlSet\Services\WMPNetworkSvc...
Sat Aug 11 13:12:50 2007 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD
Sat Aug 11 13:12:50 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Aug 11 13:13:48 2007 => ***** Scanning System32 Folders *****
Sat Aug 11 13:13:48 2007 => Scanning C:\WINDOWS Directory
Sat Aug 11 13:13:48 2007 => [Scanning Folder: C:\WINDOWS]
Sat Aug 11 13:13:51 2007 => Scanning C:\WINDOWS\system32 Directory
Sat Aug 11 13:13:51 2007 => [Scanning Folder: C:\WINDOWS\system32]
Sat Aug 11 13:14:55 2007 => Scanning C:\DOCUME~1\Maks\LOCALS~1\Temp Directory
Sat Aug 11 13:14:55 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp]
Sat Aug 11 13:14:55 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\080907212959]
Sat Aug 11 13:15:06 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\FtpTemp]
Sat Aug 11 13:15:06 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\FtpTempF]
Sat Aug 11 13:15:07 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\hsperfdata_Maks]
Sat Aug 11 13:15:15 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\WPDNSE]
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\_avast4_]
Sat Aug 11 13:15:16 2007 => Scanning C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5 Directory
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5]
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\0HMZSX6V]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\1HLZGMHG]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\3VU0W81V]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\9BJ9RPZS]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\IZWB9A3I]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\PLSDNRM4]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\QN5791AL]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\W5IJCXMV]
Sat Aug 11 13:15:18 2007 => ***** Checking for specific ITW Viruses *****
Sat Aug 11 13:15:18 2007 => Checking for Welchia Virus...
Sat Aug 11 13:15:18 2007 => Checking for LovGate Virus...
Sat Aug 11 13:15:18 2007 => Checking for CodeRed Virus...
Sat Aug 11 13:15:18 2007 => Checking for OpaServ Virus...
Sat Aug 11 13:15:18 2007 => Checking for Sobig.e Virus...
Sat Aug 11 13:15:18 2007 => Checking for Winupie Virus...
Sat Aug 11 13:15:18 2007 => Checking for Swen Virus...
Sat Aug 11 13:15:19 2007 => Checking for JS.Fortnight Virus...
Sat Aug 11 13:15:19 2007 => Checking for Novarg Virus...
Sat Aug 11 13:15:19 2007 => Checking for Pagabot Virus...
Sat Aug 11 13:15:19 2007 => Checking for Parite.b Virus...
Sat Aug 11 13:15:19 2007 => Checking for Parite.a Virus...
Sat Aug 11 13:15:19 2007 => Checking for Adware.SeekSeek Virus...
Sat Aug 11 13:15:19 2007 => ***** Scanning complete. *****
Sat Aug 11 13:15:19 2007 => Total Objects Scanned: 26451
Sat Aug 11 13:15:19 2007 => Total Critical Objects: 16
Sat Aug 11 13:15:19 2007 => Total Disinfected Objects: 0
Sat Aug 11 13:15:19 2007 => Total Objects Renamed: 0
Sat Aug 11 13:15:19 2007 => Total Deleted Objects: 0
Sat Aug 11 13:15:19 2007 => Total Errors: 11
Sat Aug 11 13:15:19 2007 => Time Elapsed: 00:03:34
Sat Aug 11 13:15:19 2007 => Virus Database Date: 8/9/2007
Sat Aug 11 13:15:19 2007 => Virus Database Count: 377664
Sat Aug 11 13:15:19 2007 => Scan Completed.
VIRUS LOG INFORMATION
Object "video activex access Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "fujacks.e Worm" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\isafeif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\vetredir.dll". Action Taken: No Action Taken.
Object scanned
Sat Aug 11 13:12:47 2007 => ERROR!!! Invalid Entry system32\DRIVERS\s24trans.sys in SYSTEM\CurrentControlSet\Services\s24trans...
Sat Aug 11 13:12:47 2007 => ERROR!!! ScanFile Fails...
Sat Aug 11 13:12:48 2007 => ERROR!!! Invalid Entry system32\DRIVERS\UIUSYS.SYS in SYSTEM\CurrentControlSet\Services\UIUSys...
Sat Aug 11 13:12:49 2007 => ERROR!!! Invalid Entry "C:\Program Files\Windows Media Player\WMPNetwk.exe" in SYSTEM\CurrentControlSet\Services\WMPNetworkSvc...
Sat Aug 11 13:12:50 2007 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD
Sat Aug 11 13:12:50 2007 => ***** Scanning Registry and File system for Adware/Spyware *****
Sat Aug 11 13:13:48 2007 => ***** Scanning System32 Folders *****
Sat Aug 11 13:13:48 2007 => Scanning C:\WINDOWS Directory
Sat Aug 11 13:13:48 2007 => [Scanning Folder: C:\WINDOWS]
Sat Aug 11 13:13:51 2007 => Scanning C:\WINDOWS\system32 Directory
Sat Aug 11 13:13:51 2007 => [Scanning Folder: C:\WINDOWS\system32]
Sat Aug 11 13:14:55 2007 => Scanning C:\DOCUME~1\Maks\LOCALS~1\Temp Directory
Sat Aug 11 13:14:55 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp]
Sat Aug 11 13:14:55 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\080907212959]
Sat Aug 11 13:15:06 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\FtpTemp]
Sat Aug 11 13:15:06 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\FtpTempF]
Sat Aug 11 13:15:07 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\hsperfdata_Maks]
Sat Aug 11 13:15:15 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\WPDNSE]
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\Temp\_avast4_]
Sat Aug 11 13:15:16 2007 => Scanning C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5 Directory
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5]
Sat Aug 11 13:15:16 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\0HMZSX6V]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\1HLZGMHG]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\3VU0W81V]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\9BJ9RPZS]
Sat Aug 11 13:15:17 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\IZWB9A3I]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\PLSDNRM4]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\QN5791AL]
Sat Aug 11 13:15:18 2007 => [Scanning Folder: C:\DOCUME~1\Maks\LOCALS~1\TEMPOR~1\Content.IE5\W5IJCXMV]
Sat Aug 11 13:15:18 2007 => ***** Checking for specific ITW Viruses *****
Sat Aug 11 13:15:18 2007 => Checking for Welchia Virus...
Sat Aug 11 13:15:18 2007 => Checking for LovGate Virus...
Sat Aug 11 13:15:18 2007 => Checking for CodeRed Virus...
Sat Aug 11 13:15:18 2007 => Checking for OpaServ Virus...
Sat Aug 11 13:15:18 2007 => Checking for Sobig.e Virus...
Sat Aug 11 13:15:18 2007 => Checking for Winupie Virus...
Sat Aug 11 13:15:18 2007 => Checking for Swen Virus...
Sat Aug 11 13:15:19 2007 => Checking for JS.Fortnight Virus...
Sat Aug 11 13:15:19 2007 => Checking for Novarg Virus...
Sat Aug 11 13:15:19 2007 => Checking for Pagabot Virus...
Sat Aug 11 13:15:19 2007 => Checking for Parite.b Virus...
Sat Aug 11 13:15:19 2007 => Checking for Parite.a Virus...
Sat Aug 11 13:15:19 2007 => Checking for Adware.SeekSeek Virus...
Sat Aug 11 13:15:19 2007 => ***** Scanning complete. *****
Sat Aug 11 13:15:19 2007 => Total Objects Scanned: 26451
Sat Aug 11 13:15:19 2007 => Total Critical Objects: 16
Sat Aug 11 13:15:19 2007 => Total Disinfected Objects: 0
Sat Aug 11 13:15:19 2007 => Total Objects Renamed: 0
Sat Aug 11 13:15:19 2007 => Total Deleted Objects: 0
Sat Aug 11 13:15:19 2007 => Total Errors: 11
Sat Aug 11 13:15:19 2007 => Time Elapsed: 00:03:34
Sat Aug 11 13:15:19 2007 => Virus Database Date: 8/9/2007
Sat Aug 11 13:15:19 2007 => Virus Database Count: 377664
Sat Aug 11 13:15:19 2007 => Scan Completed.
VIRUS LOG INFORMATION
Object "video activex access Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "fujacks.e Worm" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\isafeif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\vetredir.dll". Action Taken: No Action Taken.
-
zlobyl
- Tvůrce článků
-
Level 4.5
- Příspěvky: 1760
- Registrován: duben 06
- Bydliště: Slaný
- Pohlaví:
- Stav:
Offline
- Kontakt:
Tak tady jsem já v koncích.Ještě jednou díky za ten log, ale stále je mi divné, že v tom logu nejsou cesty k těm infikovaným objektům!
Trochu jsem googlil a něco málo i našel:
video activex access Trojan:
fujaks.e Worm:
http://www.symantec.com/en/uk/security_response/writeup.jsp?docid=2007-010509-0134-99&tabid=2
redv Spyware/Adware:
http://www.scanspyware.net/info/RedV.htm
trojan-downloader.bat.ftp.ab Trojan-Downloader:
Jsou to jenom útržky, ale snad ti pomohou.
Trochu jsem googlil a něco málo i našel:
video activex access Trojan:
Kód: Vybrat vše
Odstranění takového přesměrování domácí stránky je velmi jednoduché, stačí otevřít „Program Files“ a najít podezřelý adresář – v tomto případě „Video Access ActiveX Object“ a vymazat ho i s knihovnou, která problém způsobuje. Jsou různé varianty, adresář se může jmenovat „iVideo Codec“ apod. I méně zkušený uživatel by mohl poznat podezřelý adresář.fujaks.e Worm:
http://www.symantec.com/en/uk/security_response/writeup.jsp?docid=2007-010509-0134-99&tabid=2
redv Spyware/Adware:
http://www.scanspyware.net/info/RedV.htm
trojan-downloader.bat.ftp.ab Trojan-Downloader:
Kód: Vybrat vše
C:\WINDOWS\System32\i Jsou to jenom útržky, ale snad ti pomohou.
Prosím, omluvte mou častou nepřítomnost na fóru.Bohužel jsou věci, které člověk nemůže ovlivnit a já tudíž nemám moc času, abych se sem dostal.Budu se snažit tady být vždy, když to bude možné, ale nic zaručit nemohu.Je mi to líto.
Log z MWAV je v pořádku. Ujistěte se, zda jste před scanováním zatrhl All local Drives!
Pokud ne, udělejte scan ještě jednou a vložte sem pouze obsah spodního okna - Virus log Information.
Udělejte scan Combofix:
Pokud ne, udělejte scan ještě jednou a vložte sem pouze obsah spodního okna - Virus log Information.
Udělejte scan Combofix:
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem klávesy 1
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
> ZDE JE LOG Z MWAV
virus log information
Object "video activex access Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "fujacks.e Worm" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\isafeif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\vetredir.dll". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\Smitfraud1Fix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix\Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix.exe/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\Smitfraud1Fix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix\Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix.exe/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
virus log information
Object "video activex access Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "linkmedia Trojan" found in File System! Action Taken: No Action Taken.
Object "fujacks.e Worm" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Object "redv Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\isafeif.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\ZoneLabs\vetredir.dll". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\Smitfraud1Fix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix\Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix.exe/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Documents and Settings\Maks\Dokumenty\Programky\Antivir\Zabezpečení PC\SmitfraudFix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\Smitfraud1Fix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix\Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix.exe/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
File C:\Program Files\Antivir\Zabezpečení PC\SmitfraudFix.zip/SmitfraudFix/Reboot.exe tagged as "not-a-virus:RiskTool.Win32.Reboot.f". Action Taken: No Action Taken.
Log z COMBOFIX
ComboFix 07-08-09.3 - "Maks" 2007-08-12 15:42:09.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.167 [GMT 2:00]
((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))
2007-08-12 14:34 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 22:29 8,704 --a--c--- C:\WINDOWS\system32\dllcache\kbdjpn.dll
2007-08-11 22:29 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-08-11 22:29 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdkor.dll
2007-08-11 22:29 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd106.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101c.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101b.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-08-11 22:29 5,632 --a--c--- C:\WINDOWS\system32\dllcache\kbd103.dll
2007-08-11 22:29 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-08-11 14:52 545 --a------ C:\WINDOWS\UC.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\RAR.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\LHA.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\ARJ.PIF
2007-08-11 14:52 <DIR> d-------- C:\totalcmd
2007-08-11 14:21 <DIR> d-------- C:\Program Files\Opera
2007-08-11 14:21 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\Opera
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-08-09 21:33 110,360 --a------ C:\WINDOWS\system32\drivers\kl1.sys
2007-08-09 21:10 <DIR> d-------- C:\Program Files\CCleaner
2007-08-09 19:35 147,968 --a------ C:\WINDOWS\R.COM
2007-08-09 19:35 137,216 --a------ C:\WINDOWS\system32\T.COM
2007-08-08 23:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Hagel Technologies
2007-08-07 16:19 <DIR> d-------- C:\Program Files\Webteh
2007-08-07 15:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\MailFrontier
2007-08-07 15:13 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-08-07 15:13 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-08-07 15:13 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-08-07 15:13 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-08-07 15:13 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-08-07 15:13 1,766,944 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-08-07 15:12 1,086,952 --------- C:\WINDOWS\system32\zpeng24.dll
2007-08-07 15:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-08-07 15:12 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-08-05 19:41 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\XnView
2007-08-05 19:29 <DIR> d-------- C:\Program Files\XnView
2007-08-05 14:07 <DIR> d-------- C:\Shoty
2007-08-05 14:02 <DIR> d-------- C:\Program Files\ScreenShots
2007-08-05 12:12 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQ Toolbar
2007-08-05 12:11 <DIR> d-------- C:\Temp
2007-08-05 12:04 <DIR> d-------- C:\Program Files\ICQToolbar
2007-08-05 12:04 <DIR> d-------- C:\Program Files\ICQLite
2007-08-05 12:04 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQLite
2007-08-05 02:07 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-05 02:07 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-05 02:07 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-05 02:07 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-05 02:07 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-05 02:07 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-05 02:06 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-05 01:18 <DIR> d-------- C:\DOCUME~1\Maks\Contacts
2007-08-05 00:55 <DIR> d-------- C:\Program Files\MSN Messenger
2007-08-05 00:08 <DIR> d-------- C:\Program Files\Internet
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Vypalovanˇ
2007-08-04 23:55 <DIR> d-------- C:\Program Files\U§iteźn‚
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Sdˇlenˇ, stahovanˇ
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Pýehr vaźe
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Prohlˇ§eźe
2007-08-04 23:54 <DIR> d-------- C:\Program Files\Komunikace
2007-08-04 23:54 <DIR> d-------- C:\Program Files\Kodeky
2007-08-04 23:53 <DIR> d-------- C:\Program Files\Antivir
2007-08-04 23:53 <DIR> d-------- C:\Program Files\All
2007-08-04 22:47 <DIR> d-------- C:\Program Files\Clickster
2007-08-04 22:43 <DIR> d-------- C:\Program Files\KB Browser
2007-08-03 23:43 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-03 23:43 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-03 23:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Lavasoft
2007-08-03 21:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Spybot - Search & Destroy
2007-08-03 21:17 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-08-03 21:09 299,520 --a------ C:\WINDOWS\uninst.exe
2007-08-03 21:09 <DIR> d-------- C:\DOCUME~1\Maks\WINDOWS
2007-08-03 20:25 <DIR> d-------- C:\Program Files\MSECache
2007-07-23 01:11 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-07-23 01:11 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-07-23 01:10 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-07-23 01:10 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-07-23 01:10 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-07-23 01:10 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-07-23 01:10 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-07-23 01:10 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-07-23 01:10 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-07-23 01:05 56 -r-hs---- C:\WINDOWS\system32\6312AF25F1.sys
2007-07-23 01:05 1,682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-23 01:05 <DIR> d-------- C:\MSOCache
2007-07-22 10:18 36,864 --a------ C:\WINDOWS\system32\RasHandler.dll
2007-07-22 10:18 159,308 --a------ C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys
2007-07-22 10:17 <DIR> d-------- C:\Program Files\GTRAN
2007-07-21 16:46 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2007-07-21 16:46 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-12 14:49 46394 --a------ C:\WINDOWS\system32\perfc005.dat
2007-08-12 14:49 310228 --a------ C:\WINDOWS\system32\perfh005.dat
2007-08-12 14:44 23444 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-08-05 21:23 --------- d-------- C:\Program Files\InstallShield Installation Information
2007-08-05 21:23 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQ
2007-08-05 00:17 --------- d-------- C:\Program Files\Windows NT
2007-08-05 00:04 --------- d-------- C:\Program Files\Messenger
2007-07-28 22:36 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\Google
2007-07-28 22:24 --------- d-------- C:\Program Files\Launch Manager
2007-07-26 00:24 --------- d-------- C:\Program Files\Star Downloader
2007-07-23 01:10 --------- d-------- C:\Program Files\Ahead
2007-07-23 01:05 --------- d-------- C:\Program Files\DivX
2007-07-22 00:34 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\uTorrent
2007-07-10 23:28 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\dvdcss
2007-06-29 20:32 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-26 22:47 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\InterVideo
2007-06-26 22:46 --------- d-------- C:\Program Files\InterVideo
2007-06-26 22:46 --------- d-------- C:\Program Files\Common Files\InterVideo
2007-06-11 02:44 729088 --a------ C:\WINDOWS\iun6002.exe
2007-05-30 19:29 0 -rahs---- C:\MSDOS.SYS
2007-05-30 19:29 0 -rahs---- C:\IO.SYS
2007-05-30 19:29 0 --a------ C:\CONFIG.SYS
2007-05-30 19:29 0 --------- C:\AUTOEXEC.BAT
2007-05-30 19:26 21812 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-05-16 17:18 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:18 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:18 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:18 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:18 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Vypalovaní
--------- C:\Program Files\Užitečné
--------- C:\Program Files\Sdílení, stahovaní
--------- C:\Program Files\Prohlížeče
--------- C:\Program Files\Přehrávače
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 03:36]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-11-11 20:40]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-16 11:23 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-08-16 11:21 C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [2006-08-16 11:20 C:\WINDOWS\Alcmtr.exe]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2006-11-27 15:18]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" []
"Tet-a-Tet"="C:\Documents and Settings\Maks\Dokumenty\Tet-A-Tet.exe" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 14:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"SpybotSD TeaTimer"="C:\Program Files\Antivir\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"T-Mobile Communication Centre"="C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe" []
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe -trayboot
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-06-26 22:46:32]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
R2 Ethpdrv;Ethernet Packet Driver;C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe -k netsvcs
R3 DKbFltr;Dritek Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
R3 EMSCR;EMSCR;C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
R3 ESDCR;ESDCR;C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
R3 ESMCR;ESMCR;C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
R3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196);C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
S3 Cam5603D;Acer OrbiCam;C:\WINDOWS\system32\Drivers\BisonCam.sys
S3 IpwP;IPWireless 3G PCMCIA Network Adapter;C:\WINDOWS\system32\DRIVERS\ipwpnet.sys
S3 UIUSys;Conexant Setup API;C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 15:44:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\F\xf3ra\\f\1e]
"Order"=hex:08,00,00,00,02,00,00,00,d8,04,00,00,01,00,00,00,0d,00,00,00,58,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Sportovn\xed den\xedky\\f\1e]
"Order"=hex:08,00,00,00,02,00,00,00,fc,04,00,00,01,00,00,00,0d,00,00,00,50,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Buka\G\1U\1\xed]
"Order"=hex:08,00,00,00,02,00,00,00,10,02,00,00,01,00,00,00,04,00,00,00,8a,..
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-12 15:45:04
C:\ComboFix-quarantined-files.txt ... 2007-08-12 15:44
--- E O F ---
ComboFix 07-08-09.3 - "Maks" 2007-08-12 15:42:09.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.167 [GMT 2:00]
((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))
2007-08-12 14:34 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 22:29 8,704 --a--c--- C:\WINDOWS\system32\dllcache\kbdjpn.dll
2007-08-11 22:29 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-08-11 22:29 8,192 --a--c--- C:\WINDOWS\system32\dllcache\kbdkor.dll
2007-08-11 22:29 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd106.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101c.dll
2007-08-11 22:29 6,144 --a--c--- C:\WINDOWS\system32\dllcache\kbd101b.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-08-11 22:29 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-08-11 22:29 5,632 --a--c--- C:\WINDOWS\system32\dllcache\kbd103.dll
2007-08-11 22:29 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-08-11 14:52 545 --a------ C:\WINDOWS\UC.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\RAR.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\LHA.PIF
2007-08-11 14:52 545 --a------ C:\WINDOWS\ARJ.PIF
2007-08-11 14:52 <DIR> d-------- C:\totalcmd
2007-08-11 14:21 <DIR> d-------- C:\Program Files\Opera
2007-08-11 14:21 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\Opera
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-08-09 21:51 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-08-09 21:33 110,360 --a------ C:\WINDOWS\system32\drivers\kl1.sys
2007-08-09 21:10 <DIR> d-------- C:\Program Files\CCleaner
2007-08-09 19:35 147,968 --a------ C:\WINDOWS\R.COM
2007-08-09 19:35 137,216 --a------ C:\WINDOWS\system32\T.COM
2007-08-08 23:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Hagel Technologies
2007-08-07 16:19 <DIR> d-------- C:\Program Files\Webteh
2007-08-07 15:14 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\MailFrontier
2007-08-07 15:13 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-08-07 15:13 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-08-07 15:13 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-08-07 15:13 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-08-07 15:13 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-08-07 15:13 1,766,944 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-08-07 15:12 1,086,952 --------- C:\WINDOWS\system32\zpeng24.dll
2007-08-07 15:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-08-07 15:12 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-08-05 19:41 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\XnView
2007-08-05 19:29 <DIR> d-------- C:\Program Files\XnView
2007-08-05 14:07 <DIR> d-------- C:\Shoty
2007-08-05 14:02 <DIR> d-------- C:\Program Files\ScreenShots
2007-08-05 12:12 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQ Toolbar
2007-08-05 12:11 <DIR> d-------- C:\Temp
2007-08-05 12:04 <DIR> d-------- C:\Program Files\ICQToolbar
2007-08-05 12:04 <DIR> d-------- C:\Program Files\ICQLite
2007-08-05 12:04 <DIR> d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQLite
2007-08-05 02:07 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-08-05 02:07 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-08-05 02:07 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-08-05 02:07 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-08-05 02:07 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-05 02:07 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-08-05 02:06 783,224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-08-05 01:18 <DIR> d-------- C:\DOCUME~1\Maks\Contacts
2007-08-05 00:55 <DIR> d-------- C:\Program Files\MSN Messenger
2007-08-05 00:08 <DIR> d-------- C:\Program Files\Internet
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Vypalovanˇ
2007-08-04 23:55 <DIR> d-------- C:\Program Files\U§iteźn‚
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Sdˇlenˇ, stahovanˇ
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Pýehr vaźe
2007-08-04 23:55 <DIR> d-------- C:\Program Files\Prohlˇ§eźe
2007-08-04 23:54 <DIR> d-------- C:\Program Files\Komunikace
2007-08-04 23:54 <DIR> d-------- C:\Program Files\Kodeky
2007-08-04 23:53 <DIR> d-------- C:\Program Files\Antivir
2007-08-04 23:53 <DIR> d-------- C:\Program Files\All
2007-08-04 22:47 <DIR> d-------- C:\Program Files\Clickster
2007-08-04 22:43 <DIR> d-------- C:\Program Files\KB Browser
2007-08-03 23:43 <DIR> d-------- C:\Program Files\Lavasoft
2007-08-03 23:43 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-03 23:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Lavasoft
2007-08-03 21:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Spybot - Search & Destroy
2007-08-03 21:17 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2007-08-03 21:09 299,520 --a------ C:\WINDOWS\uninst.exe
2007-08-03 21:09 <DIR> d-------- C:\DOCUME~1\Maks\WINDOWS
2007-08-03 20:25 <DIR> d-------- C:\Program Files\MSECache
2007-07-23 01:11 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-07-23 01:11 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-07-23 01:10 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-07-23 01:10 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-07-23 01:10 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-07-23 01:10 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-07-23 01:10 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-07-23 01:10 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-07-23 01:10 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-07-23 01:05 56 -r-hs---- C:\WINDOWS\system32\6312AF25F1.sys
2007-07-23 01:05 1,682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-07-23 01:05 <DIR> d-------- C:\MSOCache
2007-07-22 10:18 36,864 --a------ C:\WINDOWS\system32\RasHandler.dll
2007-07-22 10:18 159,308 --a------ C:\WINDOWS\system32\drivers\gtusbmdm_gpc6400.sys
2007-07-22 10:17 <DIR> d-------- C:\Program Files\GTRAN
2007-07-21 16:46 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2007-07-21 16:46 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-12 14:49 46394 --a------ C:\WINDOWS\system32\perfc005.dat
2007-08-12 14:49 310228 --a------ C:\WINDOWS\system32\perfh005.dat
2007-08-12 14:44 23444 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-08-05 21:23 --------- d-------- C:\Program Files\InstallShield Installation Information
2007-08-05 21:23 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\ICQ
2007-08-05 00:17 --------- d-------- C:\Program Files\Windows NT
2007-08-05 00:04 --------- d-------- C:\Program Files\Messenger
2007-07-28 22:36 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\Google
2007-07-28 22:24 --------- d-------- C:\Program Files\Launch Manager
2007-07-26 00:24 --------- d-------- C:\Program Files\Star Downloader
2007-07-23 01:10 --------- d-------- C:\Program Files\Ahead
2007-07-23 01:05 --------- d-------- C:\Program Files\DivX
2007-07-22 00:34 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\uTorrent
2007-07-10 23:28 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\dvdcss
2007-06-29 20:32 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-26 22:47 --------- d-------- C:\DOCUME~1\Maks\DATAAP~1\InterVideo
2007-06-26 22:46 --------- d-------- C:\Program Files\InterVideo
2007-06-26 22:46 --------- d-------- C:\Program Files\Common Files\InterVideo
2007-06-11 02:44 729088 --a------ C:\WINDOWS\iun6002.exe
2007-05-30 19:29 0 -rahs---- C:\MSDOS.SYS
2007-05-30 19:29 0 -rahs---- C:\IO.SYS
2007-05-30 19:29 0 --a------ C:\CONFIG.SYS
2007-05-30 19:29 0 --------- C:\AUTOEXEC.BAT
2007-05-30 19:26 21812 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-05-16 17:18 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:18 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:18 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:18 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 17:18 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
--------- C:\Program Files\Vypalovaní
--------- C:\Program Files\Užitečné
--------- C:\Program Files\Sdílení, stahovaní
--------- C:\Program Files\Prohlížeče
--------- C:\Program Files\Přehrávače
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 03:36]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-11-11 20:40]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 12:17]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 12:13]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 12:17]
"RTHDCPL"="RTHDCPL.EXE" [2006-08-16 11:23 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-08-16 11:21 C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [2006-08-16 11:20 C:\WINDOWS\Alcmtr.exe]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-07-20 22:15]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12]
"DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2006-11-27 15:18]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" []
"Tet-a-Tet"="C:\Documents and Settings\Maks\Dokumenty\Tet-A-Tet.exe" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 14:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"SpybotSD TeaTimer"="C:\Program Files\Antivir\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 01:04]
"T-Mobile Communication Centre"="C:\Program Files\T-Mobile\web'n'walk Manager\Manager.exe" []
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe -trayboot
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:00]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 01:01:00]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-06-26 22:46:32]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI;C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
R2 Ethpdrv;Ethernet Packet Driver;C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe -k netsvcs
R3 DKbFltr;Dritek Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
R3 EMSCR;EMSCR;C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
R3 ESDCR;ESDCR;C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
R3 ESMCR;ESMCR;C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
R3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196);C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 sdbus;sdbus;C:\WINDOWS\system32\DRIVERS\sdbus.sys
S3 Cam5603D;Acer OrbiCam;C:\WINDOWS\system32\Drivers\BisonCam.sys
S3 IpwP;IPWireless 3G PCMCIA Network Adapter;C:\WINDOWS\system32\DRIVERS\ipwpnet.sys
S3 UIUSys;Conexant Setup API;C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 15:44:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cursors\Schemes]
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?"="C:\WINDOWS\cursors\arrow_r.cur,C:\WINDOWS\cursors\help_r.cur,C:\WINDOWS\cursors\wait_r.cur,C:\WINDOWS\cursors\busy_r.cur,C:\WINDOWS\cursors\cross_r.cur,C:\WINDOWS\cursors\beam_r.cur,C:\WINDOWS\cursors\pen_r.cur,C:\WINDOWS\cursors\no_r.cur,C:\WINDOWS\cursors\size4_r.cur,C:\WINDOWS\cursors\size3_r.cur,C:\WINDOWS\cursors\size2_r.cur,C:\WINDOWS\cursors\size1_r.cur,C:\WINDOWS\cursors\move_r.cur,C:\WINDOWS\cursors\up_r.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?v?e?l?k?\xe9?)?"="C:\WINDOWS\cursors\arrow_rm.cur,C:\WINDOWS\cursors\help_rm.cur,C:\WINDOWS\cursors\wait_rm.cur,C:\WINDOWS\cursors\busy_rm.cur,C:\WINDOWS\cursors\cross_rm.cur,C:\WINDOWS\cursors\beam_rm.cur,C:\WINDOWS\cursors\pen_rm.cur,C:\WINDOWS\cursors\no_rm.cur,C:\WINDOWS\cursors\size4_rm.cur,C:\WINDOWS\cursors\size3_rm.cur,C:\WINDOWS\cursors\size2_rm.cur,C:\WINDOWS\cursors\size1_rm.cur,C:\WINDOWS\cursors\move_rm.cur,C:\WINDOWS\cursors\up_rm.cur"
"\f\1e?r?n?\xe9? ?u?k?a?z?a?t?e?l?e? ?(?n?e?j?v?\e\1t?a\1\xed?)?"="C:\WINDOWS\cursors\arrow_rl.cur,C:\WINDOWS\cursors\help_rl.cur,C:\WINDOWS\cursors\wait_rl.cur,C:\WINDOWS\cursors\busy_rl.cur,C:\WINDOWS\cursors\cross_rl.cur,C:\WINDOWS\cursors\beam_rl.cur,C:\WINDOWS\cursors\pen_rl.cur,C:\WINDOWS\cursors\no_rl.cur,C:\WINDOWS\cursors\size4_rl.cur,C:\WINDOWS\cursors\size3_rl.cur,C:\WINDOWS\cursors\size2_rl.cur,C:\WINDOWS\cursors\size1_rl.cur,C:\WINDOWS\cursors\move_rl.cur,C:\WINDOWS\cursors\up_rl.cur"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\F\xf3ra\\f\1e]
"Order"=hex:08,00,00,00,02,00,00,00,d8,04,00,00,01,00,00,00,0d,00,00,00,58,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Sportovn\xed den\xedky\\f\1e]
"Order"=hex:08,00,00,00,02,00,00,00,fc,04,00,00,01,00,00,00,0d,00,00,00,50,..
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Buka\G\1U\1\xed]
"Order"=hex:08,00,00,00,02,00,00,00,10,02,00,00,01,00,00,00,04,00,00,00,8a,..
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-12 15:45:04
C:\ComboFix-quarantined-files.txt ... 2007-08-12 15:44
--- E O F ---
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 56 hostů