VIRUS ALERT! Pomóóóóc Vyřešeno
Re: VIRUS ALERT! Pomóóóóc
Tak u toho mwavu zvolte to, co je kdispozicii.
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
-
Funstorm007
- Level 5
- Příspěvky: 2031
- Registrován: říjen 08
- Pohlaví:
- Stav:
Offline
Re: VIRUS ALERT! Pomóóóóc
Omlouvam se za tu dlouhou nepritomnost,zkousel jsem znovu aplikovat ten Combofix,zde je log:
ComboFix 08-10-05.11 - Kuba 2008-10-23 21:33:46.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.610 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Kuba\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Kuba\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
FILE ::
C:\WINDOWS\DUMP3875.tmp
C:\WINDOWS\DUMP4ac4.tmp
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\drivers\msulr.sys
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll
C:\WINDOWS\system32\ezkrdscacssisy.dll-uninst.exe
C:\WINDOWS\system32\g59.exe
C:\WINDOWS\system32\g71.exe
C:\WINDOWS\system32\gbqnmkyqxmlyoqw.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\Uninstall.ico
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Web Hottest Videos Personal Player
C:\Program Files\Web Hottest Videos Personal Player\Adware-SE profesional Web hottest videos personal player.exe
C:\Program Files\Web Hottest Videos Personal Player\Come2PlayK2P_28_08.exe
C:\Program Files\Web Hottest Videos Personal Player\UNWISE.EXE
C:\Program Files\Web Hottest Videos Personal Player\webp.exe
C:\Program Files\Web Hottest Videos Personal Player\WebPlayer.exe
C:\WINDOWS\DUMP3875.tmp
C:\WINDOWS\DUMP4ac4.tmp
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\drivers\msulr.sys
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll-uninst.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll
C:\WINDOWS\system32\g59.exe
C:\WINDOWS\system32\g71.exe
C:\WINDOWS\system32\gbqnmkyqxmlyoqw.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\system32\Uninstall.ico
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-09-23 do 2008-10-23 )))))))))))))))))))))))))))))))
.
2008-10-23 21:09 . 2008-10-23 21:09 <DIR> d-------- C:\WINDOWS\LastGood
2008-10-23 21:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-10-23 21:09 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-10-23 21:09 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-10-23 20:59 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-10-23 20:57 . 2008-10-23 20:57 <DIR> d-------- C:\Program Files\Microsoft Works
2008-10-23 20:56 . 2008-10-23 20:56 <DIR> d-------- C:\Program Files\MSBuild
2008-10-23 20:54 . 2008-10-23 20:54 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-10-23 20:49 . 2008-10-23 20:49 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-10-23 20:47 . 2008-10-23 20:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-10-23 20:46 . 2008-10-23 20:46 <DIR> dr-h----- C:\MSOCache
2008-10-23 20:46 . 2008-10-23 21:00 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2008-10-19 17:57 . 2008-10-19 17:57 <DIR> d-------- C:\Program Files\Alwil Software
2008-10-18 17:36 . 2008-10-18 18:32 <DIR> d-------- C:\My FLVs
2008-10-18 14:03 . 2008-10-18 14:05 34 ---h----- C:\EPIC.INI
2008-10-18 12:09 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-10-18 12:09 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-10-18 12:09 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-10-18 12:09 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2008-10-18 12:09 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-10-18 12:09 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2008-10-18 12:09 . 2007-05-31 19:30 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2008-10-18 12:09 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2008-10-18 12:09 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-10-18 12:09 . 2007-05-31 19:29 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2008-10-18 12:08 . 2008-10-18 12:08 22,328 --a------ C:\Documents and Settings\Kuba\Data aplikací\PnkBstrK.sys
2008-10-17 17:03 . 2008-10-17 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Nokia
2008-10-17 17:01 . 2008-10-17 17:01 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-10-17 17:01 . 2008-02-01 16:17 138,112 --a------ C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2008-10-17 17:01 . 2008-02-01 16:17 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2008-10-16 19:10 . 2008-04-13 20:45 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-10-16 19:10 . 2008-04-13 20:45 26,112 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-10-16 19:10 . 2008-10-16 19:10 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-16 19:10 . 2008-10-16 19:10 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-16 19:04 . 2008-10-16 19:04 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-10-16 19:04 . 2008-10-18 16:08 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-10-16 19:03 . 2008-10-16 19:03 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-10-16 19:03 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-10-16 19:01 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-10-16 19:01 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-10-16 19:01 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-10-16 19:01 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-10-16 19:01 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-10-16 19:01 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-10-15 19:02 . 2008-10-15 19:02 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Corel
2008-10-15 19:01 . 2008-10-15 19:01 <DIR> d-------- C:\WINDOWS\Corel
2008-10-15 18:57 . 2008-10-15 18:57 <DIR> d-------- C:\Program Files\Corel
2008-10-15 18:57 . 2008-10-15 18:57 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-10-15 18:54 . 2008-09-15 17:27 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 18:54 . 2008-09-08 12:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 18:53 . 2008-08-14 15:26 2,191,360 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,068,224 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-10-13 20:39 . 2008-10-13 21:25 52 --a------ C:\WINDOWS\Lic.xxx
2008-10-13 20:38 . 2008-10-13 20:38 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2008-10-13 20:38 . 2008-04-14 05:22 147,968 --a------ C:\WINDOWS\R.COM
2008-10-13 20:38 . 2008-04-14 05:22 137,216 --a------ C:\WINDOWS\system32\T.COM
2008-10-12 20:21 . 2008-10-12 20:22 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-10-12 19:58 . 2008-10-12 19:58 <DIR> d-------- C:\Program Files\Sunbelt Software
2008-10-12 19:58 . 2008-07-16 09:57 269,736 -ra------ C:\WINDOWS\system32\drivers\SbFw.sys
2008-10-12 19:58 . 2008-06-21 04:54 65,576 --a------ C:\WINDOWS\system32\drivers\SbFwIm.sys
2008-10-12 13:03 . 2008-10-12 13:03 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Malwarebytes
2008-10-07 20:58 . 2008-10-15 20:03 1,393 --a------ C:\WINDOWS\imsins.BAK
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 17:11 . 2008-10-07 17:11 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-10-07 17:11 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-07 17:10 . 2008-10-07 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-09-10 00:10 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-07 17:10 . 2008-09-10 00:09 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-07 17:07 . 2008-10-07 17:07 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\BSplayer
2008-10-06 21:17 . 2008-10-06 21:17 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\TuneUp Software
2008-10-06 20:09 . 2008-10-06 20:09 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2008-10-06 20:08 . 2008-10-06 20:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-10-06 20:08 . 2008-10-06 20:13 <DIR> d-------- C:\Program Files\CCleaner
2008-10-06 19:43 . 2008-10-06 19:43 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\ICQ
2008-10-05 18:37 . 2008-10-18 16:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-10-05 18:32 . 2008-10-05 18:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-05 17:52 . 2008-10-05 17:52 <DIR> d-------- C:\Program Files\BitTorrent Fastest Tool
2008-10-05 17:50 . 2008-10-05 17:50 <DIR> d-------- C:\Program Files\Conduit
2008-10-05 17:50 . 2008-10-18 16:06 <DIR> d-------- C:\Program Files\Come2PlayK2P
2008-10-05 16:06 . 2008-10-05 16:06 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\SUPERAntiSpyware.com
2008-10-04 12:01 . 2007-03-01 19:54 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-10-04 11:53 . 2008-10-04 11:53 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Webroot
2008-10-01 20:39 . 2008-10-01 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-10-01 20:38 . 2008-10-01 20:39 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-01 20:38 . 2008-10-01 20:38 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\SUPERAntiSpyware.com
2008-10-01 20:09 . 2008-10-01 20:09 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\AntiMalwareGuard
2008-10-01 18:27 . 2008-09-02 17:25 4,096 --a------ C:\WINDOWS\system32\bootrem.exe
2008-09-30 17:24 . 2008-09-30 17:25 <DIR> d-------- C:\Documents and Settings\Eliška\Data aplikací\Zoner
2008-09-27 23:29 . 2008-09-27 23:29 <DIR> d-------- C:\Documents and Settings\Kuba\.sysdb20
2008-09-27 23:29 . 2008-09-27 23:29 <DIR> d-------- C:\Documents and Settings\Kuba\.editix
2008-09-24 20:38 . 2008-09-24 20:41 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Zoner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 19:04 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2008-10-23 14:58 --------- d-----w C:\Program Files\Spyware Terminator
2008-10-23 14:58 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Spyware Terminator
2008-10-22 15:00 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-10-21 16:23 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\OpenOffice.org2
2008-10-20 16:14 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\OpenOffice.org2
2008-10-19 19:17 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\PC Suite
2008-10-19 15:36 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\OpenOffice.org2
2008-10-19 15:24 --------- d-----w C:\Program Files\eMule
2008-10-19 15:17 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Free Download Manager
2008-10-18 15:59 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-10-18 14:24 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-18 14:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-18 14:08 --------- d-----w C:\Program Files\Nokia
2008-10-18 10:08 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-18 10:07 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-10-18 10:07 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-17 14:51 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Nokia
2008-10-17 14:49 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Installations
2008-10-14 19:44 --------- d-----w C:\Program Files\SMS posílač Treca
2008-10-10 17:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-10-10 15:56 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\Spyware Terminator
2008-09-29 13:54 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\Spyware Terminator
2008-09-28 13:23 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-09-27 09:20 --------- d-----w C:\Program Files\ICQ6
2008-09-22 18:38 --------- d--h--w C:\Program Files\Zero G Registry
2008-09-22 18:36 --------- d-----w C:\Program Files\Series_60_Theme_Studio
2008-09-22 12:53 --------- d-----w C:\Program Files\SISSigner
2008-09-21 15:34 --------- d-----w C:\Program Files\Canon
2008-09-21 15:31 --------- d--h--w C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2008-09-18 17:39 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\Samsung
2008-09-18 17:38 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Samsung
2008-09-18 17:30 --------- d-----w C:\Program Files\Samsung
2008-09-17 17:21 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2008-09-17 14:58 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-09-17 14:56 --------- d-----w C:\Program Files\Opera
2008-09-17 14:56 --------- d-----w C:\Program Files\Macromedia
2008-09-17 13:18 --------- d-----w C:\Program Files\Common Files\SWF Studio
2008-09-15 15:27 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-13 11:48 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Ahead
2008-09-08 15:44 --------- d-----w C:\Program Files\Nero
2008-09-08 15:44 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 16:10 --------- d-----w C:\Program Files\DAP
2008-09-07 16:10 --------- d-----w C:\Program Files\BitComet
2008-09-07 16:10 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2008-09-07 16:09 --------- d-----w C:\Program Files\BS.Player ControlBar
2008-09-06 18:05 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\BSplayer
2008-09-06 17:44 --------- d-----w C:\Program Files\Webteh
2008-09-06 17:44 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\BSplayer Pro
2008-08-29 16:18 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-08-29 10:42 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-08-29 09:58 --------- d-----w C:\Program Files\Free Download Manager
2008-08-29 09:57 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\FreeDownloadManager.ORG
2008-08-28 18:36 --------- d-----w C:\Program Files\Star Downloader
2008-08-28 14:37 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\ICQ
2008-08-26 21:20 --------- d-----w C:\Program Files\Wordmaster XP
2008-08-26 08:27 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-23 11:14 --------- d-----w C:\Program Files\Lonely Cat Games
2008-08-23 10:26 --------- d-----w C:\Program Files\Any Video Converter
2008-08-23 10:26 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Any Video Converter
2008-08-14 13:26 2,191,360 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:26 2,068,224 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-04 20:50 47,251 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-08-04 20:50 2,145 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]
2008-08-20 23:03 1780248 --a------ C:\Program Files\Come2PlayK2P\tbCome.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]
"{b8a5b62c-517f-42a5-85ae-29b5497fb15f}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]
"{B8A5B62C-517F-42A5-85AE-29B5497FB15F}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]
[HKEY_CLASSES_ROOT\clsid\{2c688203-7eb3-4327-9995-1cb417ba23f9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{1FC79FB5-E4BD-48c8-B2E9-B8E74DB2C3A9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj]
[HKEY_CLASSES_ROOT\clsid\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-22 5898240]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-22 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-04 1817600]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"nwiz"="nwiz.exe" [2005-04-22 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" silent
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Free Download Manager\\fdm.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8623:TCP"= 8623:TCP:BitComet 8623 TCP
"8623:UDP"= 8623:UDP:BitComet 8623 UDP
R1 SbFw;SbFw;C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver;C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-08-04 141312]
R2 SbPF.Launcher;SbPF.Launcher;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 DstAud;DstAud;C:\WINDOWS\system32\DRIVERS\DstAud.sys [2001-12-05 8901]
R3 DstVid;DstVid;C:\WINDOWS\system32\DRIVERS\DstVid.sys [2001-12-05 11237]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - OSE
.
Obsah adresáře 'Naplánované úlohy'
2008-10-17 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe [2006-10-22 14:17]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKU-Default-Run-Nokia.PCSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-23 21:35:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet015\Services\TDSSserv]
"imagepath"="\systemroot\system32\drivers\TDSSserv.sys"
.
Celkový čas: 2008-10-23 21:41:49
ComboFix-quarantined-files.txt 2008-10-23 19:41:45
Před spuštěním: 2 931 118 080
Po spuštění: 3,704,934,400
334 --- E O F --- 2008-10-15 18:03:03
ComboFix 08-10-05.11 - Kuba 2008-10-23 21:33:46.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.610 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Kuba\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Kuba\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
FILE ::
C:\WINDOWS\DUMP3875.tmp
C:\WINDOWS\DUMP4ac4.tmp
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\drivers\msulr.sys
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll
C:\WINDOWS\system32\ezkrdscacssisy.dll-uninst.exe
C:\WINDOWS\system32\g59.exe
C:\WINDOWS\system32\g71.exe
C:\WINDOWS\system32\gbqnmkyqxmlyoqw.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\Uninstall.ico
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Web Hottest Videos Personal Player
C:\Program Files\Web Hottest Videos Personal Player\Adware-SE profesional Web hottest videos personal player.exe
C:\Program Files\Web Hottest Videos Personal Player\Come2PlayK2P_28_08.exe
C:\Program Files\Web Hottest Videos Personal Player\UNWISE.EXE
C:\Program Files\Web Hottest Videos Personal Player\webp.exe
C:\Program Files\Web Hottest Videos Personal Player\WebPlayer.exe
C:\WINDOWS\DUMP3875.tmp
C:\WINDOWS\DUMP4ac4.tmp
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\AntiXPVSTFix.exe
C:\WINDOWS\system32\drivers\msulr.sys
C:\WINDOWS\system32\dumphive.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll-uninst.exe
C:\WINDOWS\system32\ezkrdscacssisy.dll
C:\WINDOWS\system32\g59.exe
C:\WINDOWS\system32\g71.exe
C:\WINDOWS\system32\gbqnmkyqxmlyoqw.exe
C:\WINDOWS\system32\IEDFix.C.exe
C:\WINDOWS\system32\o4Patch.exe
C:\WINDOWS\system32\piwzdctrtcbtjrxa.dll
C:\WINDOWS\system32\Process.exe
C:\WINDOWS\system32\SrchSTS.exe
C:\WINDOWS\system32\taskmgr.com
C:\WINDOWS\system32\Uninstall.ico
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\VCCLSID.exe
C:\WINDOWS\system32\WS2Fix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-09-23 do 2008-10-23 )))))))))))))))))))))))))))))))
.
2008-10-23 21:09 . 2008-10-23 21:09 <DIR> d-------- C:\WINDOWS\LastGood
2008-10-23 21:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-10-23 21:09 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-10-23 21:09 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-10-23 20:59 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-10-23 20:57 . 2008-10-23 20:57 <DIR> d-------- C:\Program Files\Microsoft Works
2008-10-23 20:56 . 2008-10-23 20:56 <DIR> d-------- C:\Program Files\MSBuild
2008-10-23 20:54 . 2008-10-23 20:54 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-10-23 20:49 . 2008-10-23 20:49 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-10-23 20:47 . 2008-10-23 20:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-10-23 20:46 . 2008-10-23 20:46 <DIR> dr-h----- C:\MSOCache
2008-10-23 20:46 . 2008-10-23 21:00 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2008-10-19 17:57 . 2008-10-19 17:57 <DIR> d-------- C:\Program Files\Alwil Software
2008-10-18 17:36 . 2008-10-18 18:32 <DIR> d-------- C:\My FLVs
2008-10-18 14:03 . 2008-10-18 14:05 34 ---h----- C:\EPIC.INI
2008-10-18 12:09 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2008-10-18 12:09 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-10-18 12:09 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2008-10-18 12:09 . 2007-03-12 16:42 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2008-10-18 12:09 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2008-10-18 12:09 . 2007-03-15 16:57 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2008-10-18 12:09 . 2007-05-31 19:30 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2008-10-18 12:09 . 2007-04-04 18:55 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2008-10-18 12:09 . 2007-01-24 15:27 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2008-10-18 12:09 . 2007-05-31 19:29 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2008-10-18 12:08 . 2008-10-18 12:08 22,328 --a------ C:\Documents and Settings\Kuba\Data aplikací\PnkBstrK.sys
2008-10-17 17:03 . 2008-10-17 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Nokia
2008-10-17 17:01 . 2008-10-17 17:01 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-10-17 17:01 . 2008-02-01 16:17 138,112 --a------ C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2008-10-17 17:01 . 2008-02-01 16:17 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2008-10-16 19:10 . 2008-04-13 20:45 26,112 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-10-16 19:10 . 2008-04-13 20:45 26,112 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-10-16 19:10 . 2008-10-16 19:10 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-16 19:10 . 2008-10-16 19:10 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-16 19:04 . 2008-10-16 19:04 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-10-16 19:04 . 2008-10-18 16:08 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-10-16 19:03 . 2008-10-16 19:03 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-10-16 19:03 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-10-16 19:01 . 2008-05-07 07:39 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-10-16 19:01 . 2008-05-07 07:38 659,968 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-10-16 19:01 . 2008-05-07 07:38 20,864 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-10-16 19:01 . 2008-05-07 07:38 17,536 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-10-16 19:01 . 2008-05-07 07:38 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-10-16 19:01 . 2008-06-06 09:24 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-10-15 19:02 . 2008-10-15 19:02 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Corel
2008-10-15 19:01 . 2008-10-15 19:01 <DIR> d-------- C:\WINDOWS\Corel
2008-10-15 18:57 . 2008-10-15 18:57 <DIR> d-------- C:\Program Files\Corel
2008-10-15 18:57 . 2008-10-15 18:57 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-10-15 18:54 . 2008-09-15 17:27 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 18:54 . 2008-09-08 12:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 18:53 . 2008-08-14 15:26 2,191,360 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,068,224 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 18:53 . 2008-08-14 15:26 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-10-13 20:57 . 2008-10-13 20:57 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-10-13 20:39 . 2008-10-13 21:25 52 --a------ C:\WINDOWS\Lic.xxx
2008-10-13 20:38 . 2008-10-13 20:38 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2008-10-13 20:38 . 2008-04-14 05:22 147,968 --a------ C:\WINDOWS\R.COM
2008-10-13 20:38 . 2008-04-14 05:22 137,216 --a------ C:\WINDOWS\system32\T.COM
2008-10-12 20:21 . 2008-10-12 20:22 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-10-12 19:58 . 2008-10-12 19:58 <DIR> d-------- C:\Program Files\Sunbelt Software
2008-10-12 19:58 . 2008-07-16 09:57 269,736 -ra------ C:\WINDOWS\system32\drivers\SbFw.sys
2008-10-12 19:58 . 2008-06-21 04:54 65,576 --a------ C:\WINDOWS\system32\drivers\SbFwIm.sys
2008-10-12 13:03 . 2008-10-12 13:03 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Malwarebytes
2008-10-07 20:58 . 2008-10-15 20:03 1,393 --a------ C:\WINDOWS\imsins.BAK
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 20:28 . 2008-10-07 20:28 <DIR> d-------- C:\Documents and Settings\Taťka\Phone Browser
2008-10-07 17:11 . 2008-10-07 17:11 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-10-07 17:11 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-07 17:10 . 2008-10-07 17:10 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-10-07 17:10 . 2008-09-10 00:10 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-07 17:10 . 2008-09-10 00:09 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-07 17:07 . 2008-10-07 17:07 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\BSplayer
2008-10-06 21:17 . 2008-10-06 21:17 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\TuneUp Software
2008-10-06 20:09 . 2008-10-06 20:09 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
2008-10-06 20:08 . 2008-10-06 20:08 <DIR> d-------- C:\Program Files\Yahoo!
2008-10-06 20:08 . 2008-10-06 20:13 <DIR> d-------- C:\Program Files\CCleaner
2008-10-06 19:43 . 2008-10-06 19:43 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\ICQ
2008-10-05 18:37 . 2008-10-18 16:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2008-10-05 18:32 . 2008-10-05 18:32 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-05 17:52 . 2008-10-05 17:52 <DIR> d-------- C:\Program Files\BitTorrent Fastest Tool
2008-10-05 17:50 . 2008-10-05 17:50 <DIR> d-------- C:\Program Files\Conduit
2008-10-05 17:50 . 2008-10-18 16:06 <DIR> d-------- C:\Program Files\Come2PlayK2P
2008-10-05 16:06 . 2008-10-05 16:06 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\SUPERAntiSpyware.com
2008-10-04 12:01 . 2007-03-01 19:54 21,056 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-10-04 11:53 . 2008-10-04 11:53 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Webroot
2008-10-01 20:39 . 2008-10-01 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-10-01 20:38 . 2008-10-01 20:39 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-01 20:38 . 2008-10-01 20:38 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\SUPERAntiSpyware.com
2008-10-01 20:09 . 2008-10-01 20:09 <DIR> d-------- C:\Documents and Settings\Taťka\Data aplikací\AntiMalwareGuard
2008-10-01 18:27 . 2008-09-02 17:25 4,096 --a------ C:\WINDOWS\system32\bootrem.exe
2008-09-30 17:24 . 2008-09-30 17:25 <DIR> d-------- C:\Documents and Settings\Eliška\Data aplikací\Zoner
2008-09-27 23:29 . 2008-09-27 23:29 <DIR> d-------- C:\Documents and Settings\Kuba\.sysdb20
2008-09-27 23:29 . 2008-09-27 23:29 <DIR> d-------- C:\Documents and Settings\Kuba\.editix
2008-09-24 20:38 . 2008-09-24 20:41 <DIR> d-------- C:\Documents and Settings\Kuba\Data aplikací\Zoner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 19:04 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2008-10-23 14:58 --------- d-----w C:\Program Files\Spyware Terminator
2008-10-23 14:58 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Spyware Terminator
2008-10-22 15:00 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-10-21 16:23 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\OpenOffice.org2
2008-10-20 16:14 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\OpenOffice.org2
2008-10-19 19:17 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\PC Suite
2008-10-19 15:36 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\OpenOffice.org2
2008-10-19 15:24 --------- d-----w C:\Program Files\eMule
2008-10-19 15:17 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Free Download Manager
2008-10-18 15:59 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-10-18 14:24 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-18 14:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-18 14:08 --------- d-----w C:\Program Files\Nokia
2008-10-18 10:08 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-10-18 10:07 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2008-10-18 10:07 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-10-17 14:51 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Nokia
2008-10-17 14:49 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Installations
2008-10-14 19:44 --------- d-----w C:\Program Files\SMS posílač Treca
2008-10-10 17:56 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-10-10 15:56 --------- d-----w C:\Documents and Settings\Taťka\Data aplikací\Spyware Terminator
2008-09-29 13:54 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\Spyware Terminator
2008-09-28 13:23 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-09-27 09:20 --------- d-----w C:\Program Files\ICQ6
2008-09-22 18:38 --------- d--h--w C:\Program Files\Zero G Registry
2008-09-22 18:36 --------- d-----w C:\Program Files\Series_60_Theme_Studio
2008-09-22 12:53 --------- d-----w C:\Program Files\SISSigner
2008-09-21 15:34 --------- d-----w C:\Program Files\Canon
2008-09-21 15:31 --------- d--h--w C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2008-09-18 17:39 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\Samsung
2008-09-18 17:38 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Samsung
2008-09-18 17:30 --------- d-----w C:\Program Files\Samsung
2008-09-17 17:21 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2008-09-17 14:58 --------- d-----w C:\Program Files\Common Files\Macromedia
2008-09-17 14:56 --------- d-----w C:\Program Files\Opera
2008-09-17 14:56 --------- d-----w C:\Program Files\Macromedia
2008-09-17 13:18 --------- d-----w C:\Program Files\Common Files\SWF Studio
2008-09-15 15:27 1,846,400 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-13 11:48 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Ahead
2008-09-08 15:44 --------- d-----w C:\Program Files\Nero
2008-09-08 15:44 --------- d-----w C:\Program Files\Common Files\Ahead
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-09-07 16:10 --------- d-----w C:\Program Files\DAP
2008-09-07 16:10 --------- d-----w C:\Program Files\BitComet
2008-09-07 16:10 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2008-09-07 16:09 --------- d-----w C:\Program Files\BS.Player ControlBar
2008-09-06 18:05 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\BSplayer
2008-09-06 17:44 --------- d-----w C:\Program Files\Webteh
2008-09-06 17:44 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\BSplayer Pro
2008-08-29 16:18 2,560 ----a-w C:\WINDOWS\system32\bitcometres.dll
2008-08-29 10:42 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
2008-08-29 09:58 --------- d-----w C:\Program Files\Free Download Manager
2008-08-29 09:57 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\FreeDownloadManager.ORG
2008-08-28 18:36 --------- d-----w C:\Program Files\Star Downloader
2008-08-28 14:37 --------- d-----w C:\Documents and Settings\Eliška\Data aplikací\ICQ
2008-08-26 21:20 --------- d-----w C:\Program Files\Wordmaster XP
2008-08-26 08:27 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-23 11:14 --------- d-----w C:\Program Files\Lonely Cat Games
2008-08-23 10:26 --------- d-----w C:\Program Files\Any Video Converter
2008-08-23 10:26 --------- d-----w C:\Documents and Settings\Kuba\Data aplikací\Any Video Converter
2008-08-14 13:26 2,191,360 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:26 2,068,224 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-04 20:50 47,251 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-08-04 20:50 2,145 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]
2008-08-20 23:03 1780248 --a------ C:\Program Files\Come2PlayK2P\tbCome.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]
"{b8a5b62c-517f-42a5-85ae-29b5497fb15f}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2C688203-7EB3-4327-9995-1CB417BA23F9}"= "C:\Program Files\BS.Player ControlBar\BSToolbar.dll" [2008-08-13 757192]
"{B8A5B62C-517F-42A5-85AE-29B5497FB15F}"= "C:\Program Files\Come2PlayK2P\tbCome.dll" [2008-08-20 1780248]
[HKEY_CLASSES_ROOT\clsid\{2c688203-7eb3-4327-9995-1cb417ba23f9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{1FC79FB5-E4BD-48c8-B2E9-B8E74DB2C3A9}]
[HKEY_CLASSES_ROOT\BSToolbar.ToolBandObj]
[HKEY_CLASSES_ROOT\clsid\{b8a5b62c-517f-42a5-85ae-29b5497fb15f}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-08-11 1124352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-04-22 5898240]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-04-22 86016]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-08-04 1817600]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"nwiz"="nwiz.exe" [2005-04-22 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" silent
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Free Download Manager\\fdm.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8623:TCP"= 8623:TCP:BitComet 8623 TCP
"8623:UDP"= 8623:UDP:BitComet 8623 UDP
R1 SbFw;SbFw;C:\WINDOWS\system32\drivers\SbFw.sys [2008-07-16 269736]
R1 sbhips;Sunbelt HIPS Driver;C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-08-04 141312]
R2 SbPF.Launcher;SbPF.Launcher;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-07-30 95528]
R2 SPF4;Sunbelt Personal Firewall 4;C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-07-30 1361192]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 DstAud;DstAud;C:\WINDOWS\system32\DRIVERS\DstAud.sys [2001-12-05 8901]
R3 DstVid;DstVid;C:\WINDOWS\system32\DRIVERS\DstVid.sys [2001-12-05 11237]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2008-02-01 8320]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - OSE
.
Obsah adresáře 'Naplánované úlohy'
2008-10-17 C:\WINDOWS\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe [2006-10-22 14:17]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKU-Default-Run-Nokia.PCSync - C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-23 21:35:41
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet015\Services\TDSSserv]
"imagepath"="\systemroot\system32\drivers\TDSSserv.sys"
.
Celkový čas: 2008-10-23 21:41:49
ComboFix-quarantined-files.txt 2008-10-23 19:41:45
Před spuštěním: 2 931 118 080
Po spuštění: 3,704,934,400
334 --- E O F --- 2008-10-15 18:03:03
Re: VIRUS ALERT! Pomóóóóc
Vyborne ste do urobil!
Stiahnite si nastroj avenger :
Stiahnite si ho na plochu a spustite.
Do toho okna skopirujte:
Nasledne klik na EXECUTE>> YES/ANO >> OK
Pocitac sa resetuje a log ktory naskoci pri nabehu OS dajte sem.
Nasledne sem dajte aj novy log z HJT a ak by sa Vam podaril aj log z toho mwavu :-)
Stiahnite si nastroj avenger :
Kód: Vybrat vše
http://viry.cz/forum/viewtopic.php?f=15&t=19832Stiahnite si ho na plochu a spustite.
Do toho okna skopirujte:
Registry keys to delete:
HKEY_LOCAL_MACHINE\System\ControlSet015\Services\TDSSserv
Nasledne klik na EXECUTE>> YES/ANO >> OK
Pocitac sa resetuje a log ktory naskoci pri nabehu OS dajte sem.
Nasledne sem dajte aj novy log z HJT a ak by sa Vam podaril aj log z toho mwavu :-)
Moja nová kniha >> Kniha <<
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: ► CyberSecurity UNIT ◄
----
Bezpečnostná autorita fóra viry.cz ► Certifikát ◄
----
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
Kdo je online
Uživatelé prohlížející si toto fórum: Seznam[Bot] a 82 hostů