Toto mi vyslo z toho testu, tak neviem!
ComboFix 08-03-30.5 - ali 2008-04-01 18:48:09.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.1.1038.18.184 [GMT 2:00]
Running from: D:\Programok\ComboFix.exe
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\inst.exe
C:\Program Files\internet explorer\msimg32.dll
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\Cache\
00049FE6
C:\Program Files\myglobalsearch\bar\Cache\
000B4408
C:\Program Files\myglobalsearch\bar\Cache\
000E3DD0
C:\Program Files\myglobalsearch\bar\Cache\
0015407D
C:\Program Files\myglobalsearch\bar\Cache\
0065EB2F
C:\Program Files\myglobalsearch\bar\Cache\
0135E698
C:\Program Files\myglobalsearch\bar\Cache\
014401DC
C:\Program Files\myglobalsearch\bar\Cache\
014403B1.bin
C:\Program Files\myglobalsearch\bar\Cache\
01440660.bin
C:\Program Files\myglobalsearch\bar\Cache\
01440835.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
C:\windows\system32\f3PSSavr.scr
C:\windows\Temp\1021049656.exe
C:\windows\Temp\106256257.exe
C:\windows\Temp\1131210703.exe
C:\windows\Temp\1143903035.exe
C:\windows\Temp\1150806491.exe
C:\windows\Temp\1154201008.exe
C:\windows\Temp\1170761573.exe
C:\windows\Temp\1196571970.exe
C:\windows\Temp\122527621.exe
C:\windows\Temp\1275179110.exe
C:\windows\Temp\12766614.exe
C:\windows\Temp\1319751690.exe
C:\windows\Temp\1351576600.exe
C:\windows\Temp\1449372903.exe
C:\windows\Temp\1515931046.exe
C:\windows\Temp\1517220176.exe
C:\windows\Temp\1520287409.exe
C:\windows\Temp\1524926702.exe
C:\windows\Temp\1648559023.exe
C:\windows\Temp\1677556490.exe
C:\windows\Temp\1720461122.exe
C:\windows\Temp\1757322273.exe
C:\windows\Temp\1806749827.exe
C:\windows\Temp\1815136884.exe
C:\windows\Temp\1861642575.exe
C:\windows\Temp\186763477.exe
C:\windows\Temp\1873940801.exe
C:\windows\Temp\1905048255.exe
C:\windows\Temp\1915152441.exe
C:\windows\Temp\2096287981.exe
C:\windows\Temp\2108290277.exe
C:\windows\Temp\238792665.exe
C:\windows\Temp\243790546.exe
C:\windows\Temp\328199385.exe
C:\windows\Temp\352746886.exe
C:\windows\Temp\43944013.exe
C:\windows\Temp\458238873.exe
C:\windows\Temp\465748087.exe
C:\windows\Temp\49833094.exe
C:\windows\Temp\511557866.exe
C:\windows\Temp\538152265.exe
C:\windows\Temp\545979271.exe
C:\windows\Temp\560137232.exe
C:\windows\Temp\562960948.exe
C:\windows\Temp\603754022.exe
C:\windows\Temp\664193718.exe
C:\windows\Temp\718072985.exe
C:\windows\Temp\725816333.exe
C:\windows\Temp\784739613.exe
C:\windows\Temp\842261356.exe
C:\windows\Temp\949224418.exe
C:\windows\Temp\999447229.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MSUPDATE
((((((((((((((((((((((((( Files Created from 2008-03-01 to 2008-04-01 )))))))))))))))))))))))))))))))
.
2008-03-31 22:24 . 2008-03-31 22:24 <DIR> d-------- C:\Program Files\Winamp Toolbar
2008-03-31 22:24 . 2008-03-31 22:24 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar
2008-03-31 22:23 . 2008-03-31 22:23 <DIR> d-------- C:\Program Files\Winamp Remote
2008-03-31 22:23 . 2008-03-31 22:23 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\OrbNetworks
2008-03-31 01:23 . 2008-03-31 01:23 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2008-03-31 01:22 . 2008-03-31 01:22 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-31 01:22 . 2008-03-31 01:22 <DIR> d-------- C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\SUPERAntiSpyware.com
2008-03-30 23:18 . 2008-04-01 14:38 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-03-30 23:18 . 2008-04-01 14:38 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spyware Terminator
2008-03-30 23:18 . 2008-04-01 14:35 <DIR> d-------- C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\Spyware Terminator
2008-03-30 23:18 . 2008-03-30 23:18 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-03-29 21:05 . 2008-03-29 21:05 <DIR> d-------- C:\Program Files\Webroot
2008-03-29 21:05 . 2008-03-29 21:05 <DIR> d-------- C:\Program Files\AskSBar
2008-03-29 21:05 . 2008-03-29 21:05 <DIR> d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Webroot
2008-03-29 21:05 . 2008-03-29 21:05 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2008-03-29 21:05 . 2007-12-10 21:08 1,526,584 --a------ C:\WINDOWS\WRSetup.dll
2008-03-29 21:05 . 2007-12-10 20:47 163,640 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-03-29 21:05 . 2007-12-10 20:47 23,864 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-03-29 21:05 . 2007-12-10 20:47 21,816 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-03-29 21:05 . 2007-12-10 20:47 20,280 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-03-29 20:54 . 2008-03-29 20:54 <DIR> d-------- C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\Webroot
2008-03-14 04:03 . 2008-03-14 04:03 276 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-14 03:24 . 2008-03-14 03:24 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-03-14 02:06 . 2008-03-14 04:04 <DIR> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-01 16:47 2,026 ----a-w C:\Program Files\wincmd.ini
2008-04-01 16:47 --------- d-----w C:\Program Files\PeerGuardian2
2008-04-01 16:47 --------- d-----w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\uTorrent
2008-04-01 16:15 --------- d-----w C:\Program Files\Winamp
2008-04-01 12:41 --------- d-----w C:\Program Files\Java
2008-04-01 12:30 --------- d-----w C:\Program Files\ElcomSoft
2008-03-31 15:30 --------- d-----w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\Orbit
2008-03-30 23:21 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-30 16:36 --------- d-----w C:\Program Files\Internet Cleaner
2008-03-28 07:58 --------- d-----w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\Image Zone Express
2008-03-28 07:26 --------- d-----w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\Skype
2008-03-24 12:09 --------- d-----w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\OpenOffice.org2
2008-03-20 01:00 --------- d-----w C:\Program Files\Jewel Quest 2
2008-03-14 10:18 --------- d-----w C:\Program Files\Alawar
2008-03-14 02:22 --------- d-----w C:\Program Files\Clickster
2008-03-14 02:21 --------- d-----w C:\Program Files\PopCap Games
2008-03-14 02:20 --------- d-----w C:\Program Files\BearFlix
2008-03-14 02:19 --------- d-----w C:\Program Files\BearShare
2008-03-14 02:18 --------- d-----w C:\Program Files\shockwave.com
2008-03-14 02:18 --------- d-----w C:\Program Files\iWin.com Games
2008-03-14 02:05 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-02-27 21:15 --------- d-----w C:\Documents and Settings\ali\Data aplikací\Azureus
2008-02-25 21:51 --------- d-----w C:\Program Files\QuickTime
2008-02-25 21:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-24 10:47 --------- d-----w C:\Program Files\Kids Colouring Book 2006
2008-02-21 18:55 --------- d-----w C:\Program Files\iFit Explorer
2008-02-17 18:24 --------- d-----w C:\Program Files\Feelers
2008-02-10 20:15 --------- d-----w C:\Program Files\GenoPro
2008-02-07 22:38 --------- d-----w C:\Program Files\Eset
2008-02-03 11:11 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2008-01-27 15:02 14,336 ----a-w C:\windows\system32\svchost.exe
2007-09-14 20:49 120 ----a-w C:\Program Files\wcx_ftp.ini
2007-08-03 21:21 411,248 ----a-w C:\Program Files\FLV PlayerRCSetup.exe
2007-08-03 21:21 3,655,608 ----a-w C:\Program Files\FLV PlayerRCATSetup.exe
2007-06-02 12:56 47,360 ----a-w C:\Documents and Settings\ali.EMO-288F17766B2\Application Data\pcouffin.sys
2006-10-05 08:44 480 ----a-w C:\Program Files\uninstal.bin
2006-10-05 08:44 40,960 ----a-w C:\Program Files\uninstal.exe
2006-02-05 22:47 278,695,200 ----a-r C:\Program Files\tmnationseswc_setup.exe
2005-09-21 06:19 718,320 ----a-w C:\Program Files\ABBYY FineReader 8.0 Professional Edition.msi
2005-09-21 05:54 96,256 ----a-w C:\Program Files\2070.mst
2005-09-21 05:54 96,256 ----a-w C:\Program Files\1040.mst
2005-09-21 05:54 95,232 ----a-w C:\Program Files\1036.mst
2005-09-21 05:54 92,160 ----a-w C:\Program Files\1034.mst
2005-09-21 05:54 3,584 ----a-w C:\Program Files\1033.mst
2005-09-20 21:59 360 ----a-w C:\Program Files\setup.ini
2005-09-20 18:38 356,352 ----a-w C:\Program Files\setup.exe
2003-04-21 13:09 245,408 ----a-w C:\Program Files\unicows.dll
2002-03-11 10:06 1,822,520 ----a-w C:\Program Files\instmsiW.exe
2007-08-10 14:03 6,275,816 ----a-w C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2007-08-10 14:03 6,275,816 ----a-w C:\Program Files\opera\program\plugins\ScorchPDFWrapper.dll
2005-05-13 15:12 217,073 --sha-r C:\windows\meta4.exe
2005-10-24 09:13 66,560 --sha-r C:\windows\MOTA113.exe
2005-10-13 19:27 422,400 --sha-r C:\windows\x2.64.exe
2005-10-07 17:14 308,224 --sha-r C:\windows\system32\avisynth.dll
2005-07-14 10:31 27,648 --sha-r C:\windows\system32\AVSredirect.dll
2005-06-26 13:32 616,448 --sha-r C:\windows\system32\cygwin1.dll
2005-06-21 20:37 45,568 --sha-r C:\windows\system32\cygz.dll
2004-01-24 22:00 70,656 --sha-r C:\windows\system32\i420vfw.dll
2005-12-22 18:23 816,640 --sha-r C:\windows\system32\smab.dll
2005-02-28 11:16 240,128 --sha-r C:\windows\system32\x.264.exe
2004-01-24 22:00 70,656 --sha-r C:\windows\system32\yv12vfw.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-03-29 21:05 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2008-03-20 00:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2008-03-29 21:05 267592 --a------ C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-03-29 21:05 267592]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040]
[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]
[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-03-29 21:05 267592]
[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2004-08-17 16:47 15360]
"µTorrent"="C:\Program Files\uTorrent\utorrent.exe" [2008-01-30 18:55 219952]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-07-15 18:44 1401856]
"uTorrent"="C:\Program Files\uTorrent\utorrent.exe" [2008-01-30 18:55 219952]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-03-25 04:59 507904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 10:31 67584 C:\WINDOWS\SOUNDMAN.EXE]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 12:34 406016]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46 57344]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2006-10-17 03:20 398944]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-04 09:58 949376]
"My Web Search Bar Search Scope Monitor"="C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" [ ]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-01-26 14:36 495616]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 14:48 286720]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 00:13 385024]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-03-30 23:18 2957824]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 16:47 15360]
C:\Documents and Settings\ali\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe [2005-10-16 00:16:48 61440]
C:\Documents and Settings\ali.EMO-288F17766B2\Start Menu\Programs\Indˇt˘pult\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Indˇt˘pult\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 14:44:06 29696]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-09 02:16:54 610365]
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 01:17:18 147456]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58 28672]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2006-10-12 20:13:43 278528]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\HP\\Image Zone Express\\HP_IZE.exe"=
"C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"C:\\Program Files\\InterVideo\\DVD7\\WinDVD.exe"=
"C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"C:\\USDownloader\\USDownloader.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"D:\\Programok\\StrongDC.exe"=
"C:\\Program Files\\ChickenShoot X-Mas 2003\\Kurka.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"C:\\Program Files\\Orbitdownloader\\orbitnet.exe"=
"C:\\WINDOWS\\system32\\svchost.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\windows\system32\drivers\sp_rsdrv2.sys [2008-03-30 23:18]
S2 FFI;FFI;C:\WINDOWS\system32\svchost.exe:exm.exe []
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);C:\windows\system32\DRIVERS\sea1bus.sys [2007-02-08 13:55]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;C:\windows\system32\DRIVERS\sea1mdfl.sys [2007-02-08 13:55]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;C:\windows\system32\DRIVERS\sea1mdm.sys [2007-02-08 13:55]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);C:\windows\system32\DRIVERS\sea1mgmt.sys [2007-02-08 13:56]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);C:\windows\system32\DRIVERS\sea1nd5.sys [2007-02-08 13:56]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;C:\windows\system32\DRIVERS\sea1obex.sys [2007-02-08 13:56]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);C:\windows\system32\DRIVERS\sea1unic.sys [2007-02-08 13:56]
S3 SF-620;SF-620 USB Infrared Adapter;C:\windows\system32\DRIVERS\SF-620.sys [2004-08-12 04:18]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d03a515-013a-11db-aec7-806d6172696f}]
\Shell\AutoRun\command - E:\Setup.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-03-26 20:50:05 C:\windows\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2006-09-25 16:07:57 C:\windows\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1150992379.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-01 18:51:20
Windows 5.1.2600 Szervizcsomag 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FFI]
"ImagePath"="C:\WINDOWS\system32\svchost.exe:exm.exe"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pgfilter]
"ImagePath"="\??\C:\Program Files\PeerGuardian2\pgfilter.sys"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\windows\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-04-01 18:52:04
ComboFix-quarantined-files.txt 2008-04-01 16:52:01
13 könyvtár 23,831,580,672 bájt szabad
16 könyvtár 23,818,858,496 bájt szabad
.
2008-03-15 09:08:35 --- E O F ---