Ok urobene, a tu je novy log z combofixu :
ComboFix 09-03-04.01 - Miro_K 2009-03-07 12:18:50.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1022.536 [GMT 1:00]
Spuštěný z: c:\documents and settings\Miro_K\Plocha\combofix\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Miro_K\Plocha\combofix\CFScript.txt
AV: avast! antivirus 4.7.1098 [VPS 090306-0] *On-access scanning enabled* (Updated)
* Vytvořen nový Bod Obnovení
FILE ::
c:\documents and settings\All Users\Data aplikací\ihisubam.bin
c:\documents and settings\All Users\Data aplikací\vujyzona.reg
c:\documents and settings\Miro_K\Data aplikací\ewetowote.dat
c:\documents and settings\Miro_K\Data aplikací\jelu.bat
c:\documents and settings\Miro_K\Data aplikací\oryjaw.dll
c:\documents and settings\Miro_K\Data aplikací\wapec.bin
c:\program files\Common Files\bafuqejiv.com
c:\program files\Common Files\byhuni.com
c:\program files\Common Files\exav.bin
c:\program files\Common Files\gegifesyjy.ban
c:\program files\Common Files\herycu.reg
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Data aplikací\ihisubam.bin
c:\documents and settings\All Users\Data aplikací\vujyzona.reg
c:\documents and settings\Miro_K\Data aplikací\ewetowote.dat
c:\documents and settings\Miro_K\Data aplikací\jelu.bat
c:\documents and settings\Miro_K\Data aplikací\oryjaw.dll
c:\documents and settings\Miro_K\Data aplikací\wapec.bin
c:\program files\Common Files\bafuqejiv.com
c:\program files\Common Files\byhuni.com
c:\program files\Common Files\exav.bin
c:\program files\Common Files\gegifesyjy.ban
c:\program files\Common Files\herycu.reg
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-02-07 do 2009-03-07 )))))))))))))))))))))))))))))))
.
2009-03-07 11:10 . 2009-03-07 11:23 <DIR> d-------- c:\program files\QSView
2009-03-07 10:44 . 2009-03-07 10:44 <DIR> d-------- c:\documents and settings\Miro_K\Data aplikací\TeamViewer
2009-03-07 10:43 . 2009-03-07 11:49 <DIR> d-------- c:\program files\TeamViewer
2009-03-07 10:41 . 2009-03-07 10:41 <DIR> d-------- c:\documents and settings\Miro_K\temp
2009-03-06 19:50 . 2009-03-06 19:50 <DIR> d-------- c:\program files\Trend Micro
2009-03-06 16:30 . 2009-03-06 16:30 22,536 --a------ c:\windows\system32\drivers\pxscan.sys
2009-03-06 15:18 . 2009-03-06 16:30 65 --a------ c:\windows\wininit.ini
2009-03-06 15:17 . 2009-03-06 15:17 <DIR> d-------- c:\program files\Radmin1
2009-02-14 14:57 . 2009-02-19 16:10 54,156 --ah----- c:\windows\QTFont.qfn
2009-02-14 14:57 . 2009-02-14 14:57 1,409 --a------ c:\windows\QTFont.for
2009-02-08 18:11 . 2009-02-08 18:11 9,614 --a------ c:\windows\1 . TALIANSKO - PAESTUM.scn
2009-02-08 17:15 . 2009-02-08 18:11 12,855,820,288 --a------ c:\windows\1 . TALIANSKO - PAESTUM.avi
2009-02-07 20:15 . 2009-02-07 20:26 <DIR> d-------- c:\program files\GameSpy Arcade
2009-02-07 20:08 . 2009-02-07 20:08 <DIR> d-------- c:\program files\Codemasters
2009-02-07 18:43 . 2009-02-07 18:43 <DIR> d-------- C:\rc
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-07 11:21 --------- d-----w c:\documents and settings\Miro_K\Data aplikací\Skype
2009-03-07 11:12 --------- d-----w c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-03-07 11:09 --------- d-----w c:\program files\lg_fwupdate
2009-03-07 11:09 --------- d-----w c:\documents and settings\Miro_K\Data aplikací\OpenOffice.org2
2009-03-07 11:04 --------- d-----w c:\program files\Mozilla Thunderbird
2009-03-06 19:51 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-03-06 15:31 --------- d-----w c:\documents and settings\All Users\Data aplikací\PrevxCSI
2009-02-21 11:19 --------- d-----w c:\program files\F1 2008 DELUX
2009-02-11 09:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 09:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-07 19:08 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 15:04 --------- d-----w c:\documents and settings\Miro_K\Data aplikací\InstallShield
2009-01-15 17:39 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-07 20:14 32,664 ----a-w c:\documents and settings\Miro_K\Data aplikací\GDIPFONTCACHEV1.DAT
2007-12-27 16:04 1,094,021 ----a-w c:\program files\dvdshrink32setup.zip
2004-10-01 14:00 40,960 ----a-w c:\program files\Uninstall_CDS.exe
2008-08-28 14:46 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-01-17 20:10 61,038 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-01-17 20:10 49,256 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-01-17 20:10 166,000 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((( SnapShot@2009-03-07_10.11.27.75 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-12-08 12:11:41 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-03-07 11:09:44 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2007-12-08 12:11:41 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-07 11:09:44 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2007-12-08 12:11:41 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-07 11:09:44 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-25 09:12:34 25,088 ----a-w c:\windows\system32\drivers\teamviewervpn.sys
- 2009-03-07 08:49:54 46,196 ----a-w c:\windows\system32\perfc005.dat
+ 2009-03-07 11:13:46 46,196 ----a-w c:\windows\system32\perfc005.dat
- 2009-03-07 08:49:54 40,128 ----a-w c:\windows\system32\perfc009.dat
+ 2009-03-07 11:13:46 40,128 ----a-w c:\windows\system32\perfc009.dat
- 2009-03-07 08:49:54 309,990 ----a-w c:\windows\system32\perfh005.dat
+ 2009-03-07 11:13:46 309,990 ----a-w c:\windows\system32\perfh005.dat
- 2009-03-07 08:49:54 311,740 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-07 11:13:46 311,740 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-07 11:09:31 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6f0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-02 15360]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-07-21 20036648]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 139264]
"ICQ"="c:\program files\ICQ6\ICQ.exe" [2008-09-01 173304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-08 98304]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2007-12-08 249856]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-28 29744]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 c:\windows\system32\nvmctray.dll]
"SigmatelSysTrayApp"="sttray.exe" [2006-07-27 c:\windows\sttray.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
c:\documents and settings\Miro_K\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-06-27 393216]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"msacm.l3fhg"= mp3fhg.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"msacm.divxa32"= divxa32.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Radmin1\\radmin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-03-06 22536]
R2 CSIScanner;CSIScanner;c:\program files\PrevxCSI\prevxcsi.exe [2008-10-10 4150840]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2008-07-06 222456]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2009-02-27 185640]
R3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\pfc027.sys [2005-04-08 162176]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-03-02 69120]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2008-01-25 25088]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-12-08 29744]
.
Obsah adresáře 'Naplánované úlohy'
2008-12-26 c:\windows\Tasks\At1.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-01-07 c:\windows\Tasks\At10.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-08 c:\windows\Tasks\At11.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-07 c:\windows\Tasks\At12.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-07 c:\windows\Tasks\At13.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-21 c:\windows\Tasks\At14.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-21 c:\windows\Tasks\At15.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-06 c:\windows\Tasks\At16.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-06 c:\windows\Tasks\At17.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-22 c:\windows\Tasks\At18.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-14 c:\windows\Tasks\At19.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-08 c:\windows\Tasks\At2.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-16 c:\windows\Tasks\At20.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-06 c:\windows\Tasks\At21.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-03-06 c:\windows\Tasks\At22.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-09 c:\windows\Tasks\At23.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-01-18 c:\windows\Tasks\At24.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-08 c:\windows\Tasks\At3.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-08 c:\windows\Tasks\At4.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-08 c:\windows\Tasks\At5.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-27 c:\windows\Tasks\At6.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-11-08 c:\windows\Tasks\At7.job
- c:\windows\system32\tQ7hBQJ0.exe []
2008-10-10 c:\windows\Tasks\At8.job
- c:\windows\system32\tQ7hBQJ0.exe []
2009-02-24 c:\windows\Tasks\At9.job
- c:\windows\system32\tQ7hBQJ0.exe []
.
.
------- Doplňkový sken -------
.
uStart Page =
hxxp://www.google.com
mStart Page =
hxxp://www.google.com
uSearchURL,(Default) =
hxxp://www.google.com/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Miro_K\Data aplikací\Mozilla\Firefox\Profiles\re87qwxx.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage -
hxxp://www.zoznam.sk
FF - prefs.js: keyword.URL -
hxxp://search.icq.com/search/afe_result ... id=afex&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-03-07 12:21:10
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1390067357-1580818891-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,eb,bb,a0,b3,66,
69,0d,f4,c8,28,51,af,b0,29,a3,98,9f,57,53,69,4b,c7,3c,4d,e2,63,26,f1,3f,c8,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,94,5e,24,23,9a,
7d,5e,a0,71,3b,04,66,8b,46,0d,96,89,97,84,de,4d,20,3c,03,6a,9c,d6,61,af,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,14,8e,97,13,d4,
fb,78,e6,25,da,ec,7e,55,20,c9,26,49,a6,e0,3a,31,0e,1d,3b,ff,7c,85,e0,43,d4,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,ee,25,23,93,29,
60,0a,e1,3e,1e,9e,e0,57,5a,93,61,c7,b1,44,5a,8d,35,f2,a9,86,8c,21,01,be,91,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,f8,27,13,b3,fa,
cf,a0,b9,cd,44,cd,b9,a6,33,6c,cd,27,6a,da,47,87,20,31,7a,f5,1d,4d,73,a8,13,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,3c,1d,51,b1,aa,
72,5b,9b,b0,18,ed,a7,3f,8d,37,a4,06,36,eb,de,86,d4,e5,87,df,20,58,62,78,6b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,a6,41,f8,bc,ca,
8d,be,d6,31,77,e1,ba,b1,f8,68,02,f4,0d,16,36,af,8a,0f,db,fb,a7,78,e6,12,2f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,76,49,dc,76,b4,
d0,5a,7c,83,6c,56,8b,a0,85,96,ab,ee,10,6a,d2,a6,ce,b0,e4,01,3a,48,fc,e8,04,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,9c,8f,15,4a,a0,
0f,57,7f,51,fa,6e,91,28,9e,14,cc,2b,7f,34,99,18,a0,0a,7b,f6,0f,4e,58,98,5b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:b1,cd,45,5a,a8,c4,f8,b9,7c,96,d9,62,4d,
7f,8d,be,b1,cd,45,5a,a8,c4,f8,b9,d0,72,b8,ff,65,c3,b8,fe,3d,ce,ea,26,2d,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,9d,e7,25,14,ec,
77,7d,13,e3,0e,66,d5,eb,bc,2f,6b,04,29,a2,0b,a8,42,47,2f,2a,b7,cc,b5,b9,7f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,ac,b2,43,fc,c4,
f9,e8,b5,fa,ea,66,7f,d4,3b,6b,70,dd,4d,4d,d8,e2,fe,41,eb,6c,43,2d,1e,aa,22,\
.
Celkový čas: 2009-03-07 12:22:20
ComboFix-quarantined-files.txt 2009-03-07 11:22:19
ComboFix2.txt 2009-03-07 09:12:20
Před spuštěním: Volných bajtů: 102 269 603 840
Po spuštění: Volných bajtů: 102,255,288,320
303 --- E O F --- 2009-03-06 14:02:44
Je to uz v poriadku, alebo co mam este spravit?
