ComboFix 09-01-21.04 - Admin 2009-01-22 19:09:22.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.3071.2438 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Admin\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090122-0] *On-access scanning disabled* (Updated)
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Updated)
FW: COMODO Firewall Pro *enabled*
FW: ZoneAlarm Security Suite Firewall *disabled*
* Vytvořen nový Bod Obnovení
FILE ::
c:\windows\system32\winsys2.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Dvbpws.dll
c:\windows\system32\winsys2.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-22 do 2009-01-22 )))))))))))))))))))))))))))))))
.
2009-01-22 17:02 . 2009-01-22 17:02 <DIR> d-------- c:\program files\Seznam
2009-01-22 16:54 . 2009-01-22 16:54 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Malwarebytes
2009-01-22 16:54 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-22 16:53 . 2009-01-22 16:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-22 16:53 . 2009-01-22 16:53 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-22 16:53 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-22 16:45 . 2009-01-22 16:45 <DIR> d-------- c:\program files\VirusTotalUploader
2009-01-22 00:38 . 2009-01-22 00:38 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-22 00:38 . 2009-01-22 00:38 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-21 21:38 . 2006-10-30 15:51 1,605,632 --a------ c:\windows\system32\msicpl.dll
2009-01-21 21:38 . 2009-01-21 21:38 673,546 --a------ c:\windows\system32\unins000.exe
2009-01-21 21:38 . 2006-10-05 15:45 262,144 --a------ c:\windows\system32\HookShield.dll
2009-01-21 21:38 . 2006-10-05 15:45 253,952 --a------ c:\windows\system32\HookMap.dll
2009-01-21 21:38 . 2006-07-13 05:00 131,072 --a------ c:\windows\system32\smdll.dll
2009-01-21 21:38 . 2006-07-21 11:33 128,512 --a------ c:\windows\system32\madCHook.dll
2009-01-21 21:38 . 2006-08-14 11:31 32,768 --a------ c:\windows\system32\Auxiliary.dll
2009-01-21 21:38 . 2009-01-21 21:38 1,103 --a------ c:\windows\system32\unins000.dat
2009-01-21 18:54 . 2009-01-22 18:56 3,162,278 --------- c:\windows\{00000001-00000000-00000000-00001102-00000004-00521102}.BAK
2009-01-21 17:15 . 2009-01-21 17:18 9,669,321 --a------ c:\windows\REGBK07.ZIP
2009-01-20 16:18 . 2009-01-20 16:18 <DIR> d-------- c:\program files\Unknown Device Identifier
2009-01-20 15:21 . 2009-01-20 15:21 0 --a------ c:\windows\nsreg.dat
2009-01-19 12:56 . 2009-01-19 12:56 <DIR> d-------- C:\ProgramData
2009-01-18 19:58 . 2009-01-18 19:57 9,350 --a------ C:\12.12.2006 6-07-12_0002.jpg
2009-01-18 19:14 . 2009-01-18 19:20 4,432,969,728 --a------ C:\mamma mia.iso
2009-01-18 13:06 . 2009-01-18 13:06 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Uniblue
2009-01-18 13:02 . 2009-01-18 13:02 <DIR> d-------- c:\program files\Uniblue
2009-01-18 12:56 . 2009-01-18 13:02 <DIR> d--h-c--- c:\documents and settings\All Users\Data aplikací\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-01-17 13:34 . 2009-01-22 17:01 <DIR> d-------- C:\MxDownload
2009-01-16 19:52 . 2009-01-16 19:52 <DIR> d-------- C:\profiles
2009-01-15 18:57 . 2009-01-15 19:27 <DIR> d-------- c:\windows\system32\Adobe
2009-01-15 00:08 . 2009-01-15 00:08 <DIR> d-------- c:\program files\INOMA
2009-01-14 23:38 . 2009-01-21 16:32 <DIR> d-------- c:\program files\animaToy
2009-01-14 23:33 . 2009-01-14 23:33 434,688 --a------ c:\windows\system32\ss2uinst.exe
2009-01-14 23:30 . 2009-01-14 23:30 <DIR> d-------- c:\program files\Atelier Web
2009-01-14 23:04 . 2009-01-14 23:04 249,856 --------- c:\windows\Setup1.exe
2009-01-14 23:04 . 2009-01-14 23:04 73,216 --a------ c:\windows\ST6UNST.EXE
2009-01-14 23:01 . 2000-08-22 09:24 149,504 --a------ c:\windows\UNWISE32.EXE
2009-01-14 22:55 . 2009-01-14 23:00 <DIR> d-------- c:\program files\NeoTracePro
2009-01-14 22:51 . 2009-01-14 22:51 303 --a------ c:\windows\ST6UNST.000
2009-01-14 18:03 . 2009-01-14 18:04 84 --a------ c:\windows\RWView.ini
2009-01-14 16:03 . 2009-01-14 17:02 <DIR> d-------- C:\Bar
2009-01-14 13:41 . 2009-01-14 16:40 <DIR> d-------- c:\program files\Trell
2009-01-14 13:23 . 2009-01-18 19:36 <DIR> d-------- c:\program files\Ztrl
2009-01-13 20:43 . 2009-01-13 20:43 <DIR> d-------- c:\program files\GeoVid
2009-01-13 20:43 . 2004-12-20 10:03 679,936 --a------ c:\windows\system32\xvidcore.dll
2009-01-13 20:43 . 2004-12-20 10:08 155,648 --a------ c:\windows\system32\xvidvfw.dll
2009-01-13 20:43 . 2004-12-20 10:10 61,440 --a------ c:\windows\system32\xvid.ax
2009-01-13 20:33 . 2009-01-13 20:33 <DIR> d-------- c:\program files\WinSnap
2009-01-13 19:31 . 2009-01-14 13:14 2,478 --a------ c:\windows\business.ini
2009-01-13 19:31 . 2009-01-14 13:14 32 --a------ c:\windows\TPSfiles.INI
2009-01-13 19:31 . 2009-01-14 13:14 32 --a------ c:\windows\reports.ini
2009-01-13 19:23 . 2009-01-14 13:39 <DIR> d-------- c:\program files\BUSINESS XP Free
2009-01-12 17:12 . 2009-01-12 18:19 <DIR> d-------- c:\documents and settings\Admin\.VirtualBox
2009-01-12 17:11 . 2008-09-12 16:00 41,680 --a------ c:\windows\system32\drivers\VBoxUSBMon.sys
2009-01-12 17:10 . 2008-09-12 16:00 95,888 --a------ c:\windows\system32\drivers\VBoxDrv.sys
2009-01-12 17:09 . 2009-01-12 17:09 <DIR> d-------- c:\program files\Sun
2009-01-11 19:27 . 2009-01-11 19:42 <DIR> d-------- c:\program files\Hide IP Platinum
2009-01-11 17:04 . 2009-01-11 17:04 <DIR> d-------- c:\program files\OO Software
2009-01-11 17:02 . 2008-04-28 15:53 805,400 -ra------ c:\windows\system32\tmp1E.tmp
2009-01-11 15:57 . 2009-01-11 15:57 <DIR> d-------- c:\program files\CCleaner
2009-01-09 19:36 . 2009-01-09 19:36 166 --a------ c:\windows\Pohoda.INI
2009-01-06 15:23 . 2009-01-13 12:42 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\MyPhoneExplorer
2009-01-06 15:23 . 2009-01-06 15:23 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\AD ON Multimedia
2009-01-06 15:22 . 2009-01-06 15:23 <DIR> d-------- c:\program files\MyPhoneExplorer
2009-01-06 10:51 . 2009-01-05 00:04 49,913 --a------ C:\li.jar
2009-01-06 10:51 . 2009-01-05 00:04 253 --a------ C:\li.jad
2009-01-05 19:15 . 2009-01-05 19:15 <DIR> d-------- C:\jack2.5-lpc
2009-01-05 17:42 . 2009-01-05 17:42 <DIR> d-------- C:\Jackass 2.5
2009-01-05 17:27 . 2009-01-05 17:27 <DIR> d-------- c:\program files\YouTube Downloader
2009-01-05 13:45 . 2009-01-05 13:45 <DIR> d-------- c:\program files\2K Sports
2009-01-04 18:58 . 2009-01-22 19:13 31,656 --a------ c:\windows\system32\BMXStateBkp-{00000001-00000000-00000000-00001102-00000004-00521102}.rfx
2009-01-04 18:58 . 2009-01-22 19:13 31,656 --a------ c:\windows\system32\BMXState-{00000001-00000000-00000000-00001102-00000004-00521102}.rfx
2009-01-04 18:58 . 2009-01-22 19:13 28,968 --a------ c:\windows\system32\BMXCtrlState-{00000001-00000000-00000000-00001102-00000004-00521102}.rfx
2009-01-04 18:58 . 2009-01-22 19:13 28,968 --a------ c:\windows\system32\BMXBkpCtrlState-{00000001-00000000-00000000-00001102-00000004-00521102}.rfx
2009-01-04 18:58 . 2009-01-22 19:13 11,564 --a------ c:\windows\system32\DVCState-{00000001-00000000-00000000-00001102-00000004-00521102}.rfx
2009-01-04 18:58 . 2009-01-22 19:13 1,080 --a------ c:\windows\system32\settingsbkup.sfm
2009-01-04 18:58 . 2009-01-22 19:13 1,080 --a------ c:\windows\system32\settings.sfm
2009-01-04 18:57 . 2003-09-12 15:32 3,162,278 --a------ c:\windows\{00000001-00000000-00000000-00001102-00000004-00521102}.CDF
2009-01-04 18:54 . 2006-08-11 15:14 86,446 --a------ c:\windows\system32\instwdm.ini
2009-01-04 18:54 . 2006-08-11 14:32 191 --a------ c:\windows\system32\ctzapxx.ini
2009-01-04 16:36 . 2009-01-04 16:36 <DIR> d-------- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2009-01-04 15:52 . 2009-01-04 16:41 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Orbit
2009-01-04 15:52 . 2009-01-04 15:52 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\GrabPro
2009-01-03 12:53 . 2009-01-03 12:53 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-01-03 12:53 . 2009-01-03 12:53 362,240 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-01-03 12:53 . 2008-11-12 16:44 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-01-03 12:52 . 2009-01-03 12:53 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-03 11:52 . 2009-01-03 11:52 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\TuneUp Software
2009-01-03 11:51 . 2009-01-03 11:51 <DIR> d--hs---- c:\documents and settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-02 17:35 . 2009-01-02 17:35 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Ubisoft
2009-01-02 16:15 . 2009-01-02 16:15 319 --a------ c:\windows\game.ini
2009-01-02 14:26 . 2009-01-02 14:37 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Codemasters
2009-01-02 14:22 . 2009-01-02 14:22 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2008-12-31 19:36 . 2008-04-28 15:53 805,400 -ra------ c:\windows\system32\tmp13F.tmp
2008-12-31 19:36 . 2008-04-28 15:53 805,400 -ra------ c:\windows\system32\tmp13E.tmp
2008-12-31 15:18 . 2009-01-22 18:03 1,270 --a------ C:\rollback.ini
2008-12-31 11:39 . 2008-12-31 11:39 <DIR> d-------- c:\documents and settings\Guest\Data aplikací\Red Alert 3
2008-12-30 17:32 . 2008-12-30 17:32 <DIR> d-------- c:\windows\system32\IOSUBSYS
2008-12-30 16:22 . 2008-12-30 16:22 <DIR> d-------- c:\documents and settings\Guest\Data aplikací\MailFrontier
2008-12-30 14:44 . 2009-01-18 12:40 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\MailFrontier
2008-12-27 22:47 . 2006-05-20 16:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll
2008-12-27 22:47 . 2006-05-11 19:21 626,688 --a------ c:\windows\system32\vp7vfw.dll
2008-12-27 22:47 . 2006-09-29 12:24 217,127 --a------ c:\windows\system32\drv43260.dll
2008-12-27 22:47 . 2006-09-29 12:25 208,935 --a------ c:\windows\system32\drv33260.dll
2008-12-27 22:47 . 2006-09-29 12:26 176,165 --a------ c:\windows\system32\drv23260.dll
2008-12-27 22:47 . 2002-12-10 02:20 102,439 --a------ c:\windows\system32\sipr3260.dll
2008-12-27 22:47 . 2007-03-18 20:37 65,602 --a------ c:\windows\system32\cook3260.dll
2008-12-27 22:46 . 2008-12-27 22:46 <DIR> d-------- c:\program files\Common Files\Download Manager
2008-12-27 17:24 . 2008-12-27 18:40 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\VSO_HWE
2008-12-27 12:39 . 2008-12-27 12:39 <DIR> d-------- c:\program files\CDBurnerXP
2008-12-27 12:39 . 2008-12-27 12:39 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Canneverbe_Limited
2008-12-27 12:23 . 2008-12-27 12:30 632,115,788 --a------ C:\Image.nrg
2008-12-26 23:58 . 2009-01-16 14:16 <DIR> d-------- c:\documents and settings\Guest\Data aplikací\ICQ
2008-12-26 15:30 . 2008-12-26 15:30 <DIR> d-------- c:\documents and settings\Guest\Data aplikací\Map24
2008-12-26 11:45 . 2008-12-26 11:45 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Red Alert 3
2008-12-25 12:58 . 2008-12-25 12:58 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\Leadertech
2008-12-25 12:51 . 2008-12-25 12:51 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\NwDocx
2008-12-25 12:08 . 2008-12-25 12:08 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\SumatraPDF
2008-12-25 11:27 . 2009-01-11 20:05 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\XnView
2008-12-25 09:33 . 2008-12-25 09:33 <DIR> d-------- c:\documents and settings\Admin\Data aplikací\HEXelon
2008-12-25 09:31 . 2008-12-25 11:33 <DIR> d-------- c:\program files\TC UP
2008-12-22 21:19 . 2008-12-22 21:19 <DIR> d-------- c:\documents and settings\Guest\Data aplikací\Windows Search
2008-12-22 20:52 . 2008-12-22 20:52 230,424 --a------ C:\img2-001.raw
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-22 18:19 27,862,048 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-22 18:19 --------- d-----w c:\program files\PeerGuardian2
2009-01-22 18:13 379,304 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-22 18:08 --------- d-----w c:\documents and settings\Admin\Data aplikací\MxBoost
2009-01-22 17:52 --------- d---a-w c:\documents and settings\All Users\Data aplikací\TEMP
2009-01-22 17:41 --------- d-----w c:\documents and settings\Admin\Data aplikací\Skype
2009-01-22 15:04 --------- d-----w c:\documents and settings\Admin\Data aplikací\skypePM
2009-01-22 14:11 --------- d-----w c:\program files\Microsoft IntelliPoint
2009-01-22 12:30 2,676,736 ----a-w c:\windows\Internet Logs\xDB11.tmp
2009-01-22 12:30 2,562,560 ----a-w c:\windows\Internet Logs\xDB12.tmp
2009-01-21 23:38 --------- d-----w c:\program files\Java
2009-01-21 19:59 --------- d-----w c:\program files\Setup Files
2009-01-21 19:21 2,507,776 ----a-w c:\windows\Internet Logs\xDB10.tmp
2009-01-21 18:09 2,497,024 ----a-w c:\windows\Internet Logs\xDBF.tmp
2009-01-21 17:58 --------- d-----w c:\program files\Nero
2009-01-21 16:44 --------- d-----w c:\program files\Common Files\Nero
2009-01-21 16:44 --------- d-----w c:\documents and settings\All Users\Data aplikací\Nero
2009-01-21 15:39 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-20 10:37 --------- d-----w c:\documents and settings\Admin\Data aplikací\uTorrent
2009-01-20 00:05 2,698,752 ----a-w c:\windows\Internet Logs\xDBD.tmp
2009-01-20 00:05 2,423,296 ----a-w c:\windows\Internet Logs\xDBE.tmp
2009-01-18 18:43 5 ----a-w c:\program files\trl.trl
2009-01-18 17:22 2,408,448 ----a-w c:\windows\Internet Logs\xDBC.tmp
2009-01-18 17:22 2,362,368 ----a-w c:\windows\Internet Logs\xDBB.tmp
2009-01-18 12:31 2,369,024 ----a-w c:\windows\Internet Logs\xDBA.tmp
2009-01-18 12:31 115,712 ----a-w c:\windows\Internet Logs\xDB9.tmp
2009-01-18 00:37 2,193,408 ----a-w c:\windows\Internet Logs\xDB8.tmp
2009-01-17 23:36 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-17 23:36 22,328 ----a-w c:\documents and settings\Admin\Data aplikací\PnkBstrK.sys
2009-01-17 23:35 682,280 ----a-w c:\windows\system32\pbsvc.exe
2009-01-17 23:35 107,832 ----a-w c:\windows\system32\PnkBstrB.exe
2009-01-17 20:34 --------- d-----w c:\program files\Ubisoft
2009-01-17 09:55 92,160 ----a-w c:\windows\Internet Logs\xDB6.tmp
2009-01-17 09:55 2,342,400 ----a-w c:\windows\Internet Logs\xDB7.tmp
2009-01-17 00:41 2,790,400 ----a-w c:\windows\Internet Logs\xDB5.tmp
2009-01-16 14:05 13,083,629 ----a-w c:\windows\Internet Logs\tvDebug.zip
2009-01-16 14:05 --------- d-----w c:\program files\Google
2009-01-16 14:04 2,343,936 ----a-w c:\windows\Internet Logs\xDB4.tmp
2009-01-16 14:04 1,796,096 ----a-w c:\windows\Internet Logs\xDB3.tmp
2009-01-14 22:34 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-01-14 19:49 3,073,024 ----a-w c:\windows\Internet Logs\xDB39.tmp
2009-01-14 19:49 2,148,864 ----a-w c:\windows\Internet Logs\xDB3A.tmp
2009-01-12 17:14 --------- d-----w c:\program files\MagicISO
2009-01-12 14:25 --------- d-----w c:\program files\mb
2009-01-10 19:14 2,739,200 ----a-w c:\windows\Internet Logs\xDB7C.tmp
2009-01-10 02:04 2,896,384 ----a-w c:\windows\Internet Logs\xDB54.tmp
2009-01-08 13:15 3,208,192 ----a-w c:\windows\Internet Logs\xDB1.tmp
2009-01-08 13:14 1,967,616 ----a-w c:\windows\Internet Logs\xDB2.tmp
2009-01-07 14:13 --------- d-----w c:\program files\FMA 2
2009-01-05 18:32 --------- d-----w c:\documents and settings\Admin\Data aplikací\Vso
2009-01-04 15:36 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-01-04 15:34 --------- d-----w c:\program files\Electronic Arts
2009-01-04 15:34 --------- d-----w c:\program files\EA Games
2009-01-04 15:34 --------- d-----w c:\program files\DAP
2009-01-03 10:52 --------- d-----w c:\documents and settings\All Users\Data aplikací\TuneUp Software
2009-01-02 19:44 10,580 ----a-w c:\documents and settings\Admin\FMCodec.dat
2009-01-02 15:15 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2008-12-31 23:06 --------- d-----w c:\documents and settings\Admin\Data aplikací\ICQ
2008-12-31 13:37 --------- d-----w c:\program files\AGEIA Technologies
2008-12-31 09:03 --------- d-----w c:\documents and settings\All Users\Data aplikací\MailFrontier
2008-12-27 22:44 --------- d-----w c:\documents and settings\All Users\Data aplikací\vsosdk
2008-12-27 21:47 --------- d-----w c:\program files\vso
2008-12-25 11:58 7,538 ----a-w c:\windows\system32\ealregsnapshot1.reg
2008-12-21 17:33 10,009,619 ----a-w c:\windows\REGBK06.ZIP
2008-12-21 10:05 50,688 ----a-w c:\windows\system32\wbhelp2.dll
2008-12-21 10:03 --------- d-----w c:\program files\ZoneAlarmSB
2008-12-21 10:02 --------- d-----w c:\program files\Zone Labs
2008-12-21 01:14 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2008-12-20 19:25 --------- d-----w c:\program files\TmUnitedForever
2008-12-19 21:23 --------- d-----w c:\documents and settings\Guest\Data aplikací\WebcamMax
2008-12-19 21:22 --------- d-----w c:\documents and settings\Guest\Data aplikací\Locktime
2008-12-17 22:06 --------- d-----w c:\documents and settings\Admin\Data aplikací\Locktime
2008-12-17 22:04 --------- d-----w c:\documents and settings\All Users\Data aplikací\Locktime
2008-12-17 21:22 --------- d-----w c:\documents and settings\Admin\Data aplikací\MSN6
2008-12-17 08:54 --------- d-----w c:\documents and settings\Admin\Data aplikací\Hamachi
2008-12-13 13:35 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-13 13:35 --------- d-----w c:\documents and settings\All Users\Data aplikací\Symantec
2008-12-13 12:27 --------- d-----w c:\documents and settings\Admin\Data aplikací\Symantec
2008-12-13 11:54 9,891,622 ----a-w c:\windows\REGBK05.ZIP
2008-12-13 11:32 --------- d-----w c:\program files\Skype
2008-12-13 11:32 --------- d-----w c:\program files\Common Files\Skype
2008-12-13 11:32 --------- d-----w c:\documents and settings\All Users\Data aplikací\Skype
2008-12-12 21:47 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-09 13:17 --------- d-----w c:\program files\Return to Castle Wolfenstein
2008-12-04 23:32 --------- d-----w c:\program files\MSBuild
2008-12-04 23:31 --------- d-----w c:\program files\Reference Assemblies
2008-12-01 20:53 --------- d-----w c:\documents and settings\Admin\Data aplikací\Apple Computer
2008-12-01 19:55 9,514,215 ----a-w c:\windows\REGBK04.ZIP
2008-11-30 15:15 --------- d-----w c:\program files\WorldOfGoo
2008-11-23 15:12 --------- d-----w c:\program files\ScannerU
2008-11-18 21:39 9,344,640 ----a-w c:\windows\REGBK03.ZIP
2008-11-01 13:54 626,688 ----a-w c:\windows\system32\msvcr80.dll
2008-11-01 13:54 548,864 ----a-w c:\windows\system32\msvcp80.dll
2008-11-01 13:54 28,672 ----a-w c:\windows\system32\eEmpty.exe
2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll
1999-04-23 22:22 12 --sha-w c:\windows\system\WININETICMP32.drv
.
((((((((((((((((((((((((((((( snapshot@2009-01-22_15.15.04,46 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-22 14:10:03 878,988 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\sfdb.dat
+ 2009-01-22 18:15:20 882,544 ----a-w c:\windows\system32\ZoneLabs\avsys\bases\sfdb.dat
+ 2009-01-22 18:15:25 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_254.dat
+ 2009-01-22 18:15:45 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_a78.dat
+ 2009-01-22 18:16:33 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_b88.dat
+ 2009-01-22 18:15:39 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_f4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2005-09-18 1421824]
"OEXPRESS"="c:\windows\OETRN.EXE" [2008-09-21 26624]
"TaskTray"="c:\program files\Creative\SBAudigy\TaskBar\CTLTray.exe" [2001-06-29 163840]
"TaskBar"="c:\program files\Creative\SBAudigy\TaskBar\CTLTask.exe" [2002-05-08 122880]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-06-26 81920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-12-20 94208]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-12-21 90112]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-12-19 2846720]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2005-06-10 217088]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Jet Detection"="c:\program files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" [2001-11-29 28672]
"CTStartup"="c:\program files\Creative\Splash Screen\CTEaxSpl.EXE" [2001-12-20 28672]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-22 136600]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2008-02-21 453936]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]
"CTHelper"="CTHELPER.EXE" [2006-08-11 c:\windows\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 c:\windows\system32\CTXFIHLP.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 0 (0x0)
"HideShutdownScripts"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLogonScripts"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"NoVisualStyleChoice"= 0 (0x0)
"NoColorChoice"= 0 (0x0)
"NoSizeChoice"= 0 (0x0)
"HideLogonScripts"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"NoViewOnDrive"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"ForceRecycleBinSize"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoThemesTab"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)
"RestrictCpl"= 0 (0x0)
"DisallowCpl"= 0 (0x0)
"NoViewOnDrive"= 0 (0x0)
"RestrictRun"= 0 (0x0)
"DisallowRun"= 0 (0x0)
"NoRecycleFiles"= 0 (0x0)
"ForceRecycleBinSize"= 0 (0x0)
"NoCustomizeWebView"= 0 (0x0)
"NoFileAssociate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoCustomizeThisFolder"= 0 (0x0)
"NoWebView"= 0 (0x0)
"DontShowSuperHidden"= 0 (0x0)
"NoOnlinePrintsWizard"= 0 (0x0)
"NoPublishingWizard"= 0 (0x0)
"NoSMConfigurePrograms"= 0 (0x0)
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoHelp"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoStartMenuEjectPC"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
"NoDisconnect"= 0 (0x0)
"NoNtSecurity"= 0 (0x0)
"GreyMSIAds"= 0 (0x0)
"ForceMaxRecentDocs"= 0 (0x0)
"NoSMBalloonTip"= 0 (0x0)
"NoSMBalloonTips"= 0 (0x0)
"HideClock"= 0 (0x0)
"HideSCAVolume"= 0 (0x0)
"HideSCANetwork"= 0 (0x0)
"HideSCAPower"= 0 (0x0)
"NoTaskGrouping"= 0 (0x0)
"NoWebServices"= 0 (0x0)
"NoFileUrl"= 0 (0x0)
"SpecifyDefaultButtons"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"PromptRunasInstallNetPath"= 1 (0x1)
"NoResolveTrack"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoThumbnailCache"= 0 (0x0)
"ForceCopyAclwithFile"= 0 (0x0)
"StartRunNoHOMEPATH"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RAinit]
2008-07-03 15:12 58704 c:\windows\system32\RAinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\mpegacm.acm
"VIDC.MJPG"= pvmjpg30.dll
"vidc.mjpx"= Pvmjpg30.dll
"msacm.ctmp3"= c:\windows\system32\ctmp3.acm
[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Nabídka Start^Programy^Po spuštění^Obsah aplikace OneNote.onetoc2]
path=c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\Obsah aplikace OneNote.onetoc2
backup=c:\windows\pss\Obsah aplikace OneNote.onetoc2Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Action Manager 32.lnk]
backup=c:\windows\pss\Action Manager 32.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-12-01 19:35 133104 c:\documents and settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 06:00 33648 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
--a------ 2006-11-13 15:50 1289000 c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
--a------ 2005-06-10 09:44 249856 c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
--a------ 2005-06-10 09:44 81920 c:\program files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIDIA nTune]
--a------ 2007-06-26 11:49 81920 c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
--a------ 2004-03-10 23:26 406016 c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
--------- 2000-05-11 00:00 90112 c:\windows\Updreg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
--a------ 2006-08-11 14:56 17920 c:\windows\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
--a------ 2006-08-11 14:56 18944 c:\windows\system32\CTXFIHLP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINDVDPatch]
--a------ 2006-08-11 14:56 17920 c:\windows\CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"idsvc"=3 (0x3)
"gusvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Game.exe"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas\\Binaries\\R6Vegas_Launcher.exe"=
"c:\\Program Files\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2.exe"=
"c:\\Program Files\\Ubisoft\\Ghost Recon Advanced Warfighter 2\\graw2_dedicated.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"86:TCP"= 86:TCP:BroadCam Web Server
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-08-16 111184]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-01-12 95888]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-01-12 41680]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [2006-01-13 15872]
R3 EuMusDesignVirtualAudioCableWdm_sdh;Sandhills Audio Cable;c:\windows\system32\drivers\vacsdhkd.sys [2008-10-28 29568]
R3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [2008-10-22 27136]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-06-11 69120]
R3 ramirr;ramirr;c:\windows\system32\drivers\ramirr.sys [2007-04-17 10168]
R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [2008-06-12 9446]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-08-16 20560]
R4 RARfsDriver;RemotelyAnywhere Remote File System Driver;c:\windows\system32\drivers\RARfsDriver.sys [2008-11-09 46000]
R4 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-01-03 603904]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS --> c:\windows\system32\drivers\COMMONFX.SYS [?]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS --> c:\windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS --> c:\windows\system32\drivers\CTERFXFX.SYS [?]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS --> c:\windows\system32\drivers\CTSBLFX.SYS [?]
S3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\windows\system32\drivers\pixmc10c.sys [2008-09-03 31232]
S3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\windows\system32\drivers\pixmc10a.sys [2008-09-03 28060]
S3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\windows\system32\drivers\pixmc10v.sys [2008-09-03 22652]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S3 XMPKHFZ;XMPKHFZ;c:\docume~1\Admin\LOCALS~1\Temp\XMPKHFZ.exe --> c:\docume~1\Admin\LOCALS~1\Temp\XMPKHFZ.exe [?]
S4 RARfsClientNP;RARfsClientNP; [x]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2009-01-22 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]
2009-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-764733703-725345543-1004.job
- c:\documents and settings\Admin\Local Settings\Data aplikac []
2009-01-22 c:\windows\Tasks\User_Feed_Synchronization-{02825633-337D-49CE-9D1C-8F1E65DE55BB}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: &NeoTrace It! - c:\progra~1\NEOTRA~1\NTXcontext.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: {96309ED7-3A15-4007-A655-9AA995F1C6F0} = 213.180.36.130,213.180.36.131
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {65D72393-E210-4A2A-B8E0-10AC45986770} - hxxp://pl.recruit.netmonitor.cz/WebInstaller.dll
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://
www.creative.com/softwareupdate/su/ocx/ ... TSUEng.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-01-22 19:18:28
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = c:\program files\Creative\Splash Screen\CTEaxSpl.EXE /run??????????st????\?w? ?w???????w???w4???????.??w4???????4???TA?s4???&????&8?T???\???????????\???\???????t???5?7~e?7~\???\???????x?b?L????C@?\???\??????s&???\??????s\????&8?A??s?&8??C@?x???`|?w\?????@
skenování skrytých souborů ...
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1614895754-764733703-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b0,d7,1d,30,74,95,8c,6f,39,52,3f,90,07,f0,ee,22,9f,8a,2a,71,43,5e,3c,
cd,5d,38,cf,f5,52,40,57,8e,7f,68,66,fc,52,9d,c4,e8,d6,33,13,d8,c6,0f,1b,47,\
"??"=hex:fa,06,fb,80,ba,e0,60,b6,25,b6,db,8f,f7,62,ad,da
[HKEY_USERS\S-1-5-21-1614895754-764733703-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:cf,e5,4f,cb,82,13,4a,de,d6,c3,8c,51,76,6a,ac,49,ee,eb,f5,9c,f7,
d4,d0,d3,8d,a6,51,f5,bf,37,eb,c4,dc,00,a0,ad,37,a0,a0,7c,81,d1,91,76,b3,d5,\
"rkeysecu"=hex:04,23,80,ad,0b,35,1d,a2,08,e2,64,21,cf,05,d6,78
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,42,02,ea,7e,f8,
cc,c1,ce,2e,e8,e1,00,eb,16,2b,de,26,a0,ca,82,d1,bd,c9,a6,e2,63,26,f1,3f,c8,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,4e,21,e7,41,6e,
8d,b5,ea,46,47,15,b0,92,4b,c7,ef,39,2a,7b,be,7b,ab,fb,43,6a,9c,d6,61,af,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:7a,45,05,fd,91,e8,6f,31,d2,3c,d1,bf,03,
35,a7,d6,7a,45,05,fd,91,e8,6f,31,69,5a,b1,fa,82,24,a9,cf,ff,7c,85,e0,43,d4,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,91,41,a0,ec,4f,
5f,2f,4a,6b,65,49,6a,7e,99,74,f7,9b,d8,7d,d9,cc,1e,c0,71,86,8c,21,01,be,91,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,8f,03,fd,69,c3,
9a,cb,3b,e9,02,6c,fa,fb,1d,47,57,73,3d,02,e5,74,1b,c9,6f,f5,1d,4d,73,a8,13,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,26,e9,95,62,61,
8e,c7,5d,50,93,e5,ab,ec,6a,4e,ab,df,80,63,6b,91,e1,1c,6e,df,20,58,62,78,6b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,83,ad,aa,f2,24,
72,e0,b8,97,20,4e,9a,c7,f1,35,ee,d2,86,9d,85,43,e8,bd,f7,fb,a7,78,e6,12,2f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,16,a1,48,e4,41,
a1,80,9f,aa,52,c6,00,84,3c,26,64,0e,5d,28,1a,8c,b3,6a,fd,01,3a,48,fc,e8,04,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,39,f6,dd,62,51,
22,4e,df,b2,46,9a,e2,1b,fe,1b,94,72,23,39,53,5b,f6,37,68,f6,0f,4e,58,98,5b,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,45,3b,25,51,68,
d9,5e,43,37,a4,aa,c3,a6,15,56,0a,e1,62,4c,68,27,9a,73,19,3d,ce,ea,26,2d,45,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,1d,c7,d1,e5,e2,
fe,3c,7b,f8,31,0f,a9,5f,a0,ec,fb,d3,43,bf,51,51,58,02,e3,2a,b7,cc,b5,b9,7f,\
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,38,ab,08,a2,c5,
0e,4d,3b,05,73,21,dd,54,d8,4a,c5,45,01,34,9f,c1,75,d1,88,6c,43,2d,1e,aa,22,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(540)
c:\windows\system32\RAinit.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ZoneLabs\vsmon.exe
c:\windows\system32\ZoneLabs\avsys\ScanningProcess.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\ZoneLabs\avsys\ScanningProcess.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\searchindexer.exe
c:\program files\Common Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\combofix\hidec.exe
c:\progra~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
c:\combofix\Catchme.tmp
c:\windows\system32\wscntfy.exe
c:\windows\system32\verclsid.exe
.
**************************************************************************
.
Celkový čas: 2009-01-22 19:23:10 - počítač byl restartován [Admin]
ComboFix-quarantined-files.txt 2009-01-22 18:21:42
ComboFix2.txt 2009-01-22 14:15:53
ComboFix3.txt 2009-01-16 14:13:54
Před spuštěním: Volných bajtů: 54,032,789,504
Po spuštění: Volných bajtů: 54,009,171,968
Current=7 Default=7 Failed=6 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
634 --- E O F --- 2009-01-14 11:29:09
přijatý 2009.01.22 17:06:16 (CET)
Ahoj mám takýto problém 
nechce sa mi otvoriť mechanika 
Přispějete na provoz fóra?