Logfile of random's system information tool 1.08 (written by random/random)
Run by Fl at 2010-12-15 13:48:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 615 MB (3%) free of 20 GB
Total RAM: 1022 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:12, on 15-XII-2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\kdisk.co.kr\kdisk(fast2)\NetAccelerator.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\gwdrive32.exe
C:\WINDOWS\svchost.exe
C:\DOCUME~1\Fl\LOCALS~1\Temp\3897.exe
C:\Program Files\Exstora\Exstora.exe
C:\Program Files\Glary Utilities\Integrator.exe
C:\DOCUME~1\Fl\LOCALS~1\Temp\msdrv32a.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Glary Utilities\regdefrag.exe
C:\Program Files\wincmd2\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\DOCUME~1\Fl\LOCALS~1\Temp\msdrv32a.exe
c:\Downloads\dotnetfx35.exe
C:\Downloads\RSIT.exe
e:\373ac37d80ca3333c5f1fc5c85491a05\wcu\dotNetFramework\dotNetFx35setup.exe
C:\Program Files\trend micro\Fl.exe
e:\8a7495612618e9d396a11a\setup.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\msiexec.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://qip.ru/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\gwdrive32.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [svchost245843] C:\WINDOWS\svchost.exe
O4 - HKLM\..\Run: [Advanced HTTPL Enable] C:\DOCUME~1\Fl\LOCALS~1\Temp\3897.exe
O4 - HKLM\..\Run: [KAutoUP.exe] C:\Program Files\kdisk.co.kr\kdisk(normal)\KAutoUP.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UpdateService\isuspm.exe -startup
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [12CFG214-K641-12SF-N85P] C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone:
http://www.atdhe.net
O15 - Trusted Zone: *.atdhe.net
O15 - Trusted Zone:
www.gamedesire.com
O15 - Trusted Zone:
http://www.gamedesire.com
O15 - Trusted Zone: *.kb.cz
O15 - Trusted Zone:
http://www.mifa.cz
O15 - Trusted Zone: *.mojebanka.cz
O15 - Trusted Zone:
http://www.upc.cz
O15 - Trusted Zone:
http://www.upcmoviequiz.com
O20 - AppInit_DLLs:
O20 - Winlogon Notify: csbdll - csbdll.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetAccelerator_Service (NetAccelerator) - ebase - C:\Program Files\kdisk.co.kr\kdisk(fast2)\NetAccelerator.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Fl/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg
--
End of file - 9312 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AWC Update.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\NoTrax Updates.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-11-30 95744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2004-09-04 233472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-03 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-03 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"SmartGuardian"=C:\Program Files\ITE\Smart Guardian\ITESmart.exe [2003-09-30 180224]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Microsoft Driver Setup"=C:\WINDOWS\gwdrive32.exe [2010-12-15 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-04 2219184]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"svchost245843"=C:\WINDOWS\svchost.exe [2010-12-15 64512]
"Advanced HTTPL Enable"=C:\DOCUME~1\Fl\LOCALS~1\Temp\3897.exe [2010-12-15 57344]
"KAutoUP.exe"=C:\Program Files\kdisk.co.kr\kdisk(normal)\KAutoUP.exe [2010-10-21 1009688]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UpdateService\isuspm.exe [2004-04-17 196608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-26 328056]
"RegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"12CFG214-K641-12SF-N85P"=C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe [2010-12-15 73728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
C:\Documents and Settings\Fl\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll]
C:\WINDOWS\system32\csbdll.dll [2010-12-15 68608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\kdisk.co.kr\KDisk(fast2)\KdiskDown.exe"="C:\Program Files\kdisk.co.kr\KDisk(fast2)\KdiskDown.exe:*:Enabled:KdiskDown.exe"
"C:\Program Files\kdisk.co.kr\KDisk(fast2)\NetAccelerator.exe"="C:\Program Files\kdisk.co.kr\KDisk(fast2)\NetAccelerator.exe:*:Enabled:NetAccelerator.exe"
"C:\DOCUME~1\Fl\LOCALS~1\Temp\5826269.exe"="C:\DOCUME~1\Fl\LOCALS~1\Temp\5826269.exe:*:C:\WINDOWS\gwdrive32.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-12-15 13:48:37 ----D---- C:\Program Files\trend micro
2010-12-15 13:48:28 ----D---- C:\rsit
2010-12-15 13:38:20 ----A---- C:\WINDOWS\system32\csbdll.dll
2010-12-15 13:30:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2010-12-15 12:15:32 ----RSH---- C:\WINDOWS\svchost.exe
2010-12-15 12:03:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-12-15 12:00:53 ----D---- C:\Program Files\QIP
2010-12-15 09:29:52 ----D---- C:\Documents and Settings\Fl\Data aplikací\IObit
2010-12-15 09:25:34 ----D---- C:\Program Files\ESET
2010-12-15 09:25:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-12-15 09:19:43 ----D---- C:\Program Files\AutocompletePro
2010-12-15 09:19:30 ----D---- C:\Program Files\FLVTube Player
2010-12-15 09:11:19 ----D---- C:\Program Files\CCleaner
2010-12-15 09:05:27 ----D---- C:\Program Files\VS Revo Group
2010-12-15 09:00:07 ----RSH---- C:\WINDOWS\gwdrive32.exe
2010-12-15 08:25:29 ----D---- C:\WINDOWS\Speeditup Free
2010-12-15 08:00:23 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-15 08:00:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-15 08:00:17 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-12-15 07:58:57 ----D---- C:\avrescue
2010-12-15 07:36:48 ----A---- C:\WINDOWS\system32\drivers\bxuipgp.sys
2010-12-15 07:33:58 ----A---- C:\WINDOWS\Jjehia.exe
2010-12-15 07:33:40 ----D---- C:\Documents and Settings\Fl\Data aplikací\updates
2010-12-15 05:40:08 ----RSH---- C:\Documents and Settings\Fl\Data aplikací\ohydy.exe
2010-12-15 04:30:08 ----D---- C:\Documents and Settings\Fl\Data aplikací\Systweak
2010-12-15 04:28:03 ----D---- C:\Program Files\Advanced System Optimizer 3
2010-12-15 04:07:05 ----SHD---- C:\Config.Msi
2010-12-15 03:14:54 ----D---- C:\Program Files\NetScream
2010-12-15 03:13:36 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-12-13 21:49:08 ----A---- C:\3 bugy.txt
2010-12-13 15:27:32 ----D---- C:\Program Files\ToniArts
2010-12-10 12:24:30 ----A---- C:\pokerstarsbug1.txt
2010-12-08 10:34:47 ----D---- C:\Program Files\QIP Infium
2010-12-07 08:41:28 ----A---- C:\Documents and Settings\Fl\Data aplikací\jkgbkhjkv.bat
2010-12-04 22:54:08 ----D---- C:\Program Files\kdisk.co.kr
2010-12-04 09:53:33 ----A---- C:\doknaly chat.txt
2010-12-02 08:01:44 ----D---- C:\Documents and Settings\Fl\Data aplikací\Desktop Sidebar
2010-12-02 07:58:02 ----D---- C:\Program Files\Desktop Sidebar
2010-11-30 00:12:13 ----A---- C:\obchodak.txt
2010-11-29 03:07:43 ----D---- C:\Program Files\Microsoft Virtual PC
2010-11-29 02:58:35 ----A---- C:\hodnotit.txt
2010-11-21 22:49:12 ----A---- C:\WINDOWS\VHK.bat
2010-11-16 09:09:30 ----D---- C:\Documents and Settings\Fl\Data aplikací\Apple Computer
2010-11-16 09:03:44 ----D---- C:\Program Files\QuickTime
2010-11-16 09:02:41 ----D---- C:\Program Files\Common Files\Apple
2010-11-16 09:02:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
======List of files/folders modified in the last 1 months======
2010-12-15 13:49:11 ----D---- C:\WINDOWS\Temp
2010-12-15 13:48:37 ----RD---- C:\Program Files
2010-12-15 13:46:37 ----D---- C:\Downloads
2010-12-15 13:43:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\uTorrent
2010-12-15 13:43:17 ----A---- C:\WINDOWS\wincmd.ini
2010-12-15 13:39:52 ----D---- C:\Documents and Settings\Fl\Data aplikací\Uniblue
2010-12-15 13:39:43 ----SD---- C:\WINDOWS\Tasks
2010-12-15 13:38:20 ----D---- C:\WINDOWS\system32
2010-12-15 13:36:16 ----D---- C:\WINDOWS
2010-12-15 13:34:45 ----HD---- C:\WINDOWS\inf
2010-12-15 13:34:45 ----D---- C:\WINDOWS\system32\drivers
2010-12-15 13:33:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-15 12:15:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-12-15 12:13:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\comodo
2010-12-15 10:46:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-15 10:45:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-12-15 10:42:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-15 10:42:13 ----D---- C:\Program Files\Windows Media Player
2010-12-15 10:42:13 ----D---- C:\Program Files\The KMPlayer
2010-12-15 10:42:13 ----D---- C:\Program Files\PokerStars
2010-12-15 10:42:13 ----D---- C:\Program Files\NewLive All Media To Mp3 Converter
2010-12-15 10:42:13 ----D---- C:\Program Files\Lark Anti-Spyware
2010-12-15 10:42:13 ----D---- C:\Program Files\jv16 PowerTools 2010
2010-12-15 10:42:13 ----D---- C:\Program Files\DivX
2010-12-15 10:42:13 ----D---- C:\Program Files\COMODO
2010-12-15 10:42:13 ----D---- C:\Program Files\Adobe
2010-12-15 10:42:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\RapidSolution
2010-12-15 10:42:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-12-15 10:42:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg8
2010-12-15 10:42:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-12-15 10:36:06 ----SHD---- C:\WINDOWS\Installer
2010-12-15 09:37:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-12-15 09:28:44 ----D---- C:\WINDOWS\WinSxS
2010-12-15 09:28:08 ----D---- C:\Program Files\Common Files
2010-12-15 09:17:19 ----D---- C:\Documents and Settings\Fl\Data aplikací\Winamp
2010-12-15 09:17:18 ----D---- C:\Documents and Settings\Fl\Data aplikací\Media Player Classic
2010-12-15 09:15:42 ----D---- C:\WINDOWS\Debug
2010-12-15 09:00:18 ----SHD---- C:\RECYCLER
2010-12-15 09:00:09 ----D---- C:\WINDOWS\Prefetch
2010-12-15 08:57:53 ----D---- C:\WINDOWS\mui
2010-12-15 07:38:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-15 07:01:51 ----RSD---- C:\WINDOWS\assembly
2010-12-15 07:01:34 ----D---- C:\WINDOWS\system32\XPSViewer
2010-12-15 07:01:34 ----D---- C:\WINDOWS\system32\mui
2010-12-15 06:59:16 ----D---- C:\Program Files\Winamp Detect
2010-12-15 06:58:00 ----D---- C:\Program Files\Common Files\Adobe
2010-12-15 06:52:23 ----D---- C:\Program Files\Mozilla Firefox
2010-12-15 06:23:12 ----A---- C:\botok.txt
2010-12-15 03:44:22 ----D---- C:\Documents and Settings
2010-12-15 03:37:02 ----D---- C:\Program Files\DVDVIDEOSOFT
2010-12-13 15:35:44 ----D---- C:\WINDOWS\system32\config
2010-12-13 15:03:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 10:18:57 ----SHD---- C:\WINDOWS\CSC
2010-12-07 09:58:24 ----D---- C:\WINDOWS\system32\NtmsData
2010-12-07 08:53:29 ----D---- C:\WINDOWS\Registration
2010-12-06 03:10:44 ----A---- C:\jak zastavim statisktiky.txt
2010-12-04 21:58:46 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-30 04:31:08 ----SHD---- C:\System Volume Information
2010-11-29 17:53:31 ----D---- C:\ Video3
2010-11-29 03:06:11 ----D---- C:\Program Files\SpeedFan
2010-11-16 20:00:11 ----D---- C:\Program Files\FreeRapid-0.83u1
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Firewall Pro Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2009-03-31 80400]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-14 639224]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2010-09-22 39424]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-03-31 110992]
R1 cmdHlp;COMODO Firewall Pro Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-03-31 24336]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 iteio;iteio; \??\C:\WINDOWS\system32\drivers\iteio.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-09 10604128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-07-26 53376]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-04-14 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-07-26 415360]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-08-19 189568]
S2 SCRCAMHRDRV;ScreenCamera HR; C:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S3 ADASPROT;SYSTWEAKASO; \??\C:\Program Files\Advanced System Optimizer 3\adasprot32.sys []
S3 ag2mlkxh;ag2mlkxh; C:\WINDOWS\system32\drivers\ag2mlkxh.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpnmouse;cpnmouse; C:\WINDOWS\system32\DRIVERS\cpnmouse.sys [2003-11-28 5162]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-09-22 54784]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 wip0202;Wippien Network Adapter; C:\WINDOWS\system32\DRIVERS\wip0202.sys [2007-06-27 23904]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\Firewall\cmdagent.exe [2009-03-31 700152]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-04 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-03 153376]
R2 NetAccelerator;NetAccelerator_Service; C:\Program Files\kdisk.co.kr\kdisk(fast2)\NetAccelerator.exe [2010-10-21 147968]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-04 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
-----------------EOF-----------------
Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný
. Kdepak jste k tomu přišel?
