Prosím o kontrolu logu
Napsal: 08 čer 2012 21:08
Prosím o kontrolu logu, PC se ted nějak podivně chová, předem děkuji.
RSIT log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kosíkovi at 2012-06-08 15:00:08
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 25 GB (49%) free of 51 GB
Total RAM: 2047 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:33, on 8.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
D:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
D:\WINDOWS\system32\mfevtps.exe
D:\Program Files\McAfee Online Backup\MOBKbackup.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
D:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\McAfee.com\Agent\mcagent.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\RunDLL32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
D:\Program Files\IObit\IObit Malware Fighter\IMF.exe
D:\Program Files\TuneUp Utilities 2012\OneClick.exe
D:\Program Files\TuneUp Utilities 2012\TUDefragBackend32.exe
D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Dokumenty\Downloads\RSIT.exe
D:\Program Files\trend micro\Kosíkovi.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - D:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120501145001.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\WINDOWS\8 Skin Pack\Styler\TB\StylerTB.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mcui_exe] "D:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [IObit Malware Fighter] "D:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1644491937-1715567821-839522115-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\progra~1\mcafee\msc\mcsniepl.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - D:\WINDOWS\system32\mfevtps.exe
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - D:\Program Files\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 12232 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\ASC5_AutoClean.job
D:\WINDOWS\tasks\ASC5_AutoUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1715567821-839522115-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1715567821-839522115-1004UA.job
D:\WINDOWS\tasks\SmartDefrag_Startup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{206E52E0-D52E-11D4-AD54-0000E86C26F6}]
D:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll [2011-04-26 491008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - D:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120501145001.dll [2012-03-20 79744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - d:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-08 258120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - d:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-08 258120]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - D:\WINDOWS\8 Skin Pack\Styler\TB\StylerTB.dll [2006-05-02 102400]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - D:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"mcui_exe"=D:\Program Files\McAfee.com\Agent\mcagent.exe [2012-03-21 1318816]
"IObit Malware Fighter"=D:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2012-05-09 4464472]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"nwiz"=D:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"LightScribe Control Panel"=D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 5"=D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"KPeerNexonEU"=D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2012-06-07 438272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[]
D:\Documents and Settings\Kosíkovi\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="D:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Nexon\Combat Arms EU\CombatArms.exe"="D:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Nexon\Combat Arms EU\NMService.exe"="D:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"H:\Hry\Assassins creed Revelations\ACRSP.exe"="H:\Hry\Assassins creed Revelations\ACRSP.exe:*:Enabled:Assassin's Creed Revelations"
"H:\Hry\Assassins creed Revelations\ACRMP.exe"="H:\Hry\Assassins creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer"
"H:\Hry\Assassins creed Revelations\AssassinsCreedRevelations.exe"="H:\Hry\Assassins creed Revelations\AssassinsCreedRevelations.exe:*:Enabled:Assassin's Creed Revelations Update"
"D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe"="D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Nexon\Combat Arms EU\Engine.exe"="D:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\Program Files\Counter-Strike 1.6\hl.exe"="D:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Nexon\Combat Arms EU\CombatArms.exe"="D:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Nexon\Combat Arms EU\Engine.exe"="D:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\imagedrive.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbj.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbr.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroburnrights.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroscoutoptions.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soundtrax.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\waveedit.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=D:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv41"=ir41_32.ax
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2012-06-08 15:00:08 ----D---- D:\rsit
2012-06-08 15:00:08 ----D---- D:\Program Files\trend micro
2012-06-07 20:08:00 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\NVIDIA
2012-06-07 20:05:45 ----D---- D:\Program Files\Counter-Strike 1.6
2012-06-07 19:54:15 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-06-07 19:53:31 ----A---- D:\WINDOWS\system32\nvrsth.dll
2012-06-07 19:52:45 ----A---- D:\WINDOWS\system32\OpenCL.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvgenco32.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvdispco32.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvcuvid.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvcuvenc.dll
2012-06-07 19:52:15 ----A---- D:\WINDOWS\system32\nvcuda.dll
2012-06-07 19:52:13 ----A---- D:\WINDOWS\system32\nvcompiler.dll
2012-06-07 19:51:58 ----D---- D:\Program Files\NVIDIA Corporation
2012-06-07 19:51:21 ----D---- D:\NVIDIA
2012-06-07 19:09:16 ----D---- D:\Program Files\Common Files\Java
2012-06-07 19:08:52 ----D---- D:\Program Files\Oracle
2012-06-07 19:08:45 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Oracle
2012-06-07 19:08:41 ----A---- D:\WINDOWS\system32\npDeployJava1.dll
2012-06-07 19:08:41 ----A---- D:\WINDOWS\system32\javaws.exe
2012-06-07 19:08:37 ----A---- D:\WINDOWS\system32\javaw.exe
2012-06-07 19:08:37 ----A---- D:\WINDOWS\system32\java.exe
2012-06-07 19:01:23 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-06-07 19:01:15 ----D---- D:\WINDOWS\Sun
2012-06-07 18:10:04 ----A---- D:\WINDOWS\system32\SmartDefragBootTime.exe
2012-06-07 18:09:41 ----D---- D:\Program Files\ffdshow
2012-06-07 18:09:35 ----A---- D:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2012-06-07 17:58:47 ----A---- D:\WINDOWS\system32\RegistryDefragBootTime.exe
2012-06-07 17:35:26 ----D---- D:\Program Files\DAEMON Tools Lite
2012-06-07 17:35:06 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\DAEMON Tools Lite
2012-06-07 17:33:43 ----D---- D:\Documents and Settings\All Users\Data aplikací\IObit
2012-06-07 17:33:23 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\IObit
2012-06-07 17:33:18 ----D---- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-06-07 17:33:00 ----D---- D:\Program Files\IObit
2012-06-06 20:17:10 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2012-06-04 12:29:50 ----HDC---- D:\WINDOWS\$NtUninstallKB2718704$
2012-05-26 16:48:53 ----D---- D:\ProgramData
2012-05-26 16:20:56 ----HD---- D:\Documents and Settings\All Users\Data aplikací\Common Files
2012-05-26 16:19:50 ----A---- D:\WINDOWS\system32\uxtuneup.dll
2012-05-26 16:18:00 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Mozilla
2012-05-26 16:17:54 ----D---- D:\Program Files\Conduit
2012-05-26 16:17:39 ----D---- D:\Program Files\uTorrentControl2
2012-05-26 16:17:21 ----D---- D:\Program Files\uTorrent
2012-05-26 16:16:57 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\uTorrent
2012-05-26 16:11:48 ----A---- D:\WINDOWS\system32\TURegOpt.exe
2012-05-26 16:10:41 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\TuneUp Software
2012-05-26 16:09:44 ----D---- D:\Program Files\TuneUp Utilities 2012
2012-05-26 16:08:34 ----D---- D:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-05-26 16:07:51 ----SHD---- D:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-26 10:30:41 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Stardock
2012-05-26 10:30:23 ----HDC---- D:\Documents and Settings\All Users\Data aplikací\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2012-05-26 10:30:19 ----D---- D:\Program Files\Stardock
2012-05-17 18:51:03 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Leadertech
2012-05-15 21:36:43 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-05-15 21:25:57 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\vlc
2012-05-09 22:08:46 ----HDC---- D:\WINDOWS\$NtUninstallKB2659262$
2012-05-09 22:02:36 ----HDC---- D:\WINDOWS\$NtUninstallKB2686509$
2012-05-09 22:02:24 ----HDC---- D:\WINDOWS\$NtUninstallKB2695962$
2012-05-09 22:01:16 ----HDC---- D:\WINDOWS\$NtUninstallKB2676562$
======List of files/folders modified in the last 1 month======
2012-06-08 15:00:28 ----D---- D:\WINDOWS\Prefetch
2012-06-08 15:00:10 ----D---- D:\WINDOWS\Temp
2012-06-08 15:00:08 ----RD---- D:\Program Files
2012-06-08 14:56:45 ----A---- D:\WINDOWS\system32\nxEuUninstall.bat
2012-06-08 14:56:44 ----D---- D:\WINDOWS\system32\CatRoot2
2012-06-08 14:56:42 ----A---- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2012-06-08 14:56:27 ----D---- D:\WINDOWS\system32\drivers
2012-06-08 14:55:23 ----D---- D:\WINDOWS\system32
2012-06-08 09:46:16 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-06-07 20:10:51 ----D---- D:\Download
2012-06-07 19:57:03 ----D---- D:\WINDOWS
2012-06-07 19:54:15 ----SHD---- D:\WINDOWS\Installer
2012-06-07 19:54:15 ----D---- D:\WINDOWS\Help
2012-06-07 19:53:43 ----D---- D:\Documents and Settings
2012-06-07 19:52:40 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-06-07 19:52:27 ----HD---- D:\WINDOWS\inf
2012-06-07 19:52:26 ----D---- D:\WINDOWS\system32\ReinstallBackups
2012-06-07 19:09:16 ----D---- D:\Program Files\Common Files
2012-06-07 19:08:20 ----D---- D:\Program Files\Java
2012-06-07 18:10:04 ----SD---- D:\WINDOWS\Tasks
2012-06-07 17:52:05 ----D---- D:\WINDOWS\system32\config
2012-06-07 17:39:15 ----D---- D:\WINDOWS\Minidump
2012-06-07 17:39:15 ----D---- D:\WINDOWS\Debug
2012-06-07 17:39:10 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Media Player Classic
2012-06-07 17:39:10 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\DAEMON Tools Pro
2012-06-07 17:39:01 ----D---- D:\Program Files\Steam
2012-06-07 16:01:22 ----A---- D:\WINDOWS\NeroDigital.ini
2012-06-04 11:41:21 ----HD---- D:\WINDOWS\$hf_mig$
2012-06-02 09:31:15 ----D---- D:\Program Files\McAfee
2012-05-31 15:22:06 ----A---- D:\WINDOWS\system32\crypt32.dll
2012-05-26 10:31:37 ----RSD---- D:\WINDOWS\assembly
2012-05-26 09:04:37 ----SD---- D:\Documents and Settings\Kosíkovi\Data aplikací\Microsoft
2012-05-17 18:42:24 ----D---- D:\WINDOWS\system32\DirectX
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nvoglnt.dll
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nvapi.dll
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nv4_disp.dll
2012-05-15 11:43:36 ----A---- D:\WINDOWS\system32\nvrszhc.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrszht.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrssv.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrsit.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsnl.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsko.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsesm.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrseng.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsel.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsar.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrssl.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrspt.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsno.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrshe.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsfr.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsfi.dll
2012-05-15 11:43:32 ----A---- D:\WINDOWS\system32\nvrses.dll
2012-05-15 11:43:31 ----A---- D:\WINDOWS\system32\nvrssk.dll
2012-05-15 11:43:31 ----A---- D:\WINDOWS\system32\nvrsru.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrstr.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrshu.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrsda.dll
2012-05-15 11:43:29 ----A---- D:\WINDOWS\system32\nvrspl.dll
2012-05-15 11:43:29 ----A---- D:\WINDOWS\system32\nvrsja.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrsptb.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrsde.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrscs.dll
2012-05-15 11:40:26 ----A---- D:\WINDOWS\system32\nvwddi.dll
2012-05-15 11:40:02 ----A---- D:\WINDOWS\system32\nvcpl.dll
2012-05-15 11:40:02 ----A---- D:\WINDOWS\system32\nvcolor.exe
2012-05-15 11:40:01 ----A---- D:\WINDOWS\system32\nvsvc32.exe
2012-05-15 11:40:01 ----A---- D:\WINDOWS\system32\nvmctray.dll
2012-05-10 15:56:24 ----D---- D:\WINDOWS\Microsoft.NET
2012-05-09 22:08:47 ----D---- D:\WINDOWS\WinSxS
2012-05-09 22:08:37 ----D---- D:\WINDOWS\system32\XPSViewer
2012-05-09 22:05:03 ----A---- D:\WINDOWS\system32\MRT.exe
2012-05-09 22:04:48 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 mfehidk;McAfee Inc. mfehidk; D:\WINDOWS\system32\drivers\mfehidk.sys [2012-02-22 464304]
R0 SmartDefragDriver;SmartDefragDriver; D:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2012-06-07 477240]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 mfetdi2k;McAfee Inc. mfetdi2k; D:\WINDOWS\system32\drivers\mfetdi2k.sys [2012-02-22 89792]
R1 MOBKFilter;MOBKFilter; D:\WINDOWS\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/03/02 21:56:41]; \??\D:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R3 cfwids;McAfee Inc. cfwids; D:\WINDOWS\system32\drivers\cfwids.sys [2012-02-22 57600]
R3 EagleXNt;EagleXNt; \??\D:\WINDOWS\system32\drivers\EagleXNt.sys []
R3 FileMonitor;FileMonitor; \??\D:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 mfeapfk;McAfee Inc. mfeapfk; D:\WINDOWS\system32\drivers\mfeapfk.sys [2012-02-22 121544]
R3 mfeavfk;McAfee Inc. mfeavfk; D:\WINDOWS\system32\drivers\mfeavfk.sys [2012-02-22 180848]
R3 mfebopk;McAfee Inc. mfebopk; D:\WINDOWS\system32\drivers\mfebopk.sys [2012-02-22 59456]
R3 mfefirek;McAfee Inc. mfefirek; D:\WINDOWS\system32\drivers\mfefirek.sys [2012-02-22 340920]
R3 mfendiskmp;mfendiskmp; D:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-02-22 83856]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 RegFilter;RegFilter; \??\D:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 UrlFilter;UrlFilter; \??\D:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aqyywxps;aqyywxps; D:\WINDOWS\system32\drivers\aqyywxps.sys []
S3 mfeavfk01;McAfee Inc.; D:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; D:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-02-22 83856]
S3 mferkdet;McAfee Inc. mferkdet; D:\WINDOWS\system32\drivers\mferkdet.sys [2012-02-22 87656]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 IMFservice;IMF Service; D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-04-04 161664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McMPFSvc;McAfee Personal Firewall Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 mcmscsvc;McAfee Services; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McNaiAnn;McAfee VirusScan Announcer; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McNASvc;McAfee Network Agent; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McProxy;McAfee Proxy Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McShield;McAfee McShield; D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-03-20 166288]
R2 mfefire;McAfee Firewall Core Service; D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 161632]
R2 mfevtp;McAfee Validation Trust Protection Service; D:\WINDOWS\system32\mfevtps.exe [2012-03-20 151880]
R2 MOBKbackup;1%; D:\Program Files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
R2 MSK80Service;McAfee Anti-Spam Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2012-03-03 75136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-05-29 1528672]
R2 UxTuneUp;TuneUp Theme Extension; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McODS;McAfee Scanner; D:\Program Files\McAfee\VirusScan\mcods.exe [2012-03-22 361976]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S4 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
-----------------EOF-----------------
LOG z COMBO FIXU:
ComboFix 12-06-08.02 - Kosíkovi 08.06.2012 18:28:09.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1500 [GMT 2:00]
Spuštěný z: d:\documents and settings\KosÝkovi\Plocha\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\system32\dllcache\dlimport.exe
d:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-08 do 2012-06-08 )))))))))))))))))))))))))))))))
.
.
2012-06-08 13:00 . 2012-06-08 13:00 -------- d-----w- D:\rsit
2012-06-08 13:00 . 2012-06-08 13:00 -------- d-----w- d:\program files\trend micro
2012-06-07 18:08 . 2012-06-07 18:08 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\NVIDIA
2012-06-07 18:05 . 2012-06-07 18:54 -------- d-----w- d:\program files\Counter-Strike 1.6
2012-06-07 17:54 . 2012-06-07 17:54 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-06-07 17:53 . 2012-06-07 17:53 -------- d-----w- d:\documents and settings\UpdatusUser
2012-06-07 17:53 . 2012-05-15 09:43 253952 ----a-w- d:\windows\system32\nvrsth.dll
2012-06-07 17:52 . 2012-05-15 10:18 65536 ----a-w- d:\windows\system32\OpenCL.dll
2012-06-07 17:52 . 2012-06-07 17:52 1074636 ----a-w- d:\windows\system32\nvdrsdb0.bin
2012-06-07 17:52 . 2012-06-07 17:52 1 ----a-w- d:\windows\system32\nvdrssel.bin
2012-06-07 17:52 . 2012-06-07 17:52 1074636 ----a-w- d:\windows\system32\nvdrsdb1.bin
2012-06-07 17:52 . 2012-05-15 10:18 883008 ----a-w- d:\windows\system32\nvgenco32.dll
2012-06-07 17:52 . 2012-05-15 10:18 2530624 ----a-w- d:\windows\system32\nvcuvid.dll
2012-06-07 17:52 . 2012-05-15 10:18 2445120 ----a-w- d:\windows\system32\nvcuvenc.dll
2012-06-07 17:52 . 2012-05-15 10:18 1000768 ----a-w- d:\windows\system32\nvdispco32.dll
2012-06-07 17:52 . 2012-05-15 10:18 6012928 ----a-w- d:\windows\system32\nvcuda.dll
2012-06-07 17:52 . 2012-05-15 10:18 17543168 ----a-w- d:\windows\system32\nvcompiler.dll
2012-06-07 17:51 . 2012-06-07 17:54 -------- d-----w- d:\program files\NVIDIA Corporation
2012-06-07 17:51 . 2012-06-07 17:51 -------- d-----w- D:\NVIDIA
2012-06-07 17:09 . 2012-06-07 17:09 -------- d-----w- d:\program files\Common Files\Java
2012-06-07 17:09 . 2012-06-07 17:09 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Sun
2012-06-07 17:08 . 2012-06-07 17:08 -------- d-----w- d:\program files\Oracle
2012-06-07 17:08 . 2012-06-07 17:08 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Oracle
2012-06-07 17:08 . 2012-04-04 16:47 772504 ----a-w- d:\windows\system32\npDeployJava1.dll
2012-06-07 17:01 . 2012-06-07 17:53 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA
2012-06-07 17:01 . 2012-06-07 17:01 -------- d-----w- d:\windows\Sun
2012-06-07 16:10 . 2012-05-08 16:35 29528 ----a-w- d:\windows\system32\SmartDefragBootTime.exe
2012-06-07 16:09 . 2012-06-07 16:09 -------- d-----w- d:\program files\ffdshow
2012-06-07 16:09 . 2010-11-26 16:02 14776 ----a-w- d:\windows\system32\drivers\SmartDefragDriver.sys
2012-06-07 15:58 . 2012-02-23 12:25 21336 ----a-w- d:\windows\system32\RegistryDefragBootTime.exe
2012-06-07 15:47 . 2012-06-07 15:47 -------- d-----w- d:\windows\system32\config\systemprofile\Data aplikací\IObit
2012-06-07 15:35 . 2012-06-07 15:35 -------- d-----w- d:\program files\DAEMON Tools Lite
2012-06-07 15:35 . 2012-06-07 16:51 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\DAEMON Tools Lite
2012-06-07 15:33 . 2012-06-07 16:09 -------- d-----w- d:\documents and settings\All Users\Data aplikací\IObit
2012-06-07 15:33 . 2012-06-08 07:27 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\IObit
2012-06-07 15:33 . 2012-06-07 15:50 -------- d-----w- d:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-06-07 15:33 . 2012-06-07 16:10 -------- d-----w- d:\program files\IObit
2012-05-29 15:16 . 2012-05-29 15:16 -------- d-----w- d:\documents and settings\LocalService\Data aplikací\TuneUp Software
2012-05-27 08:26 . 2012-05-27 08:26 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Stardock
2012-05-26 14:48 . 2012-05-26 14:48 -------- d-----w- D:\ProgramData
2012-05-26 14:20 . 2012-05-26 14:20 -------- d--h--w- d:\documents and settings\All Users\Data aplikací\Common Files
2012-05-26 14:19 . 2012-05-29 18:46 29024 ----a-w- d:\windows\system32\uxtuneup.dll
2012-05-26 14:18 . 2012-05-26 14:18 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\CRE
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\program files\Conduit
2012-05-26 14:17 . 2012-06-07 17:00 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\uTorrentControl2
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Conduit
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Temp
2012-05-26 14:17 . 2012-05-26 17:53 -------- d-----w- d:\program files\uTorrent
2012-05-26 14:16 . 2012-06-07 15:39 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\uTorrent
2012-05-26 14:11 . 2012-05-29 18:46 31584 ----a-w- d:\windows\system32\TURegOpt.exe
2012-05-26 14:10 . 2012-05-26 14:10 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\TuneUp Software
2012-05-26 14:09 . 2012-06-02 07:36 -------- d-----w- d:\program files\TuneUp Utilities 2012
2012-05-26 14:08 . 2012-05-26 14:11 -------- d-----w- d:\documents and settings\All Users\Data aplikací\TuneUp Software
2012-05-26 14:07 . 2012-05-26 14:07 -------- d-sh--w- d:\documents and settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-26 08:30 . 2012-05-26 08:30 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Stardock
2012-05-26 08:30 . 2012-05-26 08:30 -------- dc-h--w- d:\documents and settings\All Users\Data aplikací\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2012-05-26 08:30 . 2012-05-26 08:30 -------- d-----w- d:\program files\Stardock
2012-05-26 08:29 . 2012-05-26 08:29 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\PackageAware
2012-05-17 16:51 . 2012-05-17 16:51 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Leadertech
2012-05-15 19:36 . 2012-05-15 19:36 107888 ----a-w- d:\windows\system32\CmdLineExt.dll
2012-05-15 19:25 . 2012-05-15 19:31 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-08 12:56 . 2012-03-02 20:40 235 ----a-w- d:\windows\system32\nxEuUninstall.bat
2012-06-08 12:56 . 2012-03-02 20:40 446464 ----a-w- d:\windows\NEXON_EU_DownloaderUpdater.exe
2012-06-07 15:35 . 2012-03-02 20:52 477240 ----a-w- d:\windows\system32\drivers\sptd.sys
2012-05-31 13:22 . 2002-09-20 18:03 602112 ----a-w- d:\windows\system32\crypt32.dll
2012-05-15 10:18 . 2012-03-02 20:38 4373248 ----a-w- d:\windows\system32\nv4_disp.dll
2012-05-15 10:18 . 2012-03-02 20:36 14014656 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
2012-05-15 10:18 . 2007-05-10 22:03 2359808 ----a-w- d:\windows\system32\nvapi.dll
2012-05-15 10:18 . 2007-05-10 22:03 18771968 ----a-w- d:\windows\system32\nvoglnt.dll
2012-05-15 09:43 . 2007-05-10 22:03 229376 ----a-w- d:\windows\system32\nvrszhc.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrsit.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrssv.dll
2012-05-15 09:43 . 2007-05-10 22:03 126976 ----a-w- d:\windows\system32\nvrszht.dll
2012-05-15 09:43 . 2007-05-10 22:03 335872 ----a-w- d:\windows\system32\nvrsar.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrsel.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsnl.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsesm.dll
2012-05-15 09:43 . 2007-05-10 22:03 266240 ----a-w- d:\windows\system32\nvrsko.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrseng.dll
2012-05-15 09:43 . 2007-05-10 22:03 335872 ----a-w- d:\windows\system32\nvrshe.dll
2012-05-15 09:43 . 2007-05-10 22:03 286720 ----a-w- d:\windows\system32\nvrsfr.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrspt.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrssl.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrsno.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrsfi.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrses.dll
2012-05-15 09:43 . 2007-05-10 22:03 270336 ----a-w- d:\windows\system32\nvrsru.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrssk.dll
2012-05-15 09:43 . 2007-05-10 22:03 262144 ----a-w- d:\windows\system32\nvrshu.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrstr.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrsda.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsja.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrspl.dll
2012-05-15 09:43 . 2007-05-10 22:03 278528 ----a-w- d:\windows\system32\nvrsde.dll
2012-05-15 09:43 . 2007-05-10 22:03 270336 ----a-w- d:\windows\system32\nvrsptb.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrscs.dll
2012-05-15 09:40 . 2007-05-10 22:03 54272 ----a-w- d:\windows\system32\nvwddi.dll
2012-05-15 09:40 . 2007-05-10 22:03 15504192 ----a-w- d:\windows\system32\nvcpl.dll
2012-05-15 09:40 . 2007-05-10 22:03 143680 ----a-w- d:\windows\system32\nvcolor.exe
2012-05-15 09:40 . 2007-05-10 22:03 164160 ----a-w- d:\windows\system32\nvsvc32.exe
2012-05-15 09:40 . 2007-05-10 22:03 108352 ----a-w- d:\windows\system32\nvmctray.dll
2012-04-11 13:55 . 2002-09-20 17:12 2028544 ----a-w- d:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2002-09-20 17:41 1862272 ----a-w- d:\windows\system32\win32k.sys
2012-04-11 13:55 . 2002-09-20 17:12 2150400 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-04-04 16:47 . 2012-03-02 20:53 143872 ----a-w- d:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2012-03-02 20:53 687504 ----a-w- d:\windows\system32\deployJava1.dll
2012-03-20 11:11 . 2012-03-03 07:44 151880 ----a-w- d:\windows\system32\mfevtps.exe
2012-03-11 16:06 . 2002-09-20 18:04 219648 ----a-w- d:\windows\system32\uxtheme.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\8 Skin Pack\Backup\comres.dll
[-] 2008-04-14 07:51 . 2E910A688E082303276D65B1A6DD1397 . 1495040 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 07:51 . 2E910A688E082303276D65B1A6DD1397 . 1495040 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[-] 2001-10-25 13:00 . 7ED4531538DC4E894A402C2FEE7B6E1F . 806912 . . [2001.12.4414.42] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\8 Skin Pack\Backup\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2002-09-20 . 018875C2BB77F304A7CF7153E088DAAA . 557056 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2002-09-20 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\8 Skin Pack\Backup\user32.dll
[-] 2008-04-14 . 222B525D2E73A6AE77D18095623D9FC4 . 644608 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 222B525D2E73A6AE77D18095623D9FC4 . 644608 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[-] 2002-09-20 . 8A4AC21E2A55ECA66FBC5EDD40231845 . 560128 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 5AAC566719B2DFC24DFFE22290EDC16C . 1658880 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\8 Skin Pack\Backup\explorer.exe
[-] 2008-04-14 . 5AAC566719B2DFC24DFFE22290EDC16C . 1658880 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-09-20 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 7E730C7FB7F549A609A119BD00E072FF . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\8 Skin Pack\Backup\regedit.exe
[-] 2008-04-14 . 7E730C7FB7F549A609A119BD00E072FF . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[-] 2002-09-20 . CACBD69B163C20EF7D56593C28783F8D . 135680 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2011-11-01 . ED9B683C7A8BBAAAB9B377197D20832C . 1288192 . . [5.1.2600.6168] . . d:\windows\8 Skin Pack\Backup\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\system32\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . B5EEF42BC72418EECC3DD3D93B2B5F34 . 1288704 . . [5.1.2600.6168] . . d:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2002-09-20 . 6029A062E9D2E3CD3F99C5102A7A690C . 1169920 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\8 Skin Pack\Backup\iexplore.exe
[-] 2009-03-08 . EA2AD4EF880BE3678CC8F3F31DCF7B52 . 549216 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . EA2AD4EF880BE3678CC8F3F31DCF7B52 . 549216 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . d:\windows\ie8\iexplore.exe
[-] 2002-09-20 . 64648D2C0606543B795103FFF6BF30A7 . 91136 . . [6.00.2800.1106] . . d:\windows\$NtServicePackUninstall$\iexplore.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- d:\program files\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="d:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"LightScribe Control Panel"="d:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-06-20 2736128]
"Advanced SystemCare 5"="d:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"KPeerNexonEU"="d:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-06-07 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-20 18670592]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"mcui_exe"="d:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]
"IObit Malware Fighter"="d:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-05-09 4464472]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"nwiz"="d:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"KPeerNexonEU"=d:\nexon\NEXON_EU_Downloader\nxEULauncher.exe
"Google Update"="d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" /MINIMIZED
"CTFMON.EXE"=d:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl10"="d:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
"NeroFilterCheck"=d:\windows\system32\NeroCheck.exe
"BDRegion"=d:\program files\Cyberlink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"d:\nexon\Combat Arms EU\CombatArms.exe"= d:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"d:\\Nexon\\Combat Arms EU\\NMService.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"h:\\Hry\\Assassins creed Revelations\\ACRSP.exe"=
"h:\\Hry\\Assassins creed Revelations\\ACRMP.exe"=
"h:\\Hry\\Assassins creed Revelations\\AssassinsCreedRevelations.exe"=
"d:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\nexon\Combat Arms EU\Engine.exe"= d:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"d:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;d:\windows\system32\drivers\SmartDefragDriver.sys [7.6.2012 18:09 14776]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 mfetdi2k;McAfee Inc. mfetdi2k;d:\windows\system32\drivers\mfetdi2k.sys [3.3.2012 13:02 89792]
R1 MOBKFilter;MOBKFilter;d:\windows\system32\drivers\MOBK.sys [3.3.2012 13:36 54776]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/03/02 21:56];d:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2.3.2012 22:08 87536]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\IObit\Advanced SystemCare 5\ASCService.exe [7.6.2012 17:33 913752]
R2 IMFservice;IMF Service;d:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7.6.2012 18:10 821592]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 mfefire;McAfee Firewall Core Service;d:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [3.3.2012 13:02 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;d:\windows\system32\mfevtps.exe [3.3.2012 9:44 151880]
R2 MOBKbackup;1%;d:\program files\McAfee Online Backup\MOBKbackup.exe [13.4.2010 21:11 229688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [7.6.2012 19:53 1262400]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [29.5.2012 20:46 1528672]
R3 cfwids;McAfee Inc. cfwids;d:\windows\system32\drivers\cfwids.sys [3.3.2012 13:02 57600]
R3 EagleXNt;EagleXNt;\??\d:\windows\system32\drivers\EagleXNt.sys --> d:\windows\system32\drivers\EagleXNt.sys [?]
R3 FileMonitor;FileMonitor;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [7.6.2012 18:10 246816]
R3 mfefirek;McAfee Inc. mfefirek;d:\windows\system32\drivers\mfefirek.sys [3.3.2012 13:02 340920]
R3 mfendiskmp;mfendiskmp;d:\windows\system32\drivers\mfendisk.sys [3.3.2012 13:02 83856]
R3 RegFilter;RegFilter;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [7.6.2012 18:10 30368]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [20.10.2011 11:48 10064]
R3 UrlFilter;UrlFilter;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [7.6.2012 18:10 16208]
S3 Ambfilt;Ambfilt;d:\windows\system32\drivers\Ambfilt.sys [2.3.2012 22:26 1684736]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;d:\windows\system32\drivers\mfendisk.sys [3.3.2012 13:02 83856]
S3 mferkdet;McAfee Inc. mferkdet;d:\windows\system32\drivers\mferkdet.sys [3.3.2012 13:02 87656]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - UXLIQPOD
*Deregistered* - mfeavfk01
*Deregistered* - uxliqpod
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 14:05 451872 ----a-w- d:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-08 d:\windows\Tasks\ASC5_AutoClean.job
- d:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-06-07 08:49]
.
2012-06-07 d:\windows\Tasks\ASC5_AutoUpdate.job
- d:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-06-07 17:13]
.
2012-06-08 d:\windows\Tasks\SmartDefrag_Startup.job
- d:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-06-07 14:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.30.254 192.168.0.1
Name-Space Handler: ftp\FD - {3BF4771A-18F5-4EAB-80B7-AC254D3C7503} - d:\progra~1\FRESHD~1\FRESHD~1\fdcatch.dll
Name-Space Handler: http\FD - {3BF4771A-18F5-4EAB-80B7-AC254D3C7503} - d:\progra~1\FRESHD~1\FRESHD~1\fdcatch.dll
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-08 18:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1392)
d:\windows\system32\cscui.dll
d:\windows\system32\COMRes.dll
.
Celkový čas: 2012-06-08 18:34:09
ComboFix-quarantined-files.txt 2012-06-08 16:34
.
Před spuštěním: Volných bajtů: 24 230 539 264
Po spuštění: Volných bajtů: 25 233 465 344
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS.0="Microsoft Windows XP Home Edition" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
C:\wubildr.mbr = "Ubuntu"
.
- - End Of File - - 4A1078563AEFF8658C6D4759922C3783
RSIT log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kosíkovi at 2012-06-08 15:00:08
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 25 GB (49%) free of 51 GB
Total RAM: 2047 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:33, on 8.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
D:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
D:\WINDOWS\system32\mfevtps.exe
D:\Program Files\McAfee Online Backup\MOBKbackup.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
D:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\McAfee.com\Agent\mcagent.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\RunDLL32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
D:\Program Files\IObit\IObit Malware Fighter\IMF.exe
D:\Program Files\TuneUp Utilities 2012\OneClick.exe
D:\Program Files\TuneUp Utilities 2012\TUDefragBackend32.exe
D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Kosíkovi\Dokumenty\Downloads\RSIT.exe
D:\Program Files\trend micro\Kosíkovi.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - D:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120501145001.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\WINDOWS\8 Skin Pack\Styler\TB\StylerTB.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - D:\Program Files\uTorrentControl2\prxtbuTor.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [mcui_exe] "D:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [IObit Malware Fighter] "D:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] D:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1644491937-1715567821-839522115-1005\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\progra~1\mcafee\msc\mcsniepl.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - D:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - D:\WINDOWS\system32\mfevtps.exe
O23 - Service: 1% (MOBKbackup) - McAfee, Inc. - D:\Program Files\McAfee Online Backup\MOBKbackup.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 12232 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\ASC5_AutoClean.job
D:\WINDOWS\tasks\ASC5_AutoUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1715567821-839522115-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1644491937-1715567821-839522115-1004UA.job
D:\WINDOWS\tasks\SmartDefrag_Startup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{206E52E0-D52E-11D4-AD54-0000E86C26F6}]
D:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll [2011-04-26 491008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - D:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - D:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120501145001.dll [2012-03-20 79744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - d:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-08 258120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - d:\progra~1\mcafee\sitead~1\mcieplg.dll [2011-08-08 258120]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - D:\WINDOWS\8 Skin Pack\Styler\TB\StylerTB.dll [2006-05-02 102400]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - D:\Program Files\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2009-07-20 18670592]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"mcui_exe"=D:\Program Files\McAfee.com\Agent\mcagent.exe [2012-03-21 1318816]
"IObit Malware Fighter"=D:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2012-05-09 4464472]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"nwiz"=D:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-05-15 1634112]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"LightScribe Control Panel"=D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2011-06-20 2736128]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 5"=D:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"KPeerNexonEU"=D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2012-06-07 438272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[]
D:\Documents and Settings\Kosíkovi\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="D:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Nexon\Combat Arms EU\CombatArms.exe"="D:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Nexon\Combat Arms EU\NMService.exe"="D:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"H:\Hry\Assassins creed Revelations\ACRSP.exe"="H:\Hry\Assassins creed Revelations\ACRSP.exe:*:Enabled:Assassin's Creed Revelations"
"H:\Hry\Assassins creed Revelations\ACRMP.exe"="H:\Hry\Assassins creed Revelations\ACRMP.exe:*:Enabled:Assassin's Creed Revelations Multiplayer"
"H:\Hry\Assassins creed Revelations\AssassinsCreedRevelations.exe"="H:\Hry\Assassins creed Revelations\AssassinsCreedRevelations.exe:*:Enabled:Assassin's Creed Revelations Update"
"D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe"="D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Nexon\Combat Arms EU\Engine.exe"="D:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\Program Files\Counter-Strike 1.6\hl.exe"="D:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Nexon\Combat Arms EU\CombatArms.exe"="D:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Nexon\Combat Arms EU\Engine.exe"="D:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\backitup.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cdspeed.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coverdes.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drivespeed.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\groove.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\imagedrive.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infopath.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infotool.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lightscribecontrolpanel.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lslauncher.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msaccess.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspub.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbj.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbr.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nero.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroburnrights.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerohome.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neromediahome.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\neroscoutoptions.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerostartsmart.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nerovision.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\onenote.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outlook.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnap.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photosnapviewer.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\recode.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setupx.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\showtime.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\soundtrax.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\waveedit.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe]
"Debugger=""D:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=D:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv41"=ir41_32.ax
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2012-06-08 15:00:08 ----D---- D:\rsit
2012-06-08 15:00:08 ----D---- D:\Program Files\trend micro
2012-06-07 20:08:00 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\NVIDIA
2012-06-07 20:05:45 ----D---- D:\Program Files\Counter-Strike 1.6
2012-06-07 19:54:15 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-06-07 19:53:31 ----A---- D:\WINDOWS\system32\nvrsth.dll
2012-06-07 19:52:45 ----A---- D:\WINDOWS\system32\OpenCL.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvgenco32.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvdispco32.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvcuvid.dll
2012-06-07 19:52:16 ----A---- D:\WINDOWS\system32\nvcuvenc.dll
2012-06-07 19:52:15 ----A---- D:\WINDOWS\system32\nvcuda.dll
2012-06-07 19:52:13 ----A---- D:\WINDOWS\system32\nvcompiler.dll
2012-06-07 19:51:58 ----D---- D:\Program Files\NVIDIA Corporation
2012-06-07 19:51:21 ----D---- D:\NVIDIA
2012-06-07 19:09:16 ----D---- D:\Program Files\Common Files\Java
2012-06-07 19:08:52 ----D---- D:\Program Files\Oracle
2012-06-07 19:08:45 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Oracle
2012-06-07 19:08:41 ----A---- D:\WINDOWS\system32\npDeployJava1.dll
2012-06-07 19:08:41 ----A---- D:\WINDOWS\system32\javaws.exe
2012-06-07 19:08:37 ----A---- D:\WINDOWS\system32\javaw.exe
2012-06-07 19:08:37 ----A---- D:\WINDOWS\system32\java.exe
2012-06-07 19:01:23 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-06-07 19:01:15 ----D---- D:\WINDOWS\Sun
2012-06-07 18:10:04 ----A---- D:\WINDOWS\system32\SmartDefragBootTime.exe
2012-06-07 18:09:41 ----D---- D:\Program Files\ffdshow
2012-06-07 18:09:35 ----A---- D:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2012-06-07 17:58:47 ----A---- D:\WINDOWS\system32\RegistryDefragBootTime.exe
2012-06-07 17:35:26 ----D---- D:\Program Files\DAEMON Tools Lite
2012-06-07 17:35:06 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\DAEMON Tools Lite
2012-06-07 17:33:43 ----D---- D:\Documents and Settings\All Users\Data aplikací\IObit
2012-06-07 17:33:23 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\IObit
2012-06-07 17:33:18 ----D---- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-06-07 17:33:00 ----D---- D:\Program Files\IObit
2012-06-06 20:17:10 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2012-06-04 12:29:50 ----HDC---- D:\WINDOWS\$NtUninstallKB2718704$
2012-05-26 16:48:53 ----D---- D:\ProgramData
2012-05-26 16:20:56 ----HD---- D:\Documents and Settings\All Users\Data aplikací\Common Files
2012-05-26 16:19:50 ----A---- D:\WINDOWS\system32\uxtuneup.dll
2012-05-26 16:18:00 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Mozilla
2012-05-26 16:17:54 ----D---- D:\Program Files\Conduit
2012-05-26 16:17:39 ----D---- D:\Program Files\uTorrentControl2
2012-05-26 16:17:21 ----D---- D:\Program Files\uTorrent
2012-05-26 16:16:57 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\uTorrent
2012-05-26 16:11:48 ----A---- D:\WINDOWS\system32\TURegOpt.exe
2012-05-26 16:10:41 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\TuneUp Software
2012-05-26 16:09:44 ----D---- D:\Program Files\TuneUp Utilities 2012
2012-05-26 16:08:34 ----D---- D:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2012-05-26 16:07:51 ----SHD---- D:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-26 10:30:41 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Stardock
2012-05-26 10:30:23 ----HDC---- D:\Documents and Settings\All Users\Data aplikací\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2012-05-26 10:30:19 ----D---- D:\Program Files\Stardock
2012-05-17 18:51:03 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Leadertech
2012-05-15 21:36:43 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-05-15 21:25:57 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\vlc
2012-05-09 22:08:46 ----HDC---- D:\WINDOWS\$NtUninstallKB2659262$
2012-05-09 22:02:36 ----HDC---- D:\WINDOWS\$NtUninstallKB2686509$
2012-05-09 22:02:24 ----HDC---- D:\WINDOWS\$NtUninstallKB2695962$
2012-05-09 22:01:16 ----HDC---- D:\WINDOWS\$NtUninstallKB2676562$
======List of files/folders modified in the last 1 month======
2012-06-08 15:00:28 ----D---- D:\WINDOWS\Prefetch
2012-06-08 15:00:10 ----D---- D:\WINDOWS\Temp
2012-06-08 15:00:08 ----RD---- D:\Program Files
2012-06-08 14:56:45 ----A---- D:\WINDOWS\system32\nxEuUninstall.bat
2012-06-08 14:56:44 ----D---- D:\WINDOWS\system32\CatRoot2
2012-06-08 14:56:42 ----A---- D:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2012-06-08 14:56:27 ----D---- D:\WINDOWS\system32\drivers
2012-06-08 14:55:23 ----D---- D:\WINDOWS\system32
2012-06-08 09:46:16 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-06-07 20:10:51 ----D---- D:\Download
2012-06-07 19:57:03 ----D---- D:\WINDOWS
2012-06-07 19:54:15 ----SHD---- D:\WINDOWS\Installer
2012-06-07 19:54:15 ----D---- D:\WINDOWS\Help
2012-06-07 19:53:43 ----D---- D:\Documents and Settings
2012-06-07 19:52:40 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-06-07 19:52:27 ----HD---- D:\WINDOWS\inf
2012-06-07 19:52:26 ----D---- D:\WINDOWS\system32\ReinstallBackups
2012-06-07 19:09:16 ----D---- D:\Program Files\Common Files
2012-06-07 19:08:20 ----D---- D:\Program Files\Java
2012-06-07 18:10:04 ----SD---- D:\WINDOWS\Tasks
2012-06-07 17:52:05 ----D---- D:\WINDOWS\system32\config
2012-06-07 17:39:15 ----D---- D:\WINDOWS\Minidump
2012-06-07 17:39:15 ----D---- D:\WINDOWS\Debug
2012-06-07 17:39:10 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\Media Player Classic
2012-06-07 17:39:10 ----D---- D:\Documents and Settings\Kosíkovi\Data aplikací\DAEMON Tools Pro
2012-06-07 17:39:01 ----D---- D:\Program Files\Steam
2012-06-07 16:01:22 ----A---- D:\WINDOWS\NeroDigital.ini
2012-06-04 11:41:21 ----HD---- D:\WINDOWS\$hf_mig$
2012-06-02 09:31:15 ----D---- D:\Program Files\McAfee
2012-05-31 15:22:06 ----A---- D:\WINDOWS\system32\crypt32.dll
2012-05-26 10:31:37 ----RSD---- D:\WINDOWS\assembly
2012-05-26 09:04:37 ----SD---- D:\Documents and Settings\Kosíkovi\Data aplikací\Microsoft
2012-05-17 18:42:24 ----D---- D:\WINDOWS\system32\DirectX
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nvoglnt.dll
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nvapi.dll
2012-05-15 12:18:00 ----A---- D:\WINDOWS\system32\nv4_disp.dll
2012-05-15 11:43:36 ----A---- D:\WINDOWS\system32\nvrszhc.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrszht.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrssv.dll
2012-05-15 11:43:35 ----A---- D:\WINDOWS\system32\nvrsit.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsnl.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsko.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsesm.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrseng.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsel.dll
2012-05-15 11:43:34 ----A---- D:\WINDOWS\system32\nvrsar.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrssl.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrspt.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsno.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrshe.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsfr.dll
2012-05-15 11:43:33 ----A---- D:\WINDOWS\system32\nvrsfi.dll
2012-05-15 11:43:32 ----A---- D:\WINDOWS\system32\nvrses.dll
2012-05-15 11:43:31 ----A---- D:\WINDOWS\system32\nvrssk.dll
2012-05-15 11:43:31 ----A---- D:\WINDOWS\system32\nvrsru.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrstr.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrshu.dll
2012-05-15 11:43:30 ----A---- D:\WINDOWS\system32\nvrsda.dll
2012-05-15 11:43:29 ----A---- D:\WINDOWS\system32\nvrspl.dll
2012-05-15 11:43:29 ----A---- D:\WINDOWS\system32\nvrsja.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrsptb.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrsde.dll
2012-05-15 11:43:28 ----A---- D:\WINDOWS\system32\nvrscs.dll
2012-05-15 11:40:26 ----A---- D:\WINDOWS\system32\nvwddi.dll
2012-05-15 11:40:02 ----A---- D:\WINDOWS\system32\nvcpl.dll
2012-05-15 11:40:02 ----A---- D:\WINDOWS\system32\nvcolor.exe
2012-05-15 11:40:01 ----A---- D:\WINDOWS\system32\nvsvc32.exe
2012-05-15 11:40:01 ----A---- D:\WINDOWS\system32\nvmctray.dll
2012-05-10 15:56:24 ----D---- D:\WINDOWS\Microsoft.NET
2012-05-09 22:08:47 ----D---- D:\WINDOWS\WinSxS
2012-05-09 22:08:37 ----D---- D:\WINDOWS\system32\XPSViewer
2012-05-09 22:05:03 ----A---- D:\WINDOWS\system32\MRT.exe
2012-05-09 22:04:48 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 mfehidk;McAfee Inc. mfehidk; D:\WINDOWS\system32\drivers\mfehidk.sys [2012-02-22 464304]
R0 SmartDefragDriver;SmartDefragDriver; D:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2012-06-07 477240]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 mfetdi2k;McAfee Inc. mfetdi2k; D:\WINDOWS\system32\drivers\mfetdi2k.sys [2012-02-22 89792]
R1 MOBKFilter;MOBKFilter; D:\WINDOWS\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/03/02 21:56:41]; \??\D:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl []
R3 cfwids;McAfee Inc. cfwids; D:\WINDOWS\system32\drivers\cfwids.sys [2012-02-22 57600]
R3 EagleXNt;EagleXNt; \??\D:\WINDOWS\system32\drivers\EagleXNt.sys []
R3 FileMonitor;FileMonitor; \??\D:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-07-20 5795328]
R3 mfeapfk;McAfee Inc. mfeapfk; D:\WINDOWS\system32\drivers\mfeapfk.sys [2012-02-22 121544]
R3 mfeavfk;McAfee Inc. mfeavfk; D:\WINDOWS\system32\drivers\mfeavfk.sys [2012-02-22 180848]
R3 mfebopk;McAfee Inc. mfebopk; D:\WINDOWS\system32\drivers\mfebopk.sys [2012-02-22 59456]
R3 mfefirek;McAfee Inc. mfefirek; D:\WINDOWS\system32\drivers\mfefirek.sys [2012-02-22 340920]
R3 mfendiskmp;mfendiskmp; D:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-02-22 83856]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 RegFilter;RegFilter; \??\D:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2009-06-05 142336]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 UrlFilter;UrlFilter; \??\D:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 aqyywxps;aqyywxps; D:\WINDOWS\system32\drivers\aqyywxps.sys []
S3 mfeavfk01;McAfee Inc.; D:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; D:\WINDOWS\system32\DRIVERS\mfendisk.sys [2012-02-22 83856]
S3 mferkdet;McAfee Inc. mferkdet; D:\WINDOWS\system32\drivers\mferkdet.sys [2012-02-22 87656]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 IMFservice;IMF Service; D:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-04-04 161664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McMPFSvc;McAfee Personal Firewall Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 mcmscsvc;McAfee Services; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McNaiAnn;McAfee VirusScan Announcer; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McNASvc;McAfee Network Agent; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McProxy;McAfee Proxy Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 McShield;McAfee McShield; D:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2012-03-20 166288]
R2 mfefire;McAfee Firewall Core Service; D:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 161632]
R2 mfevtp;McAfee Validation Trust Protection Service; D:\WINDOWS\system32\mfevtps.exe [2012-03-20 151880]
R2 MOBKbackup;1%; D:\Program Files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
R2 MSK80Service;McAfee Anti-Spam Service; D:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
R2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2012-03-03 75136]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2012-05-29 1528672]
R2 UxTuneUp;TuneUp Theme Extension; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McODS;McAfee Scanner; D:\Program Files\McAfee\VirusScan\mcods.exe [2012-03-22 361976]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S4 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S4 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
-----------------EOF-----------------
LOG z COMBO FIXU:
ComboFix 12-06-08.02 - Kosíkovi 08.06.2012 18:28:09.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1500 [GMT 2:00]
Spuštěný z: d:\documents and settings\KosÝkovi\Plocha\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\system32\dllcache\dlimport.exe
d:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-08 do 2012-06-08 )))))))))))))))))))))))))))))))
.
.
2012-06-08 13:00 . 2012-06-08 13:00 -------- d-----w- D:\rsit
2012-06-08 13:00 . 2012-06-08 13:00 -------- d-----w- d:\program files\trend micro
2012-06-07 18:08 . 2012-06-07 18:08 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\NVIDIA
2012-06-07 18:05 . 2012-06-07 18:54 -------- d-----w- d:\program files\Counter-Strike 1.6
2012-06-07 17:54 . 2012-06-07 17:54 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA Corporation
2012-06-07 17:53 . 2012-06-07 17:53 -------- d-----w- d:\documents and settings\UpdatusUser
2012-06-07 17:53 . 2012-05-15 09:43 253952 ----a-w- d:\windows\system32\nvrsth.dll
2012-06-07 17:52 . 2012-05-15 10:18 65536 ----a-w- d:\windows\system32\OpenCL.dll
2012-06-07 17:52 . 2012-06-07 17:52 1074636 ----a-w- d:\windows\system32\nvdrsdb0.bin
2012-06-07 17:52 . 2012-06-07 17:52 1 ----a-w- d:\windows\system32\nvdrssel.bin
2012-06-07 17:52 . 2012-06-07 17:52 1074636 ----a-w- d:\windows\system32\nvdrsdb1.bin
2012-06-07 17:52 . 2012-05-15 10:18 883008 ----a-w- d:\windows\system32\nvgenco32.dll
2012-06-07 17:52 . 2012-05-15 10:18 2530624 ----a-w- d:\windows\system32\nvcuvid.dll
2012-06-07 17:52 . 2012-05-15 10:18 2445120 ----a-w- d:\windows\system32\nvcuvenc.dll
2012-06-07 17:52 . 2012-05-15 10:18 1000768 ----a-w- d:\windows\system32\nvdispco32.dll
2012-06-07 17:52 . 2012-05-15 10:18 6012928 ----a-w- d:\windows\system32\nvcuda.dll
2012-06-07 17:52 . 2012-05-15 10:18 17543168 ----a-w- d:\windows\system32\nvcompiler.dll
2012-06-07 17:51 . 2012-06-07 17:54 -------- d-----w- d:\program files\NVIDIA Corporation
2012-06-07 17:51 . 2012-06-07 17:51 -------- d-----w- D:\NVIDIA
2012-06-07 17:09 . 2012-06-07 17:09 -------- d-----w- d:\program files\Common Files\Java
2012-06-07 17:09 . 2012-06-07 17:09 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Sun
2012-06-07 17:08 . 2012-06-07 17:08 -------- d-----w- d:\program files\Oracle
2012-06-07 17:08 . 2012-06-07 17:08 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Oracle
2012-06-07 17:08 . 2012-04-04 16:47 772504 ----a-w- d:\windows\system32\npDeployJava1.dll
2012-06-07 17:01 . 2012-06-07 17:53 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA
2012-06-07 17:01 . 2012-06-07 17:01 -------- d-----w- d:\windows\Sun
2012-06-07 16:10 . 2012-05-08 16:35 29528 ----a-w- d:\windows\system32\SmartDefragBootTime.exe
2012-06-07 16:09 . 2012-06-07 16:09 -------- d-----w- d:\program files\ffdshow
2012-06-07 16:09 . 2010-11-26 16:02 14776 ----a-w- d:\windows\system32\drivers\SmartDefragDriver.sys
2012-06-07 15:58 . 2012-02-23 12:25 21336 ----a-w- d:\windows\system32\RegistryDefragBootTime.exe
2012-06-07 15:47 . 2012-06-07 15:47 -------- d-----w- d:\windows\system32\config\systemprofile\Data aplikací\IObit
2012-06-07 15:35 . 2012-06-07 15:35 -------- d-----w- d:\program files\DAEMON Tools Lite
2012-06-07 15:35 . 2012-06-07 16:51 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\DAEMON Tools Lite
2012-06-07 15:33 . 2012-06-07 16:09 -------- d-----w- d:\documents and settings\All Users\Data aplikací\IObit
2012-06-07 15:33 . 2012-06-08 07:27 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\IObit
2012-06-07 15:33 . 2012-06-07 15:50 -------- d-----w- d:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-06-07 15:33 . 2012-06-07 16:10 -------- d-----w- d:\program files\IObit
2012-05-29 15:16 . 2012-05-29 15:16 -------- d-----w- d:\documents and settings\LocalService\Data aplikací\TuneUp Software
2012-05-27 08:26 . 2012-05-27 08:26 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Stardock
2012-05-26 14:48 . 2012-05-26 14:48 -------- d-----w- D:\ProgramData
2012-05-26 14:20 . 2012-05-26 14:20 -------- d--h--w- d:\documents and settings\All Users\Data aplikací\Common Files
2012-05-26 14:19 . 2012-05-29 18:46 29024 ----a-w- d:\windows\system32\uxtuneup.dll
2012-05-26 14:18 . 2012-05-26 14:18 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\CRE
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\program files\Conduit
2012-05-26 14:17 . 2012-06-07 17:00 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\uTorrentControl2
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Conduit
2012-05-26 14:17 . 2012-05-26 14:17 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Temp
2012-05-26 14:17 . 2012-05-26 17:53 -------- d-----w- d:\program files\uTorrent
2012-05-26 14:16 . 2012-06-07 15:39 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\uTorrent
2012-05-26 14:11 . 2012-05-29 18:46 31584 ----a-w- d:\windows\system32\TURegOpt.exe
2012-05-26 14:10 . 2012-05-26 14:10 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\TuneUp Software
2012-05-26 14:09 . 2012-06-02 07:36 -------- d-----w- d:\program files\TuneUp Utilities 2012
2012-05-26 14:08 . 2012-05-26 14:11 -------- d-----w- d:\documents and settings\All Users\Data aplikací\TuneUp Software
2012-05-26 14:07 . 2012-05-26 14:07 -------- d-sh--w- d:\documents and settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-05-26 08:30 . 2012-05-26 08:30 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Stardock
2012-05-26 08:30 . 2012-05-26 08:30 -------- dc-h--w- d:\documents and settings\All Users\Data aplikací\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2012-05-26 08:30 . 2012-05-26 08:30 -------- d-----w- d:\program files\Stardock
2012-05-26 08:29 . 2012-05-26 08:29 -------- d-----w- d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\PackageAware
2012-05-17 16:51 . 2012-05-17 16:51 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\Leadertech
2012-05-15 19:36 . 2012-05-15 19:36 107888 ----a-w- d:\windows\system32\CmdLineExt.dll
2012-05-15 19:25 . 2012-05-15 19:31 -------- d-----w- d:\documents and settings\Kosíkovi\Data aplikací\vlc
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-08 12:56 . 2012-03-02 20:40 235 ----a-w- d:\windows\system32\nxEuUninstall.bat
2012-06-08 12:56 . 2012-03-02 20:40 446464 ----a-w- d:\windows\NEXON_EU_DownloaderUpdater.exe
2012-06-07 15:35 . 2012-03-02 20:52 477240 ----a-w- d:\windows\system32\drivers\sptd.sys
2012-05-31 13:22 . 2002-09-20 18:03 602112 ----a-w- d:\windows\system32\crypt32.dll
2012-05-15 10:18 . 2012-03-02 20:38 4373248 ----a-w- d:\windows\system32\nv4_disp.dll
2012-05-15 10:18 . 2012-03-02 20:36 14014656 ----a-w- d:\windows\system32\drivers\nv4_mini.sys
2012-05-15 10:18 . 2007-05-10 22:03 2359808 ----a-w- d:\windows\system32\nvapi.dll
2012-05-15 10:18 . 2007-05-10 22:03 18771968 ----a-w- d:\windows\system32\nvoglnt.dll
2012-05-15 09:43 . 2007-05-10 22:03 229376 ----a-w- d:\windows\system32\nvrszhc.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrsit.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrssv.dll
2012-05-15 09:43 . 2007-05-10 22:03 126976 ----a-w- d:\windows\system32\nvrszht.dll
2012-05-15 09:43 . 2007-05-10 22:03 335872 ----a-w- d:\windows\system32\nvrsar.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrsel.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsnl.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsesm.dll
2012-05-15 09:43 . 2007-05-10 22:03 266240 ----a-w- d:\windows\system32\nvrsko.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrseng.dll
2012-05-15 09:43 . 2007-05-10 22:03 335872 ----a-w- d:\windows\system32\nvrshe.dll
2012-05-15 09:43 . 2007-05-10 22:03 286720 ----a-w- d:\windows\system32\nvrsfr.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrspt.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrssl.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrsno.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrsfi.dll
2012-05-15 09:43 . 2007-05-10 22:03 282624 ----a-w- d:\windows\system32\nvrses.dll
2012-05-15 09:43 . 2007-05-10 22:03 270336 ----a-w- d:\windows\system32\nvrsru.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrssk.dll
2012-05-15 09:43 . 2007-05-10 22:03 262144 ----a-w- d:\windows\system32\nvrshu.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrstr.dll
2012-05-15 09:43 . 2007-05-10 22:03 253952 ----a-w- d:\windows\system32\nvrsda.dll
2012-05-15 09:43 . 2007-05-10 22:03 274432 ----a-w- d:\windows\system32\nvrsja.dll
2012-05-15 09:43 . 2007-05-10 22:03 258048 ----a-w- d:\windows\system32\nvrspl.dll
2012-05-15 09:43 . 2007-05-10 22:03 278528 ----a-w- d:\windows\system32\nvrsde.dll
2012-05-15 09:43 . 2007-05-10 22:03 270336 ----a-w- d:\windows\system32\nvrsptb.dll
2012-05-15 09:43 . 2007-05-10 22:03 249856 ----a-w- d:\windows\system32\nvrscs.dll
2012-05-15 09:40 . 2007-05-10 22:03 54272 ----a-w- d:\windows\system32\nvwddi.dll
2012-05-15 09:40 . 2007-05-10 22:03 15504192 ----a-w- d:\windows\system32\nvcpl.dll
2012-05-15 09:40 . 2007-05-10 22:03 143680 ----a-w- d:\windows\system32\nvcolor.exe
2012-05-15 09:40 . 2007-05-10 22:03 164160 ----a-w- d:\windows\system32\nvsvc32.exe
2012-05-15 09:40 . 2007-05-10 22:03 108352 ----a-w- d:\windows\system32\nvmctray.dll
2012-04-11 13:55 . 2002-09-20 17:12 2028544 ----a-w- d:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2002-09-20 17:41 1862272 ----a-w- d:\windows\system32\win32k.sys
2012-04-11 13:55 . 2002-09-20 17:12 2150400 ----a-w- d:\windows\system32\ntoskrnl.exe
2012-04-04 16:47 . 2012-03-02 20:53 143872 ----a-w- d:\windows\system32\javacpl.cpl
2012-04-04 16:47 . 2012-03-02 20:53 687504 ----a-w- d:\windows\system32\deployJava1.dll
2012-03-20 11:11 . 2012-03-03 07:44 151880 ----a-w- d:\windows\system32\mfevtps.exe
2012-03-11 16:06 . 2002-09-20 18:04 219648 ----a-w- d:\windows\system32\uxtheme.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 07:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\8 Skin Pack\Backup\comres.dll
[-] 2008-04-14 07:51 . 2E910A688E082303276D65B1A6DD1397 . 1495040 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 07:51 . 2E910A688E082303276D65B1A6DD1397 . 1495040 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[-] 2001-10-25 13:00 . 7ED4531538DC4E894A402C2FEE7B6E1F . 806912 . . [2001.12.4414.42] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\8 Skin Pack\Backup\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . DFB156EBB9B39FC3EDDC6EE1DFEE319E . 694784 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2002-09-20 . 018875C2BB77F304A7CF7153E088DAAA . 557056 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2002-09-20 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\8 Skin Pack\Backup\user32.dll
[-] 2008-04-14 . 222B525D2E73A6AE77D18095623D9FC4 . 644608 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . 222B525D2E73A6AE77D18095623D9FC4 . 644608 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[-] 2002-09-20 . 8A4AC21E2A55ECA66FBC5EDD40231845 . 560128 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . 5AAC566719B2DFC24DFFE22290EDC16C . 1658880 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\8 Skin Pack\Backup\explorer.exe
[-] 2008-04-14 . 5AAC566719B2DFC24DFFE22290EDC16C . 1658880 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[-] 2002-09-20 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 7E730C7FB7F549A609A119BD00E072FF . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\8 Skin Pack\Backup\regedit.exe
[-] 2008-04-14 . 7E730C7FB7F549A609A119BD00E072FF . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[-] 2002-09-20 . CACBD69B163C20EF7D56593C28783F8D . 135680 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2011-11-01 . ED9B683C7A8BBAAAB9B377197D20832C . 1288192 . . [5.1.2600.6168] . . d:\windows\8 Skin Pack\Backup\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\system32\ole32.dll
[-] 2011-11-01 . F659C1652A9A556554C5F079F4AC4040 . 1340928 . . [5.1.2600.6168] . . d:\windows\system32\dllcache\ole32.dll
[7] 2011-11-01 . B5EEF42BC72418EECC3DD3D93B2B5F34 . 1288704 . . [5.1.2600.6168] . . d:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\$NtUninstallKB2624667$\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2002-09-20 . 6029A062E9D2E3CD3F99C5102A7A690C . 1169920 . . [5.1.2600.1106] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\8 Skin Pack\Backup\iexplore.exe
[-] 2009-03-08 . EA2AD4EF880BE3678CC8F3F31DCF7B52 . 549216 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . EA2AD4EF880BE3678CC8F3F31DCF7B52 . 549216 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . d:\windows\ie8\iexplore.exe
[-] 2002-09-20 . 64648D2C0606543B795103FFF6BF30A7 . 91136 . . [6.00.2800.1106] . . d:\windows\$NtServicePackUninstall$\iexplore.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- d:\program files\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{687578B9-7132-4A7A-80E4-30EE31099E03}"= "d:\program files\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 19:11 2872120 ----a-w- d:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="d:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"LightScribe Control Panel"="d:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-06-20 2736128]
"Advanced SystemCare 5"="d:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"KPeerNexonEU"="d:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-06-07 438272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-20 18670592]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"mcui_exe"="d:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]
"IObit Malware Fighter"="d:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-05-09 4464472]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"nwiz"="d:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
d:\documents and settings\Kosíkovi\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "d:\program files\Stardock\Fences\FencesMenu.dll" [2010-06-22 202088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"KPeerNexonEU"=d:\nexon\NEXON_EU_Downloader\nxEULauncher.exe
"Google Update"="d:\documents and settings\Kosíkovi\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" /MINIMIZED
"CTFMON.EXE"=d:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl10"="d:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe"
"NeroFilterCheck"=d:\windows\system32\NeroCheck.exe
"BDRegion"=d:\program files\Cyberlink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"d:\nexon\Combat Arms EU\CombatArms.exe"= d:\nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe
"d:\\Nexon\\Combat Arms EU\\NMService.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"h:\\Hry\\Assassins creed Revelations\\ACRSP.exe"=
"h:\\Hry\\Assassins creed Revelations\\ACRMP.exe"=
"h:\\Hry\\Assassins creed Revelations\\AssassinsCreedRevelations.exe"=
"d:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\nexon\Combat Arms EU\Engine.exe"= d:\nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe
"d:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
.
R0 SmartDefragDriver;SmartDefragDriver;d:\windows\system32\drivers\SmartDefragDriver.sys [7.6.2012 18:09 14776]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 mfetdi2k;McAfee Inc. mfetdi2k;d:\windows\system32\drivers\mfetdi2k.sys [3.3.2012 13:02 89792]
R1 MOBKFilter;MOBKFilter;d:\windows\system32\drivers\MOBK.sys [3.3.2012 13:36 54776]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/03/02 21:56];d:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2.3.2012 22:08 87536]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\IObit\Advanced SystemCare 5\ASCService.exe [7.6.2012 17:33 913752]
R2 IMFservice;IMF Service;d:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [7.6.2012 18:10 821592]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 McMPFSvc;McAfee Personal Firewall Service;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 McNaiAnn;McAfee VirusScan Announcer;"d:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3.3.2012 13:02 214904]
R2 mfefire;McAfee Firewall Core Service;d:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [3.3.2012 13:02 161632]
R2 mfevtp;McAfee Validation Trust Protection Service;d:\windows\system32\mfevtps.exe [3.3.2012 9:44 151880]
R2 MOBKbackup;1%;d:\program files\McAfee Online Backup\MOBKbackup.exe [13.4.2010 21:11 229688]
R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [7.6.2012 19:53 1262400]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;d:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [29.5.2012 20:46 1528672]
R3 cfwids;McAfee Inc. cfwids;d:\windows\system32\drivers\cfwids.sys [3.3.2012 13:02 57600]
R3 EagleXNt;EagleXNt;\??\d:\windows\system32\drivers\EagleXNt.sys --> d:\windows\system32\drivers\EagleXNt.sys [?]
R3 FileMonitor;FileMonitor;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [7.6.2012 18:10 246816]
R3 mfefirek;McAfee Inc. mfefirek;d:\windows\system32\drivers\mfefirek.sys [3.3.2012 13:02 340920]
R3 mfendiskmp;mfendiskmp;d:\windows\system32\drivers\mfendisk.sys [3.3.2012 13:02 83856]
R3 RegFilter;RegFilter;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [7.6.2012 18:10 30368]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;d:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [20.10.2011 11:48 10064]
R3 UrlFilter;UrlFilter;d:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [7.6.2012 18:10 16208]
S3 Ambfilt;Ambfilt;d:\windows\system32\drivers\Ambfilt.sys [2.3.2012 22:26 1684736]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;d:\windows\system32\drivers\mfendisk.sys [3.3.2012 13:02 83856]
S3 mferkdet;McAfee Inc. mferkdet;d:\windows\system32\drivers\mferkdet.sys [3.3.2012 13:02 87656]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - UXLIQPOD
*Deregistered* - mfeavfk01
*Deregistered* - uxliqpod
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 14:05 451872 ----a-w- d:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-08 d:\windows\Tasks\ASC5_AutoClean.job
- d:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-06-07 08:49]
.
2012-06-07 d:\windows\Tasks\ASC5_AutoUpdate.job
- d:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-06-07 17:13]
.
2012-06-08 d:\windows\Tasks\SmartDefrag_Startup.job
- d:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-06-07 14:19]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.30.254 192.168.0.1
Name-Space Handler: ftp\FD - {3BF4771A-18F5-4EAB-80B7-AC254D3C7503} - d:\progra~1\FRESHD~1\FRESHD~1\fdcatch.dll
Name-Space Handler: http\FD - {3BF4771A-18F5-4EAB-80B7-AC254D3C7503} - d:\progra~1\FRESHD~1\FRESHD~1\fdcatch.dll
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-08 18:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1392)
d:\windows\system32\cscui.dll
d:\windows\system32\COMRes.dll
.
Celkový čas: 2012-06-08 18:34:09
ComboFix-quarantined-files.txt 2012-06-08 16:34
.
Před spuštěním: Volných bajtů: 24 230 539 264
Po spuštění: Volných bajtů: 25 233 465 344
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS.0="Microsoft Windows XP Home Edition" /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
C:\wubildr.mbr = "Ubuntu"
.
- - End Of File - - 4A1078563AEFF8658C6D4759922C3783