Zdravím,
mám problém s ntb, všechno nabíhá pomalu, zamrzá.. přikládám RSIT log. Předem děkuju za pomoc.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-01-24 02:53:27
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 46 GB (67%) free of 69 GB
Total RAM: 1919 MB (62% free)
HijackThis download failed
======Scheduled tasks folder======
D:\WINDOWS\tasks\Defraggler Volume C Task.job
D:\WINDOWS\tasks\Defraggler Volume D Task.job
D:\WINDOWS\tasks\Defraggler Volume G Task.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=D:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"SMSERIAL"=D:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=D:\Program Files\Atheros\ACU.exe [2006-07-04 336001]
"ASUS Live Update"=D:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"StatusClient"=D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WD Drive Manager"=D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-05-27 450560]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"FLMOFFICE4DMOUSE"=D:\Program Files\Labtec\Mouse\2.1\moffice.exe [2009-12-10 958464]
"NWEReboot"= []
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"=C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 []
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Nastavení myši Labtec.lnk - D:\Program Files\Software laserové myši Labtec\MulMouse.exe
WDDMStatus.lnk - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-01-16 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\WINDOWS\system32\mmc.exe"="D:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.scr - open - D:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-01-24 02:53:28 ----D---- D:\Program Files\trend micro
2010-01-24 02:53:27 ----D---- D:\rsit
2010-01-24 02:18:18 ----A---- D:\WINDOWS\ntbtlog.txt
2010-01-24 01:58:54 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-01-24 00:22:34 ----D---- D:\WINDOWS\setup.pss
2010-01-23 10:54:51 ----SHD---- D:\RECYCLER
2010-01-23 05:06:07 ----A---- D:\ComboFix.txt
2010-01-22 23:51:49 ----D---- D:\Program Files\Common Files\ParallelGraphics
2010-01-22 23:46:55 ----D---- D:\Program Files\PlotSoft
2010-01-22 23:46:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\PlotSoft
2010-01-22 23:44:45 ----D---- D:\Program Files\HTTP Debugger Pro
2010-01-22 17:20:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\Greenshot
2010-01-22 00:24:31 ----D---- D:\WINDOWS\pss
2010-01-21 09:18:44 ----D---- D:\Program Files\GRISOFT
2010-01-21 08:58:58 ----A---- D:\WINDOWS\system32\tmp.txt
2010-01-21 08:58:30 ----A---- D:\rapport.txt
2010-01-20 23:22:29 ----D---- D:\Program Files\Microsoft WSE
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsqlgc.dll
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsgnet.dll
2010-01-20 22:53:53 ----D---- D:\Program Files\Microsoft SQL Server
2010-01-20 22:24:59 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-01-20 22:24:50 ----HDC---- D:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-20 22:24:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-01-20 22:24:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-01-20 22:24:02 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-01-20 22:23:16 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-01-20 22:08:46 ----D---- D:\Program Files\MSXML 4.0
2010-01-20 22:08:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-01-20 22:07:56 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2010-01-20 22:06:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-01-20 22:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-01-20 21:41:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Ahead
2010-01-20 21:38:18 ----D---- D:\Program Files\Nero
2010-01-20 21:25:00 ----A---- D:\WINDOWS\UPGRADE.TXT
2010-01-20 03:21:36 ----A---- D:\WINDOWS\NIRCMD.exe
2010-01-20 03:21:36 ----A---- D:\WINDOWS\MBR.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\zip.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWXCACLS.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWSC.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWREG.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\sed.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\PEV.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\grep.exe
2010-01-13 22:46:23 ----A---- D:\WINDOWS\ROZPOCTY.INI
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xfontman.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xaradocg.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\BMPImporter.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templop.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templman.dll
2010-01-04 13:25:20 ----D---- D:\Program Files\Common Files\Ahead
2010-01-04 13:22:24 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2010-01-04 00:04:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-01-03 15:38:35 ----D---- D:\Program Files\Musicnotes
2010-01-03 02:26:50 ----D---- D:\Program Files\Advanced PDF to IMAGE converter
2010-01-02 22:28:43 ----D---- D:\Documents and Settings\Petr\Data aplikací\Foxit Software
2009-12-28 22:27:01 ----D---- D:\Program Files\Software602
======List of files/folders modified in the last 1 months======
2010-01-24 02:53:28 ----RD---- D:\Program Files
2010-01-24 02:53:14 ----D---- D:\WINDOWS\Prefetch
2010-01-24 02:50:21 ----D---- D:\WINDOWS\Temp
2010-01-24 02:43:33 ----D---- D:\WINDOWS\system32\CatRoot2
2010-01-24 02:43:32 ----D---- D:\WINDOWS
2010-01-24 00:54:30 ----D---- D:\WINDOWS\system32\LogFiles
2010-01-23 22:23:56 ----HD---- D:\WINDOWS\inf
2010-01-23 22:23:51 ----D---- D:\Documents and Settings
2010-01-23 17:37:32 ----D---- D:\WINDOWS\system32\drivers
2010-01-23 10:54:35 ----D---- D:\WINDOWS\system32
2010-01-23 05:06:12 ----AD---- D:\Qoobox
2010-01-23 05:00:18 ----A---- D:\WINDOWS\system.ini
2010-01-23 04:54:04 ----D---- D:\WINDOWS\AppPatch
2010-01-23 04:53:59 ----AD---- D:\Program Files\Common Files
2010-01-23 02:44:27 ----D---- D:\WINDOWS\system32\config
2010-01-23 02:44:00 ----D---- D:\WINDOWS\ERDNT
2010-01-23 00:58:29 ----A---- D:\WINDOWS\WINCMD.INI
2010-01-23 00:48:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\Skype
2010-01-22 23:52:08 ----SHD---- D:\WINDOWS\Installer
2010-01-22 23:52:08 ----D---- D:\Config.Msi
2010-01-22 18:58:50 ----D---- D:\Program Files\Mozilla Thunderbird
2010-01-22 17:50:39 ----D---- D:\Program Files\Mozilla Firefox
2010-01-22 17:19:17 ----A---- D:\WINDOWS\win.ini
2010-01-21 22:51:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\Autodesk
2010-01-21 22:44:15 ----D---- D:\Program Files\Autodesk
2010-01-21 22:36:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-01-21 22:33:38 ----D---- D:\Program Files\Common Files\Autodesk Shared
2010-01-21 22:20:38 ----RSD---- D:\WINDOWS\Fonts
2010-01-21 10:19:42 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-01-21 03:50:36 ----HDC---- D:\WINDOWS\$NtUninstallKB973525$
2010-01-21 02:57:35 ----D---- D:\WINDOWS\Registration
2010-01-21 02:51:23 ----D---- D:\WINDOWS\Debug
2010-01-21 02:47:13 ----RSD---- D:\WINDOWS\assembly
2010-01-20 23:03:40 ----SD---- D:\WINDOWS\Downloaded Program Files
2010-01-20 22:25:02 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-20 22:24:39 ----HD---- D:\WINDOWS\$hf_mig$
2010-01-20 22:08:48 ----D---- D:\WINDOWS\WinSxS
2010-01-20 22:07:49 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-20 02:30:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-20 02:30:01 ----D---- D:\WINDOWS\Minidump
2010-01-20 02:25:08 ----D---- D:\Program Files\Microsoft Office
2010-01-20 02:23:26 ----D---- D:\Program Files\Common Files\Bluebeam Software
2010-01-20 02:22:43 ----D---- D:\Program Files\Common Files\SolidWorks Shared
2010-01-20 02:18:18 ----D---- D:\WINDOWS\system32\ShellExt
2010-01-19 00:59:47 ----D---- D:\Documents and Settings\Petr\Data aplikací\Alibre Design
2010-01-18 17:35:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-01-15 01:10:47 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-01-14 11:57:16 ----D---- D:\UniScan
2010-01-11 20:43:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\ColorImpact3
2010-01-09 21:12:17 ----D---- D:\WINDOWS\system32\NtmsData
2010-01-05 12:04:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-01-05 02:34:58 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-05 02:30:57 ----D---- D:\Program Files\Defraggler
2010-01-05 02:30:56 ----SD---- D:\WINDOWS\Tasks
2010-01-04 16:17:48 ----A---- D:\WINDOWS\system32\MRT.exe
2010-01-04 13:20:48 ----D---- D:\WINDOWS\system32\DirectX
2010-01-01 08:03:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\skypePM
2009-12-27 02:03:15 ----D---- D:\Program Files\Google
2009-12-26 01:55:02 ----D---- D:\Documents and Settings\Petr\Data aplikací\avidemux
2009-12-25 12:12:56 ----DC---- D:\WINDOWS\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; D:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-07 21275]
R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; D:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-01-16 1957376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft AC Adapter Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; D:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 moufiltr;Labtec Wireless Laser Mouse; D:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-05-07 13824]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Stroage Device; D:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 tosporte;Bluetooth COM Port; D:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; D:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 41011;41011; \??\D:\WINDOWS\system32\41011.sys []
S3 apqt56rn;apqt56rn; D:\WINDOWS\system32\drivers\apqt56rn.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 catchme;catchme; \??\D:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 ivusb;Initio Driver for USB Default Controller; D:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; D:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS; D:\WINDOWS\System32\Drivers\tosrfbd.sys [2007-04-24 113920]
S3 Tosrfbnp;Bluetooth RFBNEP; D:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:\WINDOWS\system32\drivers\TosRfSnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; D:\WINDOWS\System32\Drivers\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; D:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
R2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:\WINDOWS\System32\StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-05-27 102400]
R2 WDDMService;WD SmartWare Drive Manager; D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ACS;Atheros Configuration Service; D:\WINDOWS\system32\acs.exe [2009-11-12 278613]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-13 133104]
S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; D:\Flexlm\lmgrd.exe []
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-11 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hetbipqvewfg;hetbipqvewfg; D:\WINDOWS\system32\drivers\hetbipqvewfg.sys [2010-01-23 8576]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 UDGY;UDGY; D:\DOCUME~1\Petr\LOCALS~1\Temp\UDGY.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WXXLRUX;WXXLRUX; D:\DOCUME~1\Petr\LOCALS~1\Temp\WXXLRUX.exe []
S4 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-01-16 438272]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný ntb, zamrzá, nabíhá pomalu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
20.1. jste dělal sken ComboFix. Dejte z něj log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Test proběhl 2x. Přikládám oba dva výpisy:
1.:
ComboFix 10-01-19.03 - Petr 20.01.2010 10:15:53.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1273 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100120-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 09:01 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-20_02.35.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 09:12 . 2010-01-20 09:12 16384 d:\windows\Temp\Perflib_Perfdata_770.dat
+ 2010-01-20 09:13 . 2010-01-20 09:13 16384 d:\windows\Temp\Perflib_Perfdata_264.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 10:27
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Data]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Networking]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for Oracle]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for SqlServer]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NETFramework]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aavmker4]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ABBYY.Licensing.FineReader.Professional.9.0]
"ImagePath"="\"d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe\" -service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Abiosdsk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\abp480n5]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACS]
"ImagePath"="d:\windows\system32\acs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\adpu160m]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AegisP]
"ImagePath"="system32\DRIVERS\AegisP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aha154x]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78u2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78xx]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AliIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\amsint]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5211]
"ImagePath"="system32\DRIVERS\ar5211.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5416]
"ImagePath"="system32\DRIVERS\athw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3350p]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3550]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_1.1.4322]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_2.0.50727]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aspi32]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswFsBlk]
"ImagePath"="system32\DRIVERS\aswFsBlk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswMon2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswRdr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswSP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswTdi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswUpdSv]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\aswUpdSv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AtcL002]
"ImagePath"="system32\DRIVERS\atl02_xp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ati HotKey Poller]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ati2mtag]
"ImagePath"="system32\DRIVERS\ati2mtag.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atierecord]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Autodesk Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Antivirus]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashServ.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Mail Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashMaiSv.exe\" /service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Web Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashWebSv.exe\" /service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Beep]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Bonjour Service]
"ImagePath"="\"d:\program files\Bonjour\mDNSResponder.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthEnum]
"ImagePath"="system32\DRIVERS\BthEnum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthPan]
"ImagePath"="system32\DRIVERS\bthpan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHPORT]
"ImagePath"="System32\Drivers\BTHport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthServ]
"ServiceDll"="%SystemRoot%\System32\bthserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHUSB]
"ImagePath"="System32\Drivers\BTHUSB.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\catchme]
"ImagePath"="\??\d:\docume~1\Petr\LOCALS~1\Temp\catchme.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cbidf2k]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cd20xrnt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdaudio]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Changer]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdAgent]
"ImagePath"="\"d:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdGuard]
"ImagePath"="System32\DRIVERS\cmdguard.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdHlp]
"ImagePath"="System32\DRIVERS\cmdhlp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmdIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\COMSysApp]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentFilter]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentIndex]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cpqarray]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac2w2k]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac960nt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dpti2o]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EC168BDA]
"ImagePath"="system32\DRIVERS\EC168BDA.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EventSystem]
"ServiceDll"="d:\windows\system32\es.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fastfat]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fdc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fips]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FLEXnet Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Flpydisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FontCache3.0.0.0]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fs_Rec]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gupdate]
"ImagePath"="\"d:\program files\Google\Update\GoogleUpdate.exe\" /svc"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gusvc]
"ImagePath"="\"d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hpn]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omgmt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omp]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IDriverT]
"ImagePath"="\"d:\program files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\idsvc]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\inetaccs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ini910u]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inport]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inspect]
"ImagePath"="System32\DRIVERS\inspect.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntelIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ip6Fw]
"ImagePath"="system32\drivers\ip6fw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ISAPISearch]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ivusb]
"ImagePath"="system32\DRIVERS\ivusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\JavaQuickStarterService]
"ImagePath"="\"d:\program files\Java\jre6\bin\jqs.exe\" -service -config \"d:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\KSecDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lbrtfdc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ldap]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LicenseService]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mcdbus]
"ImagePath"="system32\DRIVERS\mcdbus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmdd]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmsrvc]
"ImagePath"="d:\windows\system32\mnmsrvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Modem]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MODEMCSA]
"ImagePath"="system32\drivers\MODEMCSA.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\moufiltr]
"ImagePath"="system32\DRIVERS\moufiltr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MountMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MPE]
"ImagePath"="system32\DRIVERS\MPE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mraid35x]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC]
"ImagePath"="d:\windows\system32\msdtc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC Bridge 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Msfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSIServer]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MTsensor]
"ImagePath"="system32\DRIVERS\ATKACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mup]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDIS]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetTcpPortSharing]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccess]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccessU]
"ImagePath"="c:\program files\CDBurnerXP\NMSAccessU.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcd]
"ImagePath"="system32\drivers\ccdcmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcdc]
"ImagePath"="system32\drivers\ccdcmbo.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Npfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ntfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Null]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\odserv]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ose]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Parport]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PartMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ParVdm]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\pccsmcfd]
"ImagePath"="system32\DRIVERS\pccsmcfd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIDump]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRELI]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2hib]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfNet]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfOS]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfProc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pml Driver HPZ12]
"ImagePath"="d:\windows\system32\HPZipm12.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1080]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ql10wnt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql12160]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1240]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1280]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPNP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPWD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDSessMgr]
"ImagePath"="d:\windows\system32\sessmgr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RFCOMM]
"ImagePath"="system32\DRIVERS\rfcomm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RTSTOR]
"ImagePath"="system32\drivers\RTSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sentinel]
"ImagePath"="\SystemRoot\System32\Drivers\SENTINEL.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Serial]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceLayer]
"ImagePath"="\"d:\program files\PC Connectivity Solution\ServiceLayer.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelEndpoint 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelOperation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelService 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\smserial]
"ImagePath"="system32\DRIVERS\smserial.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SMSvcHost 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SolidWorks SolidNetWork License Manager]
"ImagePath"="d:\flexlm\lmgrd.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sparrow]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StarOpen]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkCMini]
"ImagePath"="System32\Drivers\StkCMini.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkSSrv]
"ImagePath"="%SystemRoot%\System32\StkCSrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SwPrv]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{B831D5FD-0681-4EAB-9657-3ED99606C662}"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swwd]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc810]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc8xx]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_hi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_u3]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDTCP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TOSHIBA Bluetooth Service]
"ImagePath"="d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\toshidpt]
"ImagePath"="system32\drivers\Toshidpt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosporte]
"ImagePath"="system32\DRIVERS\tosporte.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbd]
"ImagePath"="System32\Drivers\tosrfbd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbnp]
"ImagePath"="System32\Drivers\tosrfbnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfcom]
"ImagePath"="System32\Drivers\tosrfcom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfhid]
"ImagePath"="system32\DRIVERS\Tosrfhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosrfnds]
"ImagePath"="system32\DRIVERS\tosrfnds.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosRfSnd]
"ImagePath"="system32\drivers\TosRfSnd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfusb]
"ImagePath"="System32\Drivers\tosrfusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TSDDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TVICHW32]
"ImagePath"="\??\d:\windows\system32\DRIVERS\TVICHW32.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UDGY]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ultra]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upperdev]
"ImagePath"="system32\DRIVERS\usbser_lowerflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbser]
"ImagePath"="system32\DRIVERS\usbser.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbstor]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\USB_RNDIS]
"ImagePath"="system32\DRIVERS\usb8023k.sys"
--
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ViaIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W3SVC]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDBtnMgrSvc.exe]
"ImagePath"="\"d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDC_SAM]
"ImagePath"="system32\DRIVERS\wdcsam.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDDMService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDICA]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDSmartWareBackgroundService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Windows Workflow Foundation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Winsock]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinSock2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinTrust]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmdmPmSN]
"ServiceDll"="d:\windows\system32\MsPMSNSv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wmi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApSrv]
"ImagePath"="d:\windows\system32\wbem\wmiapsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WMPNetworkSvc]
"ImagePath"="\"d:\program files\Windows Media Player\WMPNetwk.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WS2IFSL]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WXXLRUX]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{07F34542-5134-4B77-A62F-64BC9CA6F6F9}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{6587D45A-4C75-463D-9E83-8844BB8E9C3A}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{921C2F14-C2CD-4FBE-A925-E771AE7F7CD1}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{D7D4A8A8-0901-4D1F-BA83-502CE2D3E811}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{E4E15F59-17E0-4758-AF52-928A8D274B5A}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{FD2D259D-D4BE-46CB-B65A-530E6DE6B9FC}]
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(840)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 10:32:42
ComboFix-quarantined-files.txt 2010-01-20 09:32
ComboFix2.txt 2010-01-20 02:40
ComboFix3.txt 2009-11-23 01:27
ComboFix4.txt 2009-11-23 00:55
ComboFix5.txt 2010-01-20 09:14
Před spuštěním: Volných bajtů: 50 278 645 760
Po spuštění: Volných bajtů: 50 228 142 080
Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 7FE3972FF62C30F2B0A49175F63719FB
1.:
ComboFix 10-01-19.03 - Petr 20.01.2010 10:15:53.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1273 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100120-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 09:01 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-20_02.35.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 09:12 . 2010-01-20 09:12 16384 d:\windows\Temp\Perflib_Perfdata_770.dat
+ 2010-01-20 09:13 . 2010-01-20 09:13 16384 d:\windows\Temp\Perflib_Perfdata_264.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 10:27
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Data]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Networking]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for Oracle]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for SqlServer]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NETFramework]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aavmker4]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ABBYY.Licensing.FineReader.Professional.9.0]
"ImagePath"="\"d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe\" -service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Abiosdsk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\abp480n5]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACS]
"ImagePath"="d:\windows\system32\acs.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\adpu160m]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AegisP]
"ImagePath"="system32\DRIVERS\AegisP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aha154x]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78u2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78xx]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AliIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\amsint]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5211]
"ImagePath"="system32\DRIVERS\ar5211.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5416]
"ImagePath"="system32\DRIVERS\athw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3350p]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3550]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_1.1.4322]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_2.0.50727]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aspi32]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswFsBlk]
"ImagePath"="system32\DRIVERS\aswFsBlk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswMon2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswRdr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswSP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswTdi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswUpdSv]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\aswUpdSv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AtcL002]
"ImagePath"="system32\DRIVERS\atl02_xp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atdisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ati HotKey Poller]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ati2mtag]
"ImagePath"="system32\DRIVERS\ati2mtag.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atierecord]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Autodesk Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Antivirus]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashServ.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Mail Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashMaiSv.exe\" /service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Web Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashWebSv.exe\" /service"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Beep]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Bonjour Service]
"ImagePath"="\"d:\program files\Bonjour\mDNSResponder.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthEnum]
"ImagePath"="system32\DRIVERS\BthEnum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthPan]
"ImagePath"="system32\DRIVERS\bthpan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHPORT]
"ImagePath"="System32\Drivers\BTHport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthServ]
"ServiceDll"="%SystemRoot%\System32\bthserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHUSB]
"ImagePath"="System32\Drivers\BTHUSB.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\catchme]
"ImagePath"="\??\d:\docume~1\Petr\LOCALS~1\Temp\catchme.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cbidf2k]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cd20xrnt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdaudio]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Changer]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdAgent]
"ImagePath"="\"d:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdGuard]
"ImagePath"="System32\DRIVERS\cmdguard.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdHlp]
"ImagePath"="System32\DRIVERS\cmdhlp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmdIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\COMSysApp]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentFilter]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentIndex]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cpqarray]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac2w2k]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac960nt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dpti2o]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EC168BDA]
"ImagePath"="system32\DRIVERS\EC168BDA.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EventSystem]
"ServiceDll"="d:\windows\system32\es.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fastfat]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fdc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fips]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FLEXnet Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Flpydisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FontCache3.0.0.0]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fs_Rec]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gupdate]
"ImagePath"="\"d:\program files\Google\Update\GoogleUpdate.exe\" /svc"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gusvc]
"ImagePath"="\"d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hpn]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omgmt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omp]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IDriverT]
"ImagePath"="\"d:\program files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\idsvc]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\inetaccs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ini910u]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inport]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inspect]
"ImagePath"="System32\DRIVERS\inspect.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntelIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ip6Fw]
"ImagePath"="system32\drivers\ip6fw.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ISAPISearch]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ivusb]
"ImagePath"="system32\DRIVERS\ivusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\JavaQuickStarterService]
"ImagePath"="\"d:\program files\Java\jre6\bin\jqs.exe\" -service -config \"d:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\KSecDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lbrtfdc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ldap]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LicenseService]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mcdbus]
"ImagePath"="system32\DRIVERS\mcdbus.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmdd]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmsrvc]
"ImagePath"="d:\windows\system32\mnmsrvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Modem]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MODEMCSA]
"ImagePath"="system32\drivers\MODEMCSA.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\moufiltr]
"ImagePath"="system32\DRIVERS\moufiltr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MountMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MPE]
"ImagePath"="system32\DRIVERS\MPE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mraid35x]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC]
"ImagePath"="d:\windows\system32\msdtc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC Bridge 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Msfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSIServer]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MTsensor]
"ImagePath"="system32\DRIVERS\ATKACPI.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mup]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDIS]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDProxy]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetTcpPortSharing]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccess]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccessU]
"ImagePath"="c:\program files\CDBurnerXP\NMSAccessU.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcd]
"ImagePath"="system32\drivers\ccdcmb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcdc]
"ImagePath"="system32\drivers\ccdcmbo.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Npfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ntfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Null]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\odserv]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ose]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Parport]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PartMgr]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ParVdm]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\pccsmcfd]
"ImagePath"="system32\DRIVERS\pccsmcfd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIDump]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pcmcia]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDCOMP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRELI]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRFRAME]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2hib]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfDisk]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfNet]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfOS]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfProc]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pml Driver HPZ12]
"ImagePath"="d:\windows\system32\HPZipm12.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1080]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ql10wnt]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql12160]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1240]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1280]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPNP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPWD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDSessMgr]
"ImagePath"="d:\windows\system32\sessmgr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RFCOMM]
"ImagePath"="system32\DRIVERS\rfcomm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RTSTOR]
"ImagePath"="system32\drivers\RTSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sentinel]
"ImagePath"="\SystemRoot\System32\Drivers\SENTINEL.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Serial]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceLayer]
"ImagePath"="\"d:\program files\PC Connectivity Solution\ServiceLayer.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelEndpoint 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelOperation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelService 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sfloppy]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Simbad]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\smserial]
"ImagePath"="system32\DRIVERS\smserial.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SMSvcHost 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SolidWorks SolidNetWork License Manager]
"ImagePath"="d:\flexlm\lmgrd.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sparrow]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StarOpen]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkCMini]
"ImagePath"="System32\Drivers\StkCMini.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkSSrv]
"ImagePath"="%SystemRoot%\System32\StkCSrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SwPrv]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{B831D5FD-0681-4EAB-9657-3ED99606C662}"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swwd]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc810]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc8xx]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_hi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_u3]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDPIPE]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDTCP]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TOSHIBA Bluetooth Service]
"ImagePath"="d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\toshidpt]
"ImagePath"="system32\drivers\Toshidpt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosporte]
"ImagePath"="system32\DRIVERS\tosporte.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbd]
"ImagePath"="System32\Drivers\tosrfbd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbnp]
"ImagePath"="System32\Drivers\tosrfbnp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfcom]
"ImagePath"="System32\Drivers\tosrfcom.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfhid]
"ImagePath"="system32\DRIVERS\Tosrfhid.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosrfnds]
"ImagePath"="system32\DRIVERS\tosrfnds.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosRfSnd]
"ImagePath"="system32\drivers\TosRfSnd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfusb]
"ImagePath"="System32\Drivers\tosrfusb.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TSDDD]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TVICHW32]
"ImagePath"="\??\d:\windows\system32\DRIVERS\TVICHW32.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Udfs]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UDGY]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ultra]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upperdev]
"ImagePath"="system32\DRIVERS\usbser_lowerflt.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbser]
"ImagePath"="system32\DRIVERS\usbser.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbstor]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\USB_RNDIS]
"ImagePath"="system32\DRIVERS\usb8023k.sys"
--
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ViaIde]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VolSnap]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W3SVC]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDBtnMgrSvc.exe]
"ImagePath"="\"d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDC_SAM]
"ImagePath"="system32\DRIVERS\wdcsam.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDDMService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDICA]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDSmartWareBackgroundService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Windows Workflow Foundation 3.0.0.0]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Winsock]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinSock2]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinTrust]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmdmPmSN]
"ServiceDll"="d:\windows\system32\MsPMSNSv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wmi]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApRpl]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApSrv]
"ImagePath"="d:\windows\system32\wbem\wmiapsrv.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WMPNetworkSvc]
"ImagePath"="\"d:\program files\Windows Media Player\WMPNetwk.exe\""
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WS2IFSL]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WXXLRUX]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{07F34542-5134-4B77-A62F-64BC9CA6F6F9}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{6587D45A-4C75-463D-9E83-8844BB8E9C3A}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{921C2F14-C2CD-4FBE-A925-E771AE7F7CD1}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{D7D4A8A8-0901-4D1F-BA83-502CE2D3E811}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{E4E15F59-17E0-4758-AF52-928A8D274B5A}]
[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{FD2D259D-D4BE-46CB-B65A-530E6DE6B9FC}]
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(840)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 10:32:42
ComboFix-quarantined-files.txt 2010-01-20 09:32
ComboFix2.txt 2010-01-20 02:40
ComboFix3.txt 2009-11-23 01:27
ComboFix4.txt 2009-11-23 00:55
ComboFix5.txt 2010-01-20 09:14
Před spuštěním: Volných bajtů: 50 278 645 760
Po spuštění: Volných bajtů: 50 228 142 080
Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 7FE3972FF62C30F2B0A49175F63719FB
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
a tady je 2.:
ComboFix 10-01-19.03 - Petr 20.01.2010 3:23.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100119-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\Winacprd0.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 01:49 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:26 . 2009-11-10 22:48 -------- d-----w- d:\program files\SolidWorks
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-20 01:03 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot@2009-11-12_13.16.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_76c.dat
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_71c.dat
+ 2006-09-28 16:56 . 2008-01-18 23:37 55296 d:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2008-01-18 23:37 87552 d:\windows\system32\WUDFCoinstaller.dll
+ 2009-11-19 21:05 . 2004-05-17 19:59 36864 d:\windows\system32\VectorizeForm.dll
+ 2009-11-19 21:05 . 2000-06-25 23:16 24576 d:\windows\system32\SysInfoServer.dll
+ 2009-11-19 21:05 . 1998-10-14 18:41 27648 d:\windows\system32\SSubTmr.dll
+ 2010-01-03 01:09 . 2007-09-14 09:42 90624 d:\windows\system32\spool\drivers\w32x86\3\tinypdf2.dll
+ 2010-01-03 01:09 . 2007-09-14 09:41 36352 d:\windows\system32\spool\drivers\w32x86\3\tinypdf.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 86105 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPLpr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:03 69721 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPFcs.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 41062 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCo2.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 94297 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPAPI.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 82012 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\InstNT.exe
+ 2009-12-10 12:03 . 2008-04-14 02:06 23040 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\mouclass.sys
+ 2009-12-10 12:03 . 2008-04-14 02:21 52096 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\i8042prt.sys
+ 2009-11-19 21:05 . 2000-06-25 23:14 24576 d:\windows\system32\RegServer.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 91136 d:\windows\system32\nmwcdcls.dll
- 2009-09-16 23:15 . 2009-02-09 06:37 91136 d:\windows\system32\nmwcdcls.dll
+ 2009-11-19 21:05 . 2002-02-16 09:48 24576 d:\windows\system32\N3DTypeLib.dll
+ 2009-01-22 03:16 . 2009-01-22 03:16 88904 d:\windows\system32\msxml4r.dll
+ 2009-03-25 10:43 . 2009-03-25 10:43 44544 d:\windows\system32\msxml4a.dll
+ 2009-09-11 21:47 . 2009-12-18 13:40 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2009-09-11 21:47 . 2009-10-06 21:23 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\DRVSTORE\moufiltr_8BC4FD94BD9C7DB1EC017BFDD34FE86096300CB6\moufiltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 22016 d:\windows\system32\DRVSTORE\ccdcmbo_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmbo.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 91136 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcls.dll
+ 2009-12-16 02:05 . 2009-10-06 10:52 17664 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmb.sys
+ 2006-09-28 17:00 . 2008-01-18 21:53 83328 d:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 16:55 . 2008-01-18 21:52 77696 d:\windows\system32\drivers\WudfPf.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\drivers\moufiltr.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2004-08-17 15:43 . 2008-04-14 02:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2006-03-02 12:00 . 2008-04-14 02:21 52096 d:\windows\system32\drivers\i8042prt.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\drivers\i8042prt.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 17664 d:\windows\system32\drivers\ccdcmb.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 17664 d:\windows\system32\drivers\ccdcmb.sys
+ 2009-11-23 01:41 . 2009-09-15 11:56 94160 d:\windows\system32\drivers\aswmon2.sys
+ 2009-11-23 01:41 . 2009-09-15 11:55 20560 d:\windows\system32\drivers\aswFsBlk.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\dllcache\mouclass.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\dllcache\i8042prt.sys
+ 2009-11-19 21:05 . 2006-03-28 07:23 49152 d:\windows\N3DScreenSaver.scr
+ 2009-12-05 22:41 . 2009-12-05 22:41 29926 d:\windows\Installer\{E7081891-BC7F-43F9-9CE6-B5DD2F497156}\_6FEFF9B68218417F98F549.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ARPPRODUCTICON.exe
+ 2009-12-16 02:11 . 2009-12-16 02:11 15086 d:\windows\Installer\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\ARPPRODUCTICON.exe
+ 2009-12-04 23:03 . 2009-12-04 23:03 25214 d:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-16 02:07 . 2009-12-16 02:07 10134 d:\windows\Installer\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}\ARPPRODUCTICON.exe
- 2009-09-16 20:04 . 2009-09-16 20:04 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-29 08:57 . 2009-11-29 08:57 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 79712 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.SimpleProviders\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.SimpleProviders.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 87904 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.MetadataStorage\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.MetadataStorage.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 63328 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Files\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Files.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 55808 d:\windows\$NtUninstallWudf01007$\wudfsvc.dll
+ 2009-12-16 02:15 . 2006-09-28 17:00 82944 d:\windows\$NtUninstallWudf01007$\wudfrd.sys
+ 2009-12-16 02:15 . 2006-09-28 16:55 77568 d:\windows\$NtUninstallWudf01007$\wudfpf.sys
+ 2009-12-16 02:15 . 2006-09-28 18:13 95344 d:\windows\$NtUninstallWudf01007$\wudfcoinstaller.dll
+ 2009-12-16 02:15 . 2008-01-18 21:53 72704 d:\windows\$NtUninstallWudf01007$\spuninst\WudfCustom.dll
+ 2009-10-29 10:01 . 2006-07-31 10:56 4096 d:\windows\system32\HUCoInstaller.dll
- 2009-10-29 10:01 . 2006-07-31 03:56 4096 d:\windows\system32\HUCoInstaller.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 8320 d:\windows\system32\DRVSTORE\nmwcdnsuc_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsuc.sys
+ 2009-12-10 12:03 . 2007-03-22 08:09 9600 d:\windows\system32\DRVSTORE\musbfltr_FCBE6EF47F1D2F77FED7F99727CE93012BFA5A10\MUsbFltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbm_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerflt.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbcj_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerfltj.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 7936 d:\windows\system32\drivers\usbser_lowerflt.sys
+ 2009-11-13 00:27 . 2009-11-13 00:27 9454 d:\windows\Installer\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}\_6FEFF9B68218417F98F549.exe
+ 2009-12-16 02:05 . 2009-12-16 02:05 3262 d:\windows\Installer\{6869591A-7DD8-46D2-837F-57CBF7358955}\ARPPRODUCTICON.exe
+ 2006-09-28 16:56 . 2008-01-18 23:37 305152 d:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2008-01-18 21:52 163840 d:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2008-01-18 23:33 142336 d:\windows\system32\WudfHost.exe
+ 2009-11-16 09:09 . 2007-09-14 07:06 139264 d:\windows\system32\uniflexsup.dll
+ 2009-11-13 00:26 . 2003-06-25 15:05 266360 d:\windows\system32\TweakUI.exe
+ 2010-01-03 01:09 . 2007-09-14 09:41 405504 d:\windows\system32\spool\drivers\w32x86\3\tinypdf1.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 225280 d:\windows\system32\ReinstallBackups\0007\DriverFiles\Tutorial.exe
+ 2009-12-10 12:03 . 2006-05-25 17:39 163840 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynZMetr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:02 786521 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPEnh.exe
+ 2009-12-10 12:03 . 2006-05-25 17:40 193088 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTP.sys
+ 2009-12-10 12:03 . 2006-05-25 17:39 147456 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynMood.exe
+ 2009-12-10 12:03 . 2006-05-25 18:04 557056 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynISDLL.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 114688 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCtrl.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 660480 d:\windows\system32\nmwcdcocls.dll
+ 2009-11-19 21:05 . 2003-09-27 20:41 356352 d:\windows\system32\N3DCommon.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-07-18 03:21 . 2009-07-18 03:21 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-10-28 03:31 . 2009-10-28 03:31 257440 d:\windows\system32\Macromed\Flash\FlashUtil10d.exe
+ 2009-11-19 21:05 . 1999-02-09 09:46 137728 d:\windows\system32\ijl10.dll
+ 2009-09-07 21:17 . 2010-01-20 01:47 518544 d:\windows\system32\FNTCACHE.DAT
- 2009-09-16 23:16 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:07 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 136704 d:\windows\system32\DRVSTORE\nmwcdnsu_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsu.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 660480 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcocls.dll
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 d:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2009-11-23 01:41 . 2009-09-15 11:55 114768 d:\windows\system32\drivers\aswSP.sys
+ 2009-11-19 21:05 . 1999-05-31 16:03 137216 d:\windows\system32\cNewMenu.dll
+ 2009-12-05 22:41 . 2009-12-05 22:41 276480 d:\windows\Installer\dd718aa.msi
+ 2009-11-25 16:42 . 2009-11-25 16:42 692224 d:\windows\Installer\d8142f8.msi
+ 2009-11-29 08:57 . 2009-11-29 08:57 950272 d:\windows\Installer\c9903f8.msi
+ 2009-12-26 23:22 . 2009-12-26 23:22 836096 d:\windows\Installer\7aaf3f1.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 782848 d:\windows\Installer\1d5893d.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 691200 d:\windows\Installer\1d58939.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 312320 d:\windows\Installer\1d58932.msi
+ 2009-12-16 02:11 . 2009-12-16 02:11 858624 d:\windows\Installer\1d22a105.msi
+ 2009-12-16 02:07 . 2009-12-16 02:07 496128 d:\windows\Installer\1d22a05d.msi
+ 2009-12-16 02:05 . 2009-12-16 02:05 331776 d:\windows\Installer\1d22a025.msi
+ 2009-12-16 02:04 . 2009-12-16 02:04 215552 d:\windows\Installer\1d22a007.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 192512 d:\windows\Installer\{E692347E-2AFA-44AE-8197-5A34308B84CC}\ARPPRODUCTICON.exe
+ 2009-12-18 21:25 . 2009-12-18 21:25 271542 d:\windows\Installer\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}\controlPanelIcon.exe
+ 2003-02-21 13:42 . 2003-02-21 13:42 348160 d:\windows\Installer\$PatchCache$\Managed\E743296EAFA2EA441879A54303B848CC\1.24.0\msvcr71.dll
+ 2009-11-15 21:15 . 2009-11-15 21:15 450048 d:\windows\DHTML Menu Builder\uninstall.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 288608 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 316416 d:\windows\$NtUninstallWudf01007$\wudfx.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 165376 d:\windows\$NtUninstallWudf01007$\wudfplatform.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 146432 d:\windows\$NtUninstallWudf01007$\wudfhost.exe
+ 2009-12-16 02:15 . 2008-03-21 12:57 379184 d:\windows\$NtUninstallWudf01007$\spuninst\updspapi.dll
+ 2009-12-16 02:15 . 2008-03-21 12:57 221488 d:\windows\$NtUninstallWudf01007$\spuninst\spuninst.exe
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 d:\windows\system32\WUDFUpdate_01007.dll
+ 2009-12-10 12:03 . 2006-05-25 17:52 6139993 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCpl.dll
+ 2009-01-22 03:14 . 2009-01-22 03:14 1328968 d:\windows\system32\msxml4.dll
- 2006-03-02 12:00 . 2004-02-22 23:00 1386496 d:\windows\system32\MSVBVM60.DLL
+ 2004-02-17 17:57 . 2004-02-23 10:42 1386496 d:\windows\system32\msvbvm60.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 3885984 d:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-09-16 23:16 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:07 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:05 . 2009-10-06 10:55 1112288 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\wdfcoinstaller01007.dll
+ 2010-01-04 12:22 . 2005-12-05 17:09 2323664 d:\windows\system32\d3dx9_28.dll
- 2009-09-14 19:41 . 2009-09-14 19:41 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-09-14 19:41 . 2009-11-12 14:04 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-12-27 01:03 . 2009-12-27 01:03 1262080 d:\windows\Installer\80566a1.msi
+ 2009-12-18 21:25 . 2009-12-18 21:25 1141248 d:\windows\Installer\5ebc6.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 1495040 d:\windows\Installer\4b43b87.msi
+ 2009-12-03 18:30 . 2009-12-03 18:30 1236480 d:\windows\Installer\2a4b1d6.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Firefox"="d:\program files\Mozilla Firefox\firefox -turbo" [X]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FLMOFFICE4DMOUSE"="d:\program files\Labtec\Mouse\2.1\moffice.exe" [2009-12-10 958464]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-NWEReboot - (no file)
ActiveSetup-ccc-core-static - msiexec
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 03:34
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 03:39:57
ComboFix-quarantined-files.txt 2010-01-20 02:39
ComboFix2.txt 2009-11-23 01:27
ComboFix3.txt 2009-11-23 00:55
ComboFix4.txt 2009-11-16 13:23
ComboFix5.txt 2010-01-20 02:21
Před spuštěním: Volných bajtů: 50 287 403 008
Po spuštění: Volných bajtů: 50 244 497 408
Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 27DBF02D7671A63BA9C8AA1BA4AA958A
ComboFix 10-01-19.03 - Petr 20.01.2010 3:23.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100119-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\Winacprd0.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 01:49 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:26 . 2009-11-10 22:48 -------- d-----w- d:\program files\SolidWorks
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-20 01:03 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot@2009-11-12_13.16.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_76c.dat
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_71c.dat
+ 2006-09-28 16:56 . 2008-01-18 23:37 55296 d:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2008-01-18 23:37 87552 d:\windows\system32\WUDFCoinstaller.dll
+ 2009-11-19 21:05 . 2004-05-17 19:59 36864 d:\windows\system32\VectorizeForm.dll
+ 2009-11-19 21:05 . 2000-06-25 23:16 24576 d:\windows\system32\SysInfoServer.dll
+ 2009-11-19 21:05 . 1998-10-14 18:41 27648 d:\windows\system32\SSubTmr.dll
+ 2010-01-03 01:09 . 2007-09-14 09:42 90624 d:\windows\system32\spool\drivers\w32x86\3\tinypdf2.dll
+ 2010-01-03 01:09 . 2007-09-14 09:41 36352 d:\windows\system32\spool\drivers\w32x86\3\tinypdf.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 86105 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPLpr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:03 69721 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPFcs.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 41062 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCo2.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 94297 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPAPI.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 82012 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\InstNT.exe
+ 2009-12-10 12:03 . 2008-04-14 02:06 23040 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\mouclass.sys
+ 2009-12-10 12:03 . 2008-04-14 02:21 52096 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\i8042prt.sys
+ 2009-11-19 21:05 . 2000-06-25 23:14 24576 d:\windows\system32\RegServer.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 91136 d:\windows\system32\nmwcdcls.dll
- 2009-09-16 23:15 . 2009-02-09 06:37 91136 d:\windows\system32\nmwcdcls.dll
+ 2009-11-19 21:05 . 2002-02-16 09:48 24576 d:\windows\system32\N3DTypeLib.dll
+ 2009-01-22 03:16 . 2009-01-22 03:16 88904 d:\windows\system32\msxml4r.dll
+ 2009-03-25 10:43 . 2009-03-25 10:43 44544 d:\windows\system32\msxml4a.dll
+ 2009-09-11 21:47 . 2009-12-18 13:40 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2009-09-11 21:47 . 2009-10-06 21:23 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\DRVSTORE\moufiltr_8BC4FD94BD9C7DB1EC017BFDD34FE86096300CB6\moufiltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 22016 d:\windows\system32\DRVSTORE\ccdcmbo_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmbo.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 91136 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcls.dll
+ 2009-12-16 02:05 . 2009-10-06 10:52 17664 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmb.sys
+ 2006-09-28 17:00 . 2008-01-18 21:53 83328 d:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 16:55 . 2008-01-18 21:52 77696 d:\windows\system32\drivers\WudfPf.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\drivers\moufiltr.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2004-08-17 15:43 . 2008-04-14 02:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2006-03-02 12:00 . 2008-04-14 02:21 52096 d:\windows\system32\drivers\i8042prt.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\drivers\i8042prt.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 17664 d:\windows\system32\drivers\ccdcmb.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 17664 d:\windows\system32\drivers\ccdcmb.sys
+ 2009-11-23 01:41 . 2009-09-15 11:56 94160 d:\windows\system32\drivers\aswmon2.sys
+ 2009-11-23 01:41 . 2009-09-15 11:55 20560 d:\windows\system32\drivers\aswFsBlk.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\dllcache\mouclass.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\dllcache\i8042prt.sys
+ 2009-11-19 21:05 . 2006-03-28 07:23 49152 d:\windows\N3DScreenSaver.scr
+ 2009-12-05 22:41 . 2009-12-05 22:41 29926 d:\windows\Installer\{E7081891-BC7F-43F9-9CE6-B5DD2F497156}\_6FEFF9B68218417F98F549.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ARPPRODUCTICON.exe
+ 2009-12-16 02:11 . 2009-12-16 02:11 15086 d:\windows\Installer\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\ARPPRODUCTICON.exe
+ 2009-12-04 23:03 . 2009-12-04 23:03 25214 d:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-16 02:07 . 2009-12-16 02:07 10134 d:\windows\Installer\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}\ARPPRODUCTICON.exe
- 2009-09-16 20:04 . 2009-09-16 20:04 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-29 08:57 . 2009-11-29 08:57 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 79712 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.SimpleProviders\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.SimpleProviders.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 87904 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.MetadataStorage\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.MetadataStorage.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 63328 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Files\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Files.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 55808 d:\windows\$NtUninstallWudf01007$\wudfsvc.dll
+ 2009-12-16 02:15 . 2006-09-28 17:00 82944 d:\windows\$NtUninstallWudf01007$\wudfrd.sys
+ 2009-12-16 02:15 . 2006-09-28 16:55 77568 d:\windows\$NtUninstallWudf01007$\wudfpf.sys
+ 2009-12-16 02:15 . 2006-09-28 18:13 95344 d:\windows\$NtUninstallWudf01007$\wudfcoinstaller.dll
+ 2009-12-16 02:15 . 2008-01-18 21:53 72704 d:\windows\$NtUninstallWudf01007$\spuninst\WudfCustom.dll
+ 2009-10-29 10:01 . 2006-07-31 10:56 4096 d:\windows\system32\HUCoInstaller.dll
- 2009-10-29 10:01 . 2006-07-31 03:56 4096 d:\windows\system32\HUCoInstaller.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 8320 d:\windows\system32\DRVSTORE\nmwcdnsuc_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsuc.sys
+ 2009-12-10 12:03 . 2007-03-22 08:09 9600 d:\windows\system32\DRVSTORE\musbfltr_FCBE6EF47F1D2F77FED7F99727CE93012BFA5A10\MUsbFltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbm_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerflt.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbcj_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerfltj.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 7936 d:\windows\system32\drivers\usbser_lowerflt.sys
+ 2009-11-13 00:27 . 2009-11-13 00:27 9454 d:\windows\Installer\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}\_6FEFF9B68218417F98F549.exe
+ 2009-12-16 02:05 . 2009-12-16 02:05 3262 d:\windows\Installer\{6869591A-7DD8-46D2-837F-57CBF7358955}\ARPPRODUCTICON.exe
+ 2006-09-28 16:56 . 2008-01-18 23:37 305152 d:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2008-01-18 21:52 163840 d:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2008-01-18 23:33 142336 d:\windows\system32\WudfHost.exe
+ 2009-11-16 09:09 . 2007-09-14 07:06 139264 d:\windows\system32\uniflexsup.dll
+ 2009-11-13 00:26 . 2003-06-25 15:05 266360 d:\windows\system32\TweakUI.exe
+ 2010-01-03 01:09 . 2007-09-14 09:41 405504 d:\windows\system32\spool\drivers\w32x86\3\tinypdf1.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 225280 d:\windows\system32\ReinstallBackups\0007\DriverFiles\Tutorial.exe
+ 2009-12-10 12:03 . 2006-05-25 17:39 163840 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynZMetr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:02 786521 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPEnh.exe
+ 2009-12-10 12:03 . 2006-05-25 17:40 193088 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTP.sys
+ 2009-12-10 12:03 . 2006-05-25 17:39 147456 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynMood.exe
+ 2009-12-10 12:03 . 2006-05-25 18:04 557056 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynISDLL.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 114688 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCtrl.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 660480 d:\windows\system32\nmwcdcocls.dll
+ 2009-11-19 21:05 . 2003-09-27 20:41 356352 d:\windows\system32\N3DCommon.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-07-18 03:21 . 2009-07-18 03:21 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-10-28 03:31 . 2009-10-28 03:31 257440 d:\windows\system32\Macromed\Flash\FlashUtil10d.exe
+ 2009-11-19 21:05 . 1999-02-09 09:46 137728 d:\windows\system32\ijl10.dll
+ 2009-09-07 21:17 . 2010-01-20 01:47 518544 d:\windows\system32\FNTCACHE.DAT
- 2009-09-16 23:16 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:07 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 136704 d:\windows\system32\DRVSTORE\nmwcdnsu_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsu.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 660480 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcocls.dll
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 d:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2009-11-23 01:41 . 2009-09-15 11:55 114768 d:\windows\system32\drivers\aswSP.sys
+ 2009-11-19 21:05 . 1999-05-31 16:03 137216 d:\windows\system32\cNewMenu.dll
+ 2009-12-05 22:41 . 2009-12-05 22:41 276480 d:\windows\Installer\dd718aa.msi
+ 2009-11-25 16:42 . 2009-11-25 16:42 692224 d:\windows\Installer\d8142f8.msi
+ 2009-11-29 08:57 . 2009-11-29 08:57 950272 d:\windows\Installer\c9903f8.msi
+ 2009-12-26 23:22 . 2009-12-26 23:22 836096 d:\windows\Installer\7aaf3f1.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 782848 d:\windows\Installer\1d5893d.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 691200 d:\windows\Installer\1d58939.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 312320 d:\windows\Installer\1d58932.msi
+ 2009-12-16 02:11 . 2009-12-16 02:11 858624 d:\windows\Installer\1d22a105.msi
+ 2009-12-16 02:07 . 2009-12-16 02:07 496128 d:\windows\Installer\1d22a05d.msi
+ 2009-12-16 02:05 . 2009-12-16 02:05 331776 d:\windows\Installer\1d22a025.msi
+ 2009-12-16 02:04 . 2009-12-16 02:04 215552 d:\windows\Installer\1d22a007.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 192512 d:\windows\Installer\{E692347E-2AFA-44AE-8197-5A34308B84CC}\ARPPRODUCTICON.exe
+ 2009-12-18 21:25 . 2009-12-18 21:25 271542 d:\windows\Installer\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}\controlPanelIcon.exe
+ 2003-02-21 13:42 . 2003-02-21 13:42 348160 d:\windows\Installer\$PatchCache$\Managed\E743296EAFA2EA441879A54303B848CC\1.24.0\msvcr71.dll
+ 2009-11-15 21:15 . 2009-11-15 21:15 450048 d:\windows\DHTML Menu Builder\uninstall.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 288608 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 316416 d:\windows\$NtUninstallWudf01007$\wudfx.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 165376 d:\windows\$NtUninstallWudf01007$\wudfplatform.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 146432 d:\windows\$NtUninstallWudf01007$\wudfhost.exe
+ 2009-12-16 02:15 . 2008-03-21 12:57 379184 d:\windows\$NtUninstallWudf01007$\spuninst\updspapi.dll
+ 2009-12-16 02:15 . 2008-03-21 12:57 221488 d:\windows\$NtUninstallWudf01007$\spuninst\spuninst.exe
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 d:\windows\system32\WUDFUpdate_01007.dll
+ 2009-12-10 12:03 . 2006-05-25 17:52 6139993 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCpl.dll
+ 2009-01-22 03:14 . 2009-01-22 03:14 1328968 d:\windows\system32\msxml4.dll
- 2006-03-02 12:00 . 2004-02-22 23:00 1386496 d:\windows\system32\MSVBVM60.DLL
+ 2004-02-17 17:57 . 2004-02-23 10:42 1386496 d:\windows\system32\msvbvm60.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 3885984 d:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-09-16 23:16 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:07 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:05 . 2009-10-06 10:55 1112288 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\wdfcoinstaller01007.dll
+ 2010-01-04 12:22 . 2005-12-05 17:09 2323664 d:\windows\system32\d3dx9_28.dll
- 2009-09-14 19:41 . 2009-09-14 19:41 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-09-14 19:41 . 2009-11-12 14:04 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-12-27 01:03 . 2009-12-27 01:03 1262080 d:\windows\Installer\80566a1.msi
+ 2009-12-18 21:25 . 2009-12-18 21:25 1141248 d:\windows\Installer\5ebc6.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 1495040 d:\windows\Installer\4b43b87.msi
+ 2009-12-03 18:30 . 2009-12-03 18:30 1236480 d:\windows\Installer\2a4b1d6.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Firefox"="d:\program files\Mozilla Firefox\firefox -turbo" [X]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FLMOFFICE4DMOUSE"="d:\program files\Labtec\Mouse\2.1\moffice.exe" [2009-12-10 958464]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-NWEReboot - (no file)
ActiveSetup-ccc-core-static - msiexec
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 03:34
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 03:39:57
ComboFix-quarantined-files.txt 2010-01-20 02:39
ComboFix2.txt 2009-11-23 01:27
ComboFix3.txt 2009-11-23 00:55
ComboFix4.txt 2009-11-16 13:23
ComboFix5.txt 2010-01-20 02:21
Před spuštěním: Volných bajtů: 50 287 403 008
Po spuštění: Volných bajtů: 50 244 497 408
Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 27DBF02D7671A63BA9C8AA1BA4AA958A
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikionu CoémboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe
d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe
Driver::
UDGY
WXXLRUX
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Díky za radu. Počítač již teď sice "žije", ale neustále zamrzá. Při otevření dvou a více oken se stává, že aplikace "neodpovídá", a to dokonce na hoooodně dlouho dobu. Systém vypadá, že je přetížen, i když podle výpisu "jede" na pár procent a paměť je vytížená na cca 800M ze 2G.
Přikládám výpis z RSIT a prosím o radu... je to pracovní počítač a jsem už z toho dost nešťastný. Mimochodem tam "visí" mfnhk32.dll a mfnsp32.dll a nejdou nijak vyhodit, ve správci procesů se občas objevuje HBPRO.exe o kterém nevím, co je a AVG Anti-Root Kit neustále vyhazuje přítomnost root virů. Předem moc děkuji!!!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-01-25 09:42:17
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 47 GB (67%) free of 69 GB
Total RAM: 1919 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42:41, on 25.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\StkCSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\ATK0100\HControl.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\ATK0100\ATKOSD.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Program Files\Atheros\ACU.exe
D:\Program Files\ASUS\ASUS Live Update\ALU.exe
D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\totalcmd\TotalCmd.exe
D:\WINDOWS\system32\taskmgr.exe
c:\Anti-Rooty\RSIT.exe
D:\Program Files\trend micro\Petr.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HControl] D:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] D:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "D:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ASUS Live Update] D:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [StatusClient] D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WD Drive Manager] D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [DetectTray] C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Nastavení myši Labtec.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2678920015
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - D:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - D:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
--
End of file - 11848 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Defraggler Volume C Task.job
D:\WINDOWS\tasks\Defraggler Volume D Task.job
D:\WINDOWS\tasks\Defraggler Volume G Task.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=D:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"SMSERIAL"=D:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=D:\Program Files\Atheros\ACU.exe [2006-07-04 336001]
"ASUS Live Update"=D:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"StatusClient"=D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WD Drive Manager"=D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-05-27 450560]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"=C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3
"SQLAgent$INVENTORCONTENT"=3
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Nastavení myši Labtec.lnk - D:\Program Files\Software laserové myši Labtec\MulMouse.exe
WDDMStatus.lnk - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-01-16 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\WINDOWS\system32\mmc.exe"="D:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.scr - open - D:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-01-24 23:06:34 ----SHD---- D:\RECYCLER
2010-01-24 23:04:39 ----A---- D:\ComboFix.txt
2010-01-24 14:05:23 ----D---- D:\Documents and Settings\Petr\Data aplikací\Malwarebytes
2010-01-24 14:05:17 ----D---- D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-24 14:05:14 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2010-01-24 13:50:37 ----D---- D:\!KillBox
2010-01-24 13:38:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Uniblue
2010-01-24 03:08:49 ----D---- D:\Program Files\Common Files\ParetoLogic
2010-01-24 02:53:28 ----D---- D:\Program Files\trend micro
2010-01-24 02:53:27 ----D---- D:\rsit
2010-01-24 01:58:54 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-01-24 00:22:34 ----D---- D:\WINDOWS\setup.pss
2010-01-22 23:51:49 ----D---- D:\Program Files\Common Files\ParallelGraphics
2010-01-22 23:46:55 ----D---- D:\Program Files\PlotSoft
2010-01-22 23:46:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\PlotSoft
2010-01-22 23:44:45 ----D---- D:\Program Files\HTTP Debugger Pro
2010-01-22 17:20:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\Greenshot
2010-01-22 00:24:31 ----D---- D:\WINDOWS\pss
2010-01-21 09:18:44 ----D---- D:\Program Files\GRISOFT
2010-01-21 08:58:58 ----A---- D:\WINDOWS\system32\tmp.txt
2010-01-21 08:58:30 ----A---- D:\rapport.txt
2010-01-20 23:22:29 ----D---- D:\Program Files\Microsoft WSE
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsqlgc.dll
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsgnet.dll
2010-01-20 22:53:53 ----D---- D:\Program Files\Microsoft SQL Server
2010-01-20 22:24:59 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-01-20 22:24:50 ----HDC---- D:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-20 22:24:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-01-20 22:24:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-01-20 22:24:02 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-01-20 22:23:16 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-01-20 22:08:46 ----D---- D:\Program Files\MSXML 4.0
2010-01-20 22:08:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-01-20 22:07:56 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2010-01-20 22:06:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-01-20 22:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-01-20 21:41:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Ahead
2010-01-20 21:38:18 ----D---- D:\Program Files\Nero
2010-01-20 21:25:00 ----A---- D:\WINDOWS\UPGRADE.TXT
2010-01-20 03:21:36 ----A---- D:\WINDOWS\NIRCMD.exe
2010-01-20 03:21:36 ----A---- D:\WINDOWS\MBR.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\zip.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWXCACLS.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWSC.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWREG.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\sed.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\PEV.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\grep.exe
2010-01-13 22:46:23 ----A---- D:\WINDOWS\ROZPOCTY.INI
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xfontman.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xaradocg.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\BMPImporter.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templop.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templman.dll
2010-01-04 13:25:20 ----D---- D:\Program Files\Common Files\Ahead
2010-01-04 13:22:24 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2010-01-04 00:04:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-01-03 15:38:35 ----D---- D:\Program Files\Musicnotes
2010-01-03 02:26:50 ----D---- D:\Program Files\Advanced PDF to IMAGE converter
2010-01-02 22:28:43 ----D---- D:\Documents and Settings\Petr\Data aplikací\Foxit Software
2009-12-28 22:27:01 ----D---- D:\Program Files\Software602
======List of files/folders modified in the last 1 months======
2010-01-25 09:41:09 ----D---- D:\WINDOWS\Prefetch
2010-01-25 09:34:13 ----A---- D:\WINDOWS\WINCMD.INI
2010-01-25 08:42:16 ----D---- D:\Program Files\Mozilla Firefox
2010-01-25 08:41:57 ----D---- D:\WINDOWS\Temp
2010-01-25 08:35:15 ----D---- D:\WINDOWS\system32\CatRoot2
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32\drivers
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32
2010-01-25 02:24:43 ----D---- D:\WINDOWS
2010-01-25 01:38:21 ----D---- D:\Program Files\Mozilla Thunderbird
2010-01-24 23:22:25 ----HDC---- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-01-24 23:10:23 ----RD---- D:\Program Files
2010-01-24 23:06:34 ----D---- D:\WINDOWS\Debug
2010-01-24 23:04:57 ----AD---- D:\Qoobox
2010-01-24 22:54:02 ----A---- D:\WINDOWS\system.ini
2010-01-24 22:50:09 ----D---- D:\WINDOWS\system32\config
2010-01-24 22:49:44 ----D---- D:\WINDOWS\ERDNT
2010-01-24 22:45:18 ----D---- D:\WINDOWS\AppPatch
2010-01-24 22:45:15 ----AD---- D:\Program Files\Common Files
2010-01-24 22:34:08 ----RD---- D:\WINDOWS\Offline Web Pages
2010-01-24 21:15:28 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-01-24 19:25:09 ----D---- D:\Documents and Settings\Petr\Data aplikací\Skype
2010-01-24 13:31:21 ----A---- D:\WINDOWS\win.ini
2010-01-24 04:27:15 ----D---- D:\Config.Msi
2010-01-24 04:02:11 ----SHD---- D:\WINDOWS\Installer
2010-01-24 04:02:04 ----D---- D:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-01-24 03:59:54 ----SD---- D:\WINDOWS\Tasks
2010-01-24 00:54:30 ----D---- D:\WINDOWS\system32\LogFiles
2010-01-23 22:23:56 ----HD---- D:\WINDOWS\inf
2010-01-23 22:23:51 ----D---- D:\Documents and Settings
2010-01-21 22:51:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\Autodesk
2010-01-21 22:44:15 ----D---- D:\Program Files\Autodesk
2010-01-21 22:36:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-01-21 22:33:38 ----D---- D:\Program Files\Common Files\Autodesk Shared
2010-01-21 22:20:38 ----RSD---- D:\WINDOWS\Fonts
2010-01-21 03:50:36 ----HDC---- D:\WINDOWS\$NtUninstallKB973525$
2010-01-21 02:57:35 ----D---- D:\WINDOWS\Registration
2010-01-21 02:47:13 ----RSD---- D:\WINDOWS\assembly
2010-01-20 23:03:40 ----SD---- D:\WINDOWS\Downloaded Program Files
2010-01-20 22:25:02 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-20 22:24:39 ----HD---- D:\WINDOWS\$hf_mig$
2010-01-20 22:08:48 ----D---- D:\WINDOWS\WinSxS
2010-01-20 22:07:49 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-20 02:30:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-20 02:30:01 ----D---- D:\WINDOWS\Minidump
2010-01-20 02:25:08 ----D---- D:\Program Files\Microsoft Office
2010-01-20 02:23:26 ----D---- D:\Program Files\Common Files\Bluebeam Software
2010-01-20 02:22:43 ----D---- D:\Program Files\Common Files\SolidWorks Shared
2010-01-20 02:18:18 ----D---- D:\WINDOWS\system32\ShellExt
2010-01-19 00:59:47 ----D---- D:\Documents and Settings\Petr\Data aplikací\Alibre Design
2010-01-18 17:35:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-01-15 01:10:47 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-01-14 11:57:16 ----D---- D:\UniScan
2010-01-11 20:43:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\ColorImpact3
2010-01-09 21:12:17 ----D---- D:\WINDOWS\system32\NtmsData
2010-01-05 12:04:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-01-05 02:34:58 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-05 02:30:57 ----D---- D:\Program Files\Defraggler
2010-01-04 16:17:48 ----A---- D:\WINDOWS\system32\MRT.exe
2010-01-04 13:20:48 ----D---- D:\WINDOWS\system32\DirectX
2010-01-01 08:03:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\skypePM
2009-12-27 02:03:15 ----D---- D:\Program Files\Google
2009-12-26 01:55:02 ----D---- D:\Documents and Settings\Petr\Data aplikací\avidemux
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; D:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-07 21275]
R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; D:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-01-16 1957376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft AC Adapter Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; D:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 moufiltr;Labtec Wireless Laser Mouse; D:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-05-07 13824]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Stroage Device; D:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 tosporte;Bluetooth COM Port; D:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; D:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 41011;41011; \??\D:\WINDOWS\system32\41011.sys []
S3 a09n5m24;a09n5m24; D:\WINDOWS\system32\drivers\a09n5m24.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 catchme;catchme; \??\D:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 ivusb;Initio Driver for USB Default Controller; D:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; D:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS; D:\WINDOWS\System32\Drivers\tosrfbd.sys [2007-04-24 113920]
S3 Tosrfbnp;Bluetooth RFBNEP; D:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:\WINDOWS\system32\drivers\TosRfSnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; D:\WINDOWS\System32\Drivers\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; D:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:\WINDOWS\System32\StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-05-27 102400]
R2 WDDMService;WD SmartWare Drive Manager; D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ACS;Atheros Configuration Service; D:\WINDOWS\system32\acs.exe [2009-11-12 278613]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-13 133104]
S2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-11 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-01-16 438272]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 654848]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; D:\Flexlm\lmgrd.exe []
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
-----------------EOF-----------------
Přikládám výpis z RSIT a prosím o radu... je to pracovní počítač a jsem už z toho dost nešťastný. Mimochodem tam "visí" mfnhk32.dll a mfnsp32.dll a nejdou nijak vyhodit, ve správci procesů se občas objevuje HBPRO.exe o kterém nevím, co je a AVG Anti-Root Kit neustále vyhazuje přítomnost root virů. Předem moc děkuji!!!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-01-25 09:42:17
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 47 GB (67%) free of 69 GB
Total RAM: 1919 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42:41, on 25.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\StkCSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\ATK0100\HControl.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\ATK0100\ATKOSD.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Program Files\Atheros\ACU.exe
D:\Program Files\ASUS\ASUS Live Update\ALU.exe
D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\totalcmd\TotalCmd.exe
D:\WINDOWS\system32\taskmgr.exe
c:\Anti-Rooty\RSIT.exe
D:\Program Files\trend micro\Petr.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HControl] D:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] D:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "D:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ASUS Live Update] D:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [StatusClient] D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WD Drive Manager] D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [DetectTray] C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Nastavení myši Labtec.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2678920015
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - D:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - D:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
--
End of file - 11848 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Defraggler Volume C Task.job
D:\WINDOWS\tasks\Defraggler Volume D Task.job
D:\WINDOWS\tasks\Defraggler Volume G Task.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=D:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"SMSERIAL"=D:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=D:\Program Files\Atheros\ACU.exe [2006-07-04 336001]
"ASUS Live Update"=D:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"StatusClient"=D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WD Drive Manager"=D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-05-27 450560]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"=C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3
"SQLAgent$INVENTORCONTENT"=3
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Nastavení myši Labtec.lnk - D:\Program Files\Software laserové myši Labtec\MulMouse.exe
WDDMStatus.lnk - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-01-16 110592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\WINDOWS\system32\mmc.exe"="D:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.scr - open - D:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-01-24 23:06:34 ----SHD---- D:\RECYCLER
2010-01-24 23:04:39 ----A---- D:\ComboFix.txt
2010-01-24 14:05:23 ----D---- D:\Documents and Settings\Petr\Data aplikací\Malwarebytes
2010-01-24 14:05:17 ----D---- D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-24 14:05:14 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2010-01-24 13:50:37 ----D---- D:\!KillBox
2010-01-24 13:38:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Uniblue
2010-01-24 03:08:49 ----D---- D:\Program Files\Common Files\ParetoLogic
2010-01-24 02:53:28 ----D---- D:\Program Files\trend micro
2010-01-24 02:53:27 ----D---- D:\rsit
2010-01-24 01:58:54 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-01-24 00:22:34 ----D---- D:\WINDOWS\setup.pss
2010-01-22 23:51:49 ----D---- D:\Program Files\Common Files\ParallelGraphics
2010-01-22 23:46:55 ----D---- D:\Program Files\PlotSoft
2010-01-22 23:46:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\PlotSoft
2010-01-22 23:44:45 ----D---- D:\Program Files\HTTP Debugger Pro
2010-01-22 17:20:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\Greenshot
2010-01-22 00:24:31 ----D---- D:\WINDOWS\pss
2010-01-21 09:18:44 ----D---- D:\Program Files\GRISOFT
2010-01-21 08:58:58 ----A---- D:\WINDOWS\system32\tmp.txt
2010-01-21 08:58:30 ----A---- D:\rapport.txt
2010-01-20 23:22:29 ----D---- D:\Program Files\Microsoft WSE
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsqlgc.dll
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsgnet.dll
2010-01-20 22:53:53 ----D---- D:\Program Files\Microsoft SQL Server
2010-01-20 22:24:59 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-01-20 22:24:50 ----HDC---- D:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-20 22:24:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-01-20 22:24:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-01-20 22:24:02 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-01-20 22:23:16 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-01-20 22:08:46 ----D---- D:\Program Files\MSXML 4.0
2010-01-20 22:08:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-01-20 22:07:56 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2010-01-20 22:06:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-01-20 22:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-01-20 21:41:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Ahead
2010-01-20 21:38:18 ----D---- D:\Program Files\Nero
2010-01-20 21:25:00 ----A---- D:\WINDOWS\UPGRADE.TXT
2010-01-20 03:21:36 ----A---- D:\WINDOWS\NIRCMD.exe
2010-01-20 03:21:36 ----A---- D:\WINDOWS\MBR.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\zip.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWXCACLS.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWSC.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWREG.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\sed.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\PEV.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\grep.exe
2010-01-13 22:46:23 ----A---- D:\WINDOWS\ROZPOCTY.INI
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xfontman.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xaradocg.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\BMPImporter.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templop.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templman.dll
2010-01-04 13:25:20 ----D---- D:\Program Files\Common Files\Ahead
2010-01-04 13:22:24 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2010-01-04 00:04:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-01-03 15:38:35 ----D---- D:\Program Files\Musicnotes
2010-01-03 02:26:50 ----D---- D:\Program Files\Advanced PDF to IMAGE converter
2010-01-02 22:28:43 ----D---- D:\Documents and Settings\Petr\Data aplikací\Foxit Software
2009-12-28 22:27:01 ----D---- D:\Program Files\Software602
======List of files/folders modified in the last 1 months======
2010-01-25 09:41:09 ----D---- D:\WINDOWS\Prefetch
2010-01-25 09:34:13 ----A---- D:\WINDOWS\WINCMD.INI
2010-01-25 08:42:16 ----D---- D:\Program Files\Mozilla Firefox
2010-01-25 08:41:57 ----D---- D:\WINDOWS\Temp
2010-01-25 08:35:15 ----D---- D:\WINDOWS\system32\CatRoot2
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32\drivers
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32
2010-01-25 02:24:43 ----D---- D:\WINDOWS
2010-01-25 01:38:21 ----D---- D:\Program Files\Mozilla Thunderbird
2010-01-24 23:22:25 ----HDC---- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-01-24 23:10:23 ----RD---- D:\Program Files
2010-01-24 23:06:34 ----D---- D:\WINDOWS\Debug
2010-01-24 23:04:57 ----AD---- D:\Qoobox
2010-01-24 22:54:02 ----A---- D:\WINDOWS\system.ini
2010-01-24 22:50:09 ----D---- D:\WINDOWS\system32\config
2010-01-24 22:49:44 ----D---- D:\WINDOWS\ERDNT
2010-01-24 22:45:18 ----D---- D:\WINDOWS\AppPatch
2010-01-24 22:45:15 ----AD---- D:\Program Files\Common Files
2010-01-24 22:34:08 ----RD---- D:\WINDOWS\Offline Web Pages
2010-01-24 21:15:28 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-01-24 19:25:09 ----D---- D:\Documents and Settings\Petr\Data aplikací\Skype
2010-01-24 13:31:21 ----A---- D:\WINDOWS\win.ini
2010-01-24 04:27:15 ----D---- D:\Config.Msi
2010-01-24 04:02:11 ----SHD---- D:\WINDOWS\Installer
2010-01-24 04:02:04 ----D---- D:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-01-24 03:59:54 ----SD---- D:\WINDOWS\Tasks
2010-01-24 00:54:30 ----D---- D:\WINDOWS\system32\LogFiles
2010-01-23 22:23:56 ----HD---- D:\WINDOWS\inf
2010-01-23 22:23:51 ----D---- D:\Documents and Settings
2010-01-21 22:51:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\Autodesk
2010-01-21 22:44:15 ----D---- D:\Program Files\Autodesk
2010-01-21 22:36:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-01-21 22:33:38 ----D---- D:\Program Files\Common Files\Autodesk Shared
2010-01-21 22:20:38 ----RSD---- D:\WINDOWS\Fonts
2010-01-21 03:50:36 ----HDC---- D:\WINDOWS\$NtUninstallKB973525$
2010-01-21 02:57:35 ----D---- D:\WINDOWS\Registration
2010-01-21 02:47:13 ----RSD---- D:\WINDOWS\assembly
2010-01-20 23:03:40 ----SD---- D:\WINDOWS\Downloaded Program Files
2010-01-20 22:25:02 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-20 22:24:39 ----HD---- D:\WINDOWS\$hf_mig$
2010-01-20 22:08:48 ----D---- D:\WINDOWS\WinSxS
2010-01-20 22:07:49 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-20 02:30:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-20 02:30:01 ----D---- D:\WINDOWS\Minidump
2010-01-20 02:25:08 ----D---- D:\Program Files\Microsoft Office
2010-01-20 02:23:26 ----D---- D:\Program Files\Common Files\Bluebeam Software
2010-01-20 02:22:43 ----D---- D:\Program Files\Common Files\SolidWorks Shared
2010-01-20 02:18:18 ----D---- D:\WINDOWS\system32\ShellExt
2010-01-19 00:59:47 ----D---- D:\Documents and Settings\Petr\Data aplikací\Alibre Design
2010-01-18 17:35:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-01-15 01:10:47 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-01-14 11:57:16 ----D---- D:\UniScan
2010-01-11 20:43:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\ColorImpact3
2010-01-09 21:12:17 ----D---- D:\WINDOWS\system32\NtmsData
2010-01-05 12:04:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-01-05 02:34:58 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-05 02:30:57 ----D---- D:\Program Files\Defraggler
2010-01-04 16:17:48 ----A---- D:\WINDOWS\system32\MRT.exe
2010-01-04 13:20:48 ----D---- D:\WINDOWS\system32\DirectX
2010-01-01 08:03:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\skypePM
2009-12-27 02:03:15 ----D---- D:\Program Files\Google
2009-12-26 01:55:02 ----D---- D:\Documents and Settings\Petr\Data aplikací\avidemux
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; D:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-07 21275]
R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; D:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-01-16 1957376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft AC Adapter Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; D:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 moufiltr;Labtec Wireless Laser Mouse; D:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-05-07 13824]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Stroage Device; D:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 tosporte;Bluetooth COM Port; D:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; D:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 41011;41011; \??\D:\WINDOWS\system32\41011.sys []
S3 a09n5m24;a09n5m24; D:\WINDOWS\system32\drivers\a09n5m24.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 catchme;catchme; \??\D:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 ivusb;Initio Driver for USB Default Controller; D:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; D:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS; D:\WINDOWS\System32\Drivers\tosrfbd.sys [2007-04-24 113920]
S3 Tosrfbnp;Bluetooth RFBNEP; D:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:\WINDOWS\system32\drivers\TosRfSnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; D:\WINDOWS\System32\Drivers\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; D:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:\WINDOWS\System32\StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-05-27 102400]
R2 WDDMService;WD SmartWare Drive Manager; D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ACS;Atheros Configuration Service; D:\WINDOWS\system32\acs.exe [2009-11-12 278613]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-13 133104]
S2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-11 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-01-16 438272]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 654848]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; D:\Flexlm\lmgrd.exe []
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Log vypadá čistý. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Oki... zkusím a dám vědět... eventuelně zase hodím výpis... a díky!
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Zatím není zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
tak nevím....
ComboFix 09-11-11.02 - Petr 12.11.2009 14:04.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1483 [GMT 1:00]
Spuštěný z: I:\OpravTo.exe
AV: avast! antivirus 4.8.1351 [VPS 091111-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\documents and settings\Petr\Data aplikací\drivers\downld
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1242328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243046.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1245125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1267765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1269687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1270359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1304734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1307734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1308328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1314218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393140.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1429312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1432312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1467156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1471281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1474781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1486625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1487437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1491093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1493578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1495906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1538671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\170281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\174359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1813984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\181484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1835015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18539750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18545406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18554859.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18557093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18576562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18580468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1862703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1889843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\189421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1901171.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\190406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\201156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\202234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\207359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\222750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\226578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\238125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\250234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\252593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\256359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\270625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\307562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\358421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\426234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\464906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\490093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\491796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\492390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\516218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\518750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\519375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\522656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\528578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\541421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\559625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\560781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\561218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\563968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\590953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592343.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\614421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\617750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\618390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\624640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\625937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\626250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\660421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\669109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\670953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\675875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\706359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\707265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\730390.exe
d:\documents and settings\Petr\Data aplikací\drivers\winupgro.exe
d:\documents and settings\Petr\Data aplikací\m\shared
d:\documents and settings\Petr\Data aplikací\m\shared\Adobe icons collection.zip
d:\documents and settings\Petr\Data aplikací\m\shared\ArcSoft_Scrapbook_Creator_Memories_Edition_1.0.9.9_(Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Art_of_Titian_1.0_[With_Crack].zip
d:\documents and settings\Petr\Data aplikací\m\shared\Arty_Flash_Player_1.23.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Astral_II_2.0.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Atrise PHP Script Debugger 3.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\AWS Docket 3.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Brain Workshop 2.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CD-Tag 2.26.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CDEdit 1.1.46.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DBtree 0.8.3 Beta.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Direct Access 1.6.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DirSize 4.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DJ Flanger 1438.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Dune and Desert Screen Saver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easter Eggs - Animated Wallpaper 5.07.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Eastsea_Outlook_Express_Backup_1.50.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy Email Encryption 6.17.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy_Banner_Creator_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Flash Screensaver Maker Simple Version 3.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashCapture_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashPPT_4.0.czip
d:\documents and settings\Petr\Data aplikací\m\shared\Folder-Snap 1.4.1.105.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FtpVC_2.4_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\generateAfeed_dB_-_PHP_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Get_My_Files_Back_5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\How_To_Survive_A_Power_Outage_While_Writing_1.0_(Key).zip
d:\documents and settings\Petr\Data aplikací\m\shared\CHEAPSKATE 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Image2Html 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Jalmus 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript Obfuscator 3.0.5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript_Outline_Builder_1.0_Serial.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Job Search Tracker 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft Suite Deluxe 2007 English - Portuguese 2.0.24.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Polish_1.1.17_(Cracked).zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_Spanish_-_Arabic_1.1.19.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Lotto PowerPlayer Pro 2009 6.7.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MAP-Blend 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Mars 3D ScreenSaver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Max Payne - Matrix II map.zip
d:\documents and settings\Petr\Data aplikací\m\shared\McAfee.Alert.Manager.v4.7.1-ROR.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MedInfoE_4.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MIDIFADE_1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\mjSQLDataScripter_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MySQL Data Access Components 5.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Native_American_Art_6.1_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Networker IM 3.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\NOD32.Antivirus.System.v2.51.8.Administrator.Edition.Win2K.NT.XP.2K3.Retail.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Okoker_Free_DVD_Burner_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\oogalleryimport 0.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PanelBar Studio 4.0.92.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PDF_to_Text_Converter_2.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PowerFolder 3.0.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SATextureLab 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SaxLab 1.4.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Smart Color Pick'n'Capture 1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SmileCamFX_1.0_(Serial).zip
d:\documents and settings\Petr\Data aplikací\m\shared\SpiceCharts 3D Pie Chart 1.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Spot_Shop_Software_DESengine_Server_1.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\StayInformed 1.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tinynice_MP3Recorder_1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tipard DVD to iPhone Converter 3.2.38.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Token2 Plus 4.6 build 1421.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Universal_Internet_Dialer_2.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VBScript2Exe_1.4.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VisiPPT_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VitaMem Pro 2.2.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wallpaper_Photo_Show_1.1_(With_Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\WinCalendar 2.57.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wine_Chronicle_1.1.zip
d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\ban_list.txt
d:\windows\system32\ieuinit.inf
d:\windows\system32\mdelk.exe
d:\windows\system32\srosa2.sys
d:\windows\system32\wfsintwq.sys
d:\windows\system32\Winacprd0.dll
d:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
((((((((((((((((((((((((( Soubory vytvořené od 2009-10-12 do 2009-11-12 )))))))))))))))))))))))))))))))
.
2009-11-12 12:49 . 2009-11-12 12:53 -------- d-----w- D:\OpravTo
2009-11-12 12:42 . 2009-11-12 12:42 -------- d-----w- D:\FixMePlease
2009-11-12 09:45 . 2009-11-12 09:45 53136 ----a-w- d:\windows\system32\PxSecure.dll
2009-11-12 09:45 . 2009-11-12 09:45 46768 ----a-w- d:\windows\system32\drivers\pxrts.sys
2009-11-12 09:45 . 2009-11-12 09:45 30280 ----a-w- d:\windows\system32\drivers\pxscan.sys
2009-11-12 09:45 . 2009-11-12 09:45 24368 ----a-w- d:\windows\system32\drivers\pxkbf.sys
2009-11-12 09:44 . 2009-11-12 09:45 -------- d-----w- d:\program files\Prevx
2009-11-12 09:35 . 2009-11-12 09:35 -------- d-----w- d:\program files\Naevius USB Antivirus
2009-11-12 02:16 . 2001-10-24 11:24 66048 -c--a-w- d:\windows\system32\dllcache\s3legacy.dll
2009-11-12 02:16 . 2009-08-04 20:59 2191360 ----a-w- d:\windows\system32\dllcache\ntoskrnl.exe
2009-11-12 02:16 . 2003-04-14 18:48 212992 ----a-w- d:\windows\system32\dllcache\fpmmcsat.dll
2009-11-11 00:10 . 2009-11-11 00:10 -------- d-----w- d:\program files\Common Files\McNeel Shared
2009-11-11 00:09 . 2009-11-11 00:10 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Viewer
2009-11-10 22:56 . 2009-11-10 23:03 -------- d-----w- d:\program files\PDMWorks2005
2009-11-10 22:54 . 2009-11-11 00:03 -------- d-----w- d:\program files\Common Files\eDrawings2005
2009-11-10 22:52 . 2004-05-10 13:19 639052 ----a-w- d:\windows\system32\BBPDFPortMon.dll
2009-11-10 22:50 . 2009-11-10 22:56 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2009-11-10 22:50 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 22:50 -------- d-----w- d:\program files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 23:01 -------- d-----w- d:\program files\SolidWorks
2009-11-10 22:48 . 2009-11-10 22:48 -------- d-----w- d:\program files\Common Files\Solidworks Data
2009-11-10 22:22 . 2009-11-12 13:15 -------- d-----w- D:\Flexlm
2009-11-09 15:50 . 2009-02-24 17:42 116736 ----a-w- d:\windows\system32\drivers\mcdbus.sys
2009-11-09 15:50 . 2009-11-09 15:50 -------- d-----w- d:\program files\MagicDisc
2009-11-08 19:32 . 2003-11-13 11:13 118784 ----a-w- d:\windows\system32\XMUpload.dll
2009-11-08 19:32 . 2003-10-17 13:03 876544 ----a-w- d:\windows\system32\XaraDocG.dll
2009-11-08 19:32 . 2003-10-17 13:03 126976 ----a-w- d:\windows\system32\TemplMan.dll
2009-11-08 19:32 . 2003-10-14 14:49 253952 ----a-w- d:\windows\system32\TemplOp.dll
2009-11-08 19:32 . 2003-10-06 13:45 23552 ----a-w- d:\windows\system32\XFontMan.dll
2009-11-08 19:32 . 2003-10-01 13:49 131072 ----a-w- d:\windows\system32\BmpImporter.dll
2009-11-08 19:32 . 2003-05-19 15:18 86016 ----a-w- d:\windows\system32\BinCoder.dll
2009-11-08 14:31 . 2009-11-08 14:31 -------- d-----w- d:\windows\SolidWorks
2009-11-07 18:10 . 2009-11-07 18:31 -------- d-----w- d:\program files\iTV
2009-10-30 23:58 . 2009-11-05 10:32 -------- d-----w- D:\totalcmd
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\UC.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\RAR.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKUNZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\NOCLOSE.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\LHA.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\ARJ.PIF
2009-10-29 20:03 . 2009-10-29 20:03 -------- d-----w- d:\program files\Smart Projects
2009-10-29 10:05 . 2003-03-19 11:44 45056 ----a-w- d:\windows\system32\MFC71CHT.DLL
2009-10-29 10:02 . 2008-04-13 19:46 15232 -c--a-w- d:\windows\system32\dllcache\mpe.sys
2009-10-29 10:02 . 2008-04-13 19:46 15232 ----a-w- d:\windows\system32\drivers\MPE.sys
2009-10-29 10:01 . 2007-02-26 10:40 7107 ----a-w- d:\windows\system32\drivers\EC168BDA.bin
2009-10-29 10:01 . 2006-12-12 16:56 104 ----a-w- d:\windows\system32\drivers\EC168Hid.dat
2009-10-29 10:01 . 2006-07-31 03:56 4096 ----a-w- d:\windows\system32\HUCoInstaller.dll
2009-10-29 10:01 . 2007-05-18 12:18 67968 ----a-w- d:\windows\system32\drivers\EC168BDA.sys
2009-10-29 10:01 . 2004-07-09 03:26 354816 -c--a-w- d:\windows\system32\dllcache\psisdecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 354816 ----a-w- d:\windows\system32\PsisDecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 11392 -c--a-w- d:\windows\system32\dllcache\bdasup.sys
2009-10-29 10:01 . 2004-07-09 03:26 11392 ----a-w- d:\windows\system32\drivers\BdaSup.sys
2009-10-28 23:23 . 2009-10-28 23:26 -------- d-----w- d:\windows\system32\NtmsData
2009-10-28 22:47 . 2009-10-28 22:47 -------- d-----w- d:\program files\Western Digital Technologies
2009-10-28 22:46 . 2009-10-28 22:46 -------- d-----w- d:\program files\Western Digital Corporation
2009-10-28 22:35 . 2009-10-28 22:36 -------- d-----w- D:\b90451c29ad1fe142890
2009-10-28 21:07 . 2009-02-13 11:02 11520 ----a-w- d:\windows\system32\drivers\wdcsam.sys
2009-10-28 21:07 . 2009-10-28 22:00 -------- d-----w- d:\program files\Western Digital
2009-10-27 00:49 . 2009-10-27 00:49 -------- d-----w- d:\program files\Core Services
2009-10-23 19:30 . 2009-10-23 20:23 -------- d-----w- d:\program files\Opti Drive Control
2009-10-23 19:12 . 2009-10-23 19:14 -------- d-----w- d:\program files\Philips Intelligent Agent
2009-10-20 11:27 . 2009-10-20 11:27 -------- d-----w- d:\windows\system32\Adobe
2009-10-20 11:25 . 2009-10-20 11:25 -------- d-----w- d:\documents and settings\Petr\.HenselEnyGuide
2009-10-13 23:37 . 2009-10-13 23:37 -------- d-----w- d:\windows\system32\wbem\Repository
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 13:17 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-11-03 22:52 . 2009-09-11 21:47 -------- d-----w- d:\program files\Java
2009-11-01 22:23 . 2009-10-03 09:07 -------- d-----w- d:\program files\Common Files\Adobe
2009-10-29 10:05 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-10-26 00:18 . 2009-09-11 20:52 -------- d-----w- d:\program files\AutoCAD 2009
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-10-22 18:50 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-10-15 15:36 . 2009-09-11 22:47 -------- d-----w- d:\program files\Foxit Software
2009-10-12 22:33 . 2009-10-12 22:33 -------- d-----w- d:\program files\FLV Player
2009-10-11 19:04 . 2009-10-11 19:03 -------- d-----w- d:\program files\DWG TrueView 2010
2009-10-11 19:04 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2009-10-11 03:17 . 2009-09-11 21:48 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-10-07 19:48 . 2009-10-07 19:48 -------- d-----w- d:\program files\Common Files\ABBYY
2009-10-03 09:20 . 2009-10-03 09:20 -------- d-----w- d:\program files\QuickTime
2009-10-03 09:18 . 2009-10-03 09:18 -------- d-----w- d:\program files\Bonjour
2009-10-03 09:10 . 2009-10-03 09:10 -------- d-----w- d:\program files\Common Files\Macrovision Shared
2009-10-01 22:03 . 2009-10-01 22:03 -------- d-----w- d:\program files\Common Files\Windows Live
2009-09-28 19:57 . 2009-10-10 00:15 7168 ----a-w- d:\windows\system32\drivers\StarOpen.sys
2009-09-27 05:38 . 2009-09-27 05:38 -------- d-----w- d:\program files\ESTsoft
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
2009-09-26 20:48 . 2009-09-26 20:48 -------- d-----w- d:\program files\LizardTech
2009-09-26 20:41 . 2009-09-26 20:41 160323 ----a-w- d:\windows\Sqirlz Morph Uninstaller.exe
2009-09-26 18:15 . 2009-09-26 18:15 -------- d-----w- d:\program files\MSXML 4.0
2009-09-26 00:00 . 2009-09-25 23:59 -------- d-----w- d:\program files\Common Files\Xara
2009-09-25 19:02 . 2009-09-11 21:33 -------- d-----w- d:\program files\Mozilla Sunbird
2009-09-25 05:37 . 2006-03-02 12:00 1510400 ----a-w- d:\windows\system32\shdocvw(2).dll
2009-09-24 10:55 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-09-23 20:57 . 2009-09-23 20:57 45 ---h--w- d:\windows\dsez8403.dat
2009-09-23 16:32 . 2009-09-23 16:32 -------- d-----w- d:\program files\CAM Development
2009-09-23 09:26 . 2009-09-23 09:26 -------- d-----w- d:\program files\Toshiba
2009-09-22 22:26 . 2009-09-22 22:26 721904 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-09-20 22:04 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-09-20 21:43 . 2009-09-20 21:43 23600 ----a-w- d:\windows\system32\drivers\TVICHW32.SYS
2009-09-19 16:13 . 2009-09-19 16:13 -------- d-----w- d:\program files\Windows Media Connect 2
2009-09-18 21:15 . 2009-09-18 21:15 -------- d-----w- d:\program files\eXaNetworks Setup Files
2009-09-18 14:30 . 2009-09-12 17:22 -------- d-----w- d:\program files\PROFIT
2009-09-18 11:05 . 2009-09-07 21:04 179792 ----a-w- d:\windows\system32\guard32.dll
2009-09-16 23:50 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\Nokia
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-09-16 23:17 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\PCSuite
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\PC Connectivity Solution
2009-09-16 20:04 . 2009-09-16 20:04 -------- d-----w- d:\program files\SunnyDesign
2009-09-16 20:02 . 2009-09-16 20:02 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-09-12 22:09 . 2009-09-12 22:07 19496 ----a-w- d:\windows\hpqins13.dat
2009-09-11 22:44 . 2009-09-11 22:44 45056 ----a-w- d:\windows\NCUNINST.EXE
2009-09-11 20:21 . 2009-09-11 20:18 674 ----a-w- d:\windows\PowerReg.dat
2009-09-11 14:19 . 2006-03-02 12:00 136192 ----a-w- d:\windows\system32\msv1_0.dll
2009-09-11 14:18 . 2009-09-11 14:18 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-09-07 20:45 . 2009-09-07 20:45 0 ----a-w- d:\windows\nsreg.dat
2009-09-07 20:33 . 2009-09-07 20:33 21275 ----a-w- d:\windows\system32\drivers\AegisP.sys
2009-09-07 20:23 . 2009-09-07 20:23 315392 ----a-w- d:\windows\HideWin.exe
2009-09-07 20:18 . 2009-09-07 19:27 76487 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-07 20:18 . 2009-09-07 19:27 2684 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-07 20:15 . 2009-09-07 19:27 8972 ----a-w- d:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-07 19:25 . 2009-09-07 19:25 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2009-09-04 21:05 . 2006-03-02 12:00 58880 ----a-w- d:\windows\system32\msasn1.dll
2009-08-26 08:02 . 2006-03-02 12:00 247326 ----a-w- d:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- d:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2009-09-11 19:15 1279456 ----a-w- d:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-09-11 19:15 93392 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-08-17 16:02 . 2009-09-11 19:15 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-08-14 15:15 . 2006-03-02 12:00 1850624 ----a-w- d:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
"Philips Intelligent Agent"="d:\program files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 613792]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
"flec003.exe"="d:\documents and settings\Petr\Data aplikací\hidires\flec003.exe" [2009-11-12 2557956]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-12 81000]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2009-11-12 1799952]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RTHDCPL"="RTHDCPL.EXE" - d:\windows\RTHDCPL.exe [2008-03-26 16859136]
"BluetoothAuthenticationAgent"="bthprops.cpl" - d:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\Program Files\\Philips Intelligent Agent\\Philips Intelligent Agent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\m\\flec006.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\hidires\\flec003.exe"=
R0 pxscan;pxscan;d:\windows\system32\drivers\pxscan.sys [12.11.2009 10:45 30280]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 pxrts;pxrts;d:\windows\system32\drivers\pxrts.sys [12.11.2009 10:45 46768]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 14:31 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 9:58 20480]
R3 pxkbf;pxkbf;d:\windows\system32\drivers\pxkbf.sys [12.11.2009 10:45 24368]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S1 aswSP;avast! Self Protection; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\DRIVERS\cmdguard.sys --> d:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\DRIVERS\cmdhlp.sys --> d:\windows\system32\DRIVERS\cmdhlp.sys [?]
S2 aswFsBlk;aswFsBlk;d:\windows\system32\DRIVERS\aswFsBlk.sys --> d:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 CSIScanner;CSIScanner;d:\program files\Prevx\prevx.exe [12.11.2009 10:45 6210488]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBR
*Deregistered* - mbr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {589F60BC-2712-FB88-7CF0-BE9E09DDD892} /qb
.
Obsah adresáře 'Naplánované úlohy'
2009-11-12 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-12 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-11 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firetray@radicalsoft.com\components\firetray.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-StartCCC - d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
HKLM-Run-usbantivirus - d:\program files\Naevius USB Antivirus\usbantivirus.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 14:16
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjh.sys >>UNKNOWN [0x8DFCE938]<<
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
atapi.sys @ 0x0 0x0 bytes
\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xBA621B40 atapi.sys
\Driver\atapi IRP hooks detected !
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(792)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3528)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\windows\system32\wscntfy.exe
d:\windows\system32\rundll32.exe
d:\program files\Skype\Phone\Skype.exe
d:\windows\ATK0100\ATKOSD.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
d:\totalcmd\TotalCmd.exe
d:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
994
ComboFix 09-11-11.02 - Petr 12.11.2009 14:04.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1483 [GMT 1:00]
Spuštěný z: I:\OpravTo.exe
AV: avast! antivirus 4.8.1351 [VPS 091111-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\documents and settings\Petr\Data aplikací\drivers\downld
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1242328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243046.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1245125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1267765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1269687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1270359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1304734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1307734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1308328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1314218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393140.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1429312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1432312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1467156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1471281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1474781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1486625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1487437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1491093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1493578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1495906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1538671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\170281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\174359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1813984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\181484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1835015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18539750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18545406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18554859.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18557093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18576562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18580468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1862703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1889843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\189421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1901171.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\190406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\201156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\202234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\207359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\222750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\226578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\238125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\250234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\252593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\256359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\270625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\307562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\358421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\426234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\464906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\490093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\491796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\492390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\516218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\518750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\519375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\522656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\528578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\541421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\559625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\560781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\561218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\563968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\590953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592343.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\614421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\617750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\618390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\624640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\625937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\626250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\660421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\669109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\670953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\675875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\706359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\707265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\730390.exe
d:\documents and settings\Petr\Data aplikací\drivers\winupgro.exe
d:\documents and settings\Petr\Data aplikací\m\shared
d:\documents and settings\Petr\Data aplikací\m\shared\Adobe icons collection.zip
d:\documents and settings\Petr\Data aplikací\m\shared\ArcSoft_Scrapbook_Creator_Memories_Edition_1.0.9.9_(Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Art_of_Titian_1.0_[With_Crack].zip
d:\documents and settings\Petr\Data aplikací\m\shared\Arty_Flash_Player_1.23.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Astral_II_2.0.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Atrise PHP Script Debugger 3.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\AWS Docket 3.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Brain Workshop 2.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CD-Tag 2.26.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CDEdit 1.1.46.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DBtree 0.8.3 Beta.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Direct Access 1.6.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DirSize 4.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DJ Flanger 1438.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Dune and Desert Screen Saver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easter Eggs - Animated Wallpaper 5.07.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Eastsea_Outlook_Express_Backup_1.50.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy Email Encryption 6.17.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy_Banner_Creator_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Flash Screensaver Maker Simple Version 3.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashCapture_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashPPT_4.0.czip
d:\documents and settings\Petr\Data aplikací\m\shared\Folder-Snap 1.4.1.105.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FtpVC_2.4_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\generateAfeed_dB_-_PHP_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Get_My_Files_Back_5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\How_To_Survive_A_Power_Outage_While_Writing_1.0_(Key).zip
d:\documents and settings\Petr\Data aplikací\m\shared\CHEAPSKATE 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Image2Html 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Jalmus 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript Obfuscator 3.0.5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript_Outline_Builder_1.0_Serial.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Job Search Tracker 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft Suite Deluxe 2007 English - Portuguese 2.0.24.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Polish_1.1.17_(Cracked).zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_Spanish_-_Arabic_1.1.19.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Lotto PowerPlayer Pro 2009 6.7.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MAP-Blend 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Mars 3D ScreenSaver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Max Payne - Matrix II map.zip
d:\documents and settings\Petr\Data aplikací\m\shared\McAfee.Alert.Manager.v4.7.1-ROR.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MedInfoE_4.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MIDIFADE_1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\mjSQLDataScripter_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MySQL Data Access Components 5.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Native_American_Art_6.1_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Networker IM 3.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\NOD32.Antivirus.System.v2.51.8.Administrator.Edition.Win2K.NT.XP.2K3.Retail.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Okoker_Free_DVD_Burner_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\oogalleryimport 0.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PanelBar Studio 4.0.92.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PDF_to_Text_Converter_2.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PowerFolder 3.0.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SATextureLab 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SaxLab 1.4.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Smart Color Pick'n'Capture 1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SmileCamFX_1.0_(Serial).zip
d:\documents and settings\Petr\Data aplikací\m\shared\SpiceCharts 3D Pie Chart 1.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Spot_Shop_Software_DESengine_Server_1.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\StayInformed 1.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tinynice_MP3Recorder_1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tipard DVD to iPhone Converter 3.2.38.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Token2 Plus 4.6 build 1421.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Universal_Internet_Dialer_2.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VBScript2Exe_1.4.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VisiPPT_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VitaMem Pro 2.2.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wallpaper_Photo_Show_1.1_(With_Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\WinCalendar 2.57.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wine_Chronicle_1.1.zip
d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\ban_list.txt
d:\windows\system32\ieuinit.inf
d:\windows\system32\mdelk.exe
d:\windows\system32\srosa2.sys
d:\windows\system32\wfsintwq.sys
d:\windows\system32\Winacprd0.dll
d:\windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
((((((((((((((((((((((((( Soubory vytvořené od 2009-10-12 do 2009-11-12 )))))))))))))))))))))))))))))))
.
2009-11-12 12:49 . 2009-11-12 12:53 -------- d-----w- D:\OpravTo
2009-11-12 12:42 . 2009-11-12 12:42 -------- d-----w- D:\FixMePlease
2009-11-12 09:45 . 2009-11-12 09:45 53136 ----a-w- d:\windows\system32\PxSecure.dll
2009-11-12 09:45 . 2009-11-12 09:45 46768 ----a-w- d:\windows\system32\drivers\pxrts.sys
2009-11-12 09:45 . 2009-11-12 09:45 30280 ----a-w- d:\windows\system32\drivers\pxscan.sys
2009-11-12 09:45 . 2009-11-12 09:45 24368 ----a-w- d:\windows\system32\drivers\pxkbf.sys
2009-11-12 09:44 . 2009-11-12 09:45 -------- d-----w- d:\program files\Prevx
2009-11-12 09:35 . 2009-11-12 09:35 -------- d-----w- d:\program files\Naevius USB Antivirus
2009-11-12 02:16 . 2001-10-24 11:24 66048 -c--a-w- d:\windows\system32\dllcache\s3legacy.dll
2009-11-12 02:16 . 2009-08-04 20:59 2191360 ----a-w- d:\windows\system32\dllcache\ntoskrnl.exe
2009-11-12 02:16 . 2003-04-14 18:48 212992 ----a-w- d:\windows\system32\dllcache\fpmmcsat.dll
2009-11-11 00:10 . 2009-11-11 00:10 -------- d-----w- d:\program files\Common Files\McNeel Shared
2009-11-11 00:09 . 2009-11-11 00:10 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Viewer
2009-11-10 22:56 . 2009-11-10 23:03 -------- d-----w- d:\program files\PDMWorks2005
2009-11-10 22:54 . 2009-11-11 00:03 -------- d-----w- d:\program files\Common Files\eDrawings2005
2009-11-10 22:52 . 2004-05-10 13:19 639052 ----a-w- d:\windows\system32\BBPDFPortMon.dll
2009-11-10 22:50 . 2009-11-10 22:56 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2009-11-10 22:50 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 22:50 -------- d-----w- d:\program files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 23:01 -------- d-----w- d:\program files\SolidWorks
2009-11-10 22:48 . 2009-11-10 22:48 -------- d-----w- d:\program files\Common Files\Solidworks Data
2009-11-10 22:22 . 2009-11-12 13:15 -------- d-----w- D:\Flexlm
2009-11-09 15:50 . 2009-02-24 17:42 116736 ----a-w- d:\windows\system32\drivers\mcdbus.sys
2009-11-09 15:50 . 2009-11-09 15:50 -------- d-----w- d:\program files\MagicDisc
2009-11-08 19:32 . 2003-11-13 11:13 118784 ----a-w- d:\windows\system32\XMUpload.dll
2009-11-08 19:32 . 2003-10-17 13:03 876544 ----a-w- d:\windows\system32\XaraDocG.dll
2009-11-08 19:32 . 2003-10-17 13:03 126976 ----a-w- d:\windows\system32\TemplMan.dll
2009-11-08 19:32 . 2003-10-14 14:49 253952 ----a-w- d:\windows\system32\TemplOp.dll
2009-11-08 19:32 . 2003-10-06 13:45 23552 ----a-w- d:\windows\system32\XFontMan.dll
2009-11-08 19:32 . 2003-10-01 13:49 131072 ----a-w- d:\windows\system32\BmpImporter.dll
2009-11-08 19:32 . 2003-05-19 15:18 86016 ----a-w- d:\windows\system32\BinCoder.dll
2009-11-08 14:31 . 2009-11-08 14:31 -------- d-----w- d:\windows\SolidWorks
2009-11-07 18:10 . 2009-11-07 18:31 -------- d-----w- d:\program files\iTV
2009-10-30 23:58 . 2009-11-05 10:32 -------- d-----w- D:\totalcmd
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\UC.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\RAR.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKUNZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\NOCLOSE.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\LHA.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\ARJ.PIF
2009-10-29 20:03 . 2009-10-29 20:03 -------- d-----w- d:\program files\Smart Projects
2009-10-29 10:05 . 2003-03-19 11:44 45056 ----a-w- d:\windows\system32\MFC71CHT.DLL
2009-10-29 10:02 . 2008-04-13 19:46 15232 -c--a-w- d:\windows\system32\dllcache\mpe.sys
2009-10-29 10:02 . 2008-04-13 19:46 15232 ----a-w- d:\windows\system32\drivers\MPE.sys
2009-10-29 10:01 . 2007-02-26 10:40 7107 ----a-w- d:\windows\system32\drivers\EC168BDA.bin
2009-10-29 10:01 . 2006-12-12 16:56 104 ----a-w- d:\windows\system32\drivers\EC168Hid.dat
2009-10-29 10:01 . 2006-07-31 03:56 4096 ----a-w- d:\windows\system32\HUCoInstaller.dll
2009-10-29 10:01 . 2007-05-18 12:18 67968 ----a-w- d:\windows\system32\drivers\EC168BDA.sys
2009-10-29 10:01 . 2004-07-09 03:26 354816 -c--a-w- d:\windows\system32\dllcache\psisdecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 354816 ----a-w- d:\windows\system32\PsisDecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 11392 -c--a-w- d:\windows\system32\dllcache\bdasup.sys
2009-10-29 10:01 . 2004-07-09 03:26 11392 ----a-w- d:\windows\system32\drivers\BdaSup.sys
2009-10-28 23:23 . 2009-10-28 23:26 -------- d-----w- d:\windows\system32\NtmsData
2009-10-28 22:47 . 2009-10-28 22:47 -------- d-----w- d:\program files\Western Digital Technologies
2009-10-28 22:46 . 2009-10-28 22:46 -------- d-----w- d:\program files\Western Digital Corporation
2009-10-28 22:35 . 2009-10-28 22:36 -------- d-----w- D:\b90451c29ad1fe142890
2009-10-28 21:07 . 2009-02-13 11:02 11520 ----a-w- d:\windows\system32\drivers\wdcsam.sys
2009-10-28 21:07 . 2009-10-28 22:00 -------- d-----w- d:\program files\Western Digital
2009-10-27 00:49 . 2009-10-27 00:49 -------- d-----w- d:\program files\Core Services
2009-10-23 19:30 . 2009-10-23 20:23 -------- d-----w- d:\program files\Opti Drive Control
2009-10-23 19:12 . 2009-10-23 19:14 -------- d-----w- d:\program files\Philips Intelligent Agent
2009-10-20 11:27 . 2009-10-20 11:27 -------- d-----w- d:\windows\system32\Adobe
2009-10-20 11:25 . 2009-10-20 11:25 -------- d-----w- d:\documents and settings\Petr\.HenselEnyGuide
2009-10-13 23:37 . 2009-10-13 23:37 -------- d-----w- d:\windows\system32\wbem\Repository
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 13:17 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-11-03 22:52 . 2009-09-11 21:47 -------- d-----w- d:\program files\Java
2009-11-01 22:23 . 2009-10-03 09:07 -------- d-----w- d:\program files\Common Files\Adobe
2009-10-29 10:05 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-10-26 00:18 . 2009-09-11 20:52 -------- d-----w- d:\program files\AutoCAD 2009
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-10-22 18:50 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-10-15 15:36 . 2009-09-11 22:47 -------- d-----w- d:\program files\Foxit Software
2009-10-12 22:33 . 2009-10-12 22:33 -------- d-----w- d:\program files\FLV Player
2009-10-11 19:04 . 2009-10-11 19:03 -------- d-----w- d:\program files\DWG TrueView 2010
2009-10-11 19:04 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2009-10-11 03:17 . 2009-09-11 21:48 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-10-07 19:48 . 2009-10-07 19:48 -------- d-----w- d:\program files\Common Files\ABBYY
2009-10-03 09:20 . 2009-10-03 09:20 -------- d-----w- d:\program files\QuickTime
2009-10-03 09:18 . 2009-10-03 09:18 -------- d-----w- d:\program files\Bonjour
2009-10-03 09:10 . 2009-10-03 09:10 -------- d-----w- d:\program files\Common Files\Macrovision Shared
2009-10-01 22:03 . 2009-10-01 22:03 -------- d-----w- d:\program files\Common Files\Windows Live
2009-09-28 19:57 . 2009-10-10 00:15 7168 ----a-w- d:\windows\system32\drivers\StarOpen.sys
2009-09-27 05:38 . 2009-09-27 05:38 -------- d-----w- d:\program files\ESTsoft
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
2009-09-26 20:48 . 2009-09-26 20:48 -------- d-----w- d:\program files\LizardTech
2009-09-26 20:41 . 2009-09-26 20:41 160323 ----a-w- d:\windows\Sqirlz Morph Uninstaller.exe
2009-09-26 18:15 . 2009-09-26 18:15 -------- d-----w- d:\program files\MSXML 4.0
2009-09-26 00:00 . 2009-09-25 23:59 -------- d-----w- d:\program files\Common Files\Xara
2009-09-25 19:02 . 2009-09-11 21:33 -------- d-----w- d:\program files\Mozilla Sunbird
2009-09-25 05:37 . 2006-03-02 12:00 1510400 ----a-w- d:\windows\system32\shdocvw(2).dll
2009-09-24 10:55 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-09-23 20:57 . 2009-09-23 20:57 45 ---h--w- d:\windows\dsez8403.dat
2009-09-23 16:32 . 2009-09-23 16:32 -------- d-----w- d:\program files\CAM Development
2009-09-23 09:26 . 2009-09-23 09:26 -------- d-----w- d:\program files\Toshiba
2009-09-22 22:26 . 2009-09-22 22:26 721904 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-09-20 22:04 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-09-20 21:43 . 2009-09-20 21:43 23600 ----a-w- d:\windows\system32\drivers\TVICHW32.SYS
2009-09-19 16:13 . 2009-09-19 16:13 -------- d-----w- d:\program files\Windows Media Connect 2
2009-09-18 21:15 . 2009-09-18 21:15 -------- d-----w- d:\program files\eXaNetworks Setup Files
2009-09-18 14:30 . 2009-09-12 17:22 -------- d-----w- d:\program files\PROFIT
2009-09-18 11:05 . 2009-09-07 21:04 179792 ----a-w- d:\windows\system32\guard32.dll
2009-09-16 23:50 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\Nokia
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-09-16 23:17 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\PCSuite
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\PC Connectivity Solution
2009-09-16 20:04 . 2009-09-16 20:04 -------- d-----w- d:\program files\SunnyDesign
2009-09-16 20:02 . 2009-09-16 20:02 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-09-12 22:09 . 2009-09-12 22:07 19496 ----a-w- d:\windows\hpqins13.dat
2009-09-11 22:44 . 2009-09-11 22:44 45056 ----a-w- d:\windows\NCUNINST.EXE
2009-09-11 20:21 . 2009-09-11 20:18 674 ----a-w- d:\windows\PowerReg.dat
2009-09-11 14:19 . 2006-03-02 12:00 136192 ----a-w- d:\windows\system32\msv1_0.dll
2009-09-11 14:18 . 2009-09-11 14:18 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-09-07 20:45 . 2009-09-07 20:45 0 ----a-w- d:\windows\nsreg.dat
2009-09-07 20:33 . 2009-09-07 20:33 21275 ----a-w- d:\windows\system32\drivers\AegisP.sys
2009-09-07 20:23 . 2009-09-07 20:23 315392 ----a-w- d:\windows\HideWin.exe
2009-09-07 20:18 . 2009-09-07 19:27 76487 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-07 20:18 . 2009-09-07 19:27 2684 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-07 20:15 . 2009-09-07 19:27 8972 ----a-w- d:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-07 19:25 . 2009-09-07 19:25 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2009-09-04 21:05 . 2006-03-02 12:00 58880 ----a-w- d:\windows\system32\msasn1.dll
2009-08-26 08:02 . 2006-03-02 12:00 247326 ----a-w- d:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- d:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2009-09-11 19:15 1279456 ----a-w- d:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-09-11 19:15 93392 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-08-17 16:02 . 2009-09-11 19:15 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-08-14 15:15 . 2006-03-02 12:00 1850624 ----a-w- d:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
"Philips Intelligent Agent"="d:\program files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 613792]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
"flec003.exe"="d:\documents and settings\Petr\Data aplikací\hidires\flec003.exe" [2009-11-12 2557956]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-12 81000]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2009-11-12 1799952]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RTHDCPL"="RTHDCPL.EXE" - d:\windows\RTHDCPL.exe [2008-03-26 16859136]
"BluetoothAuthenticationAgent"="bthprops.cpl" - d:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\Program Files\\Philips Intelligent Agent\\Philips Intelligent Agent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\m\\flec006.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\hidires\\flec003.exe"=
R0 pxscan;pxscan;d:\windows\system32\drivers\pxscan.sys [12.11.2009 10:45 30280]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 pxrts;pxrts;d:\windows\system32\drivers\pxrts.sys [12.11.2009 10:45 46768]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 14:31 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 9:58 20480]
R3 pxkbf;pxkbf;d:\windows\system32\drivers\pxkbf.sys [12.11.2009 10:45 24368]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S1 aswSP;avast! Self Protection; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\DRIVERS\cmdguard.sys --> d:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\DRIVERS\cmdhlp.sys --> d:\windows\system32\DRIVERS\cmdhlp.sys [?]
S2 aswFsBlk;aswFsBlk;d:\windows\system32\DRIVERS\aswFsBlk.sys --> d:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 CSIScanner;CSIScanner;d:\program files\Prevx\prevx.exe [12.11.2009 10:45 6210488]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - MBR
*Deregistered* - mbr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {589F60BC-2712-FB88-7CF0-BE9E09DDD892} /qb
.
Obsah adresáře 'Naplánované úlohy'
2009-11-12 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-12 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-11 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]
2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firetray@radicalsoft.com\components\firetray.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-StartCCC - d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
HKLM-Run-usbantivirus - d:\program files\Naevius USB Antivirus\usbantivirus.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 14:16
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjh.sys >>UNKNOWN [0x8DFCE938]<<
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
atapi.sys @ 0x0 0x0 bytes
\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xBA621B40 atapi.sys
\Driver\atapi IRP hooks detected !
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(792)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3528)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\windows\system32\wscntfy.exe
d:\windows\system32\rundll32.exe
d:\program files\Skype\Phone\Skype.exe
d:\windows\ATK0100\ATKOSD.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
d:\totalcmd\TotalCmd.exe
d:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
994
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Ještě dočistíme. Přesuňte ComoboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
d:\documents and settings\Petr\Data aplikací\hidires\flec003.exe
d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe
d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe
Driver::
UDGY
WXXLRUX
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flec003.exe"=-
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Udělal jsem obnovení zpátky o měsíc a pak projel Combem. Tohle je poslední výpis. Teď ještě projedu podle rady. Ztím díky 
ComboFix 10-01-19.03 - Petr 25.01.2010 20:34:47.14.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.
2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 20:46
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 20:53:21
ComboFix-quarantined-files.txt 2010-01-25 19:53
ComboFix2.txt 2010-01-25 18:36
ComboFix3.txt 2010-01-24 22:04
ComboFix4.txt 2010-01-24 11:57
ComboFix5.txt 2010-01-25 19:33
Před spuštěním: Volných bajtů: 48 610 947 072
Po spuštění: Volných bajtů: 48 550 477 824
Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - CFE4CA6BB3FDFC44A5B4CAADDFDDEC91
ComboFix 10-01-19.03 - Petr 25.01.2010 20:34:47.14.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.
2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 20:46
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 20:53:21
ComboFix-quarantined-files.txt 2010-01-25 19:53
ComboFix2.txt 2010-01-25 18:36
ComboFix3.txt 2010-01-24 22:04
ComboFix4.txt 2010-01-24 11:57
ComboFix5.txt 2010-01-25 19:33
Před spuštěním: Volných bajtů: 48 610 947 072
Po spuštění: Volných bajtů: 48 550 477 824
Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - CFE4CA6BB3FDFC44A5B4CAADDFDDEC91
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Spusťte CF ještě jednou tímto skriptem:
Collect::
d:\windows\system32\41011.sys
d:\windows\system32\drivers\yxfkfarcdpjo.sys
Driver::
yxfkfarcdpjo
41011
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Tak tohle je report po první opravě... teď jdu na druhou:
ComboFix 10-01-19.03 - Petr 25.01.2010 21:07:59.15.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1217 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Petr\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.
2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 21:17
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
- - - - - - - > 'explorer.exe'(892)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 21:22:53
ComboFix-quarantined-files.txt 2010-01-25 20:22
ComboFix2.txt 2010-01-25 19:53
ComboFix3.txt 2010-01-25 18:36
ComboFix4.txt 2010-01-24 22:04
ComboFix5.txt 2010-01-25 20:05
ComboFix6.txt 2010-01-25 19:54
Před spuštěním: Volných bajtů: 48 574 246 912
Po spuštění: Volných bajtů: 48 540 811 264
Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - BBEA40A61E29D95B994A5340CAE2C37F
ComboFix 10-01-19.03 - Petr 25.01.2010 21:07:59.15.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1217 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Petr\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.
2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.
((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 21:17
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
- - - - - - - > 'explorer.exe'(892)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 21:22:53
ComboFix-quarantined-files.txt 2010-01-25 20:22
ComboFix2.txt 2010-01-25 19:53
ComboFix3.txt 2010-01-25 18:36
ComboFix4.txt 2010-01-24 22:04
ComboFix5.txt 2010-01-25 20:05
ComboFix6.txt 2010-01-25 19:54
Před spuštěním: Volných bajtů: 48 574 246 912
Po spuštění: Volných bajtů: 48 540 811 264
Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - BBEA40A61E29D95B994A5340CAE2C37F
-
Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný ntb, zamrzá, nabíhá pomalu
Zkuste to ještě jednou, ale v nouz. režimu. Položky nebyly smazány.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?