V taskmgr výkon procesoru stále mezi 60-70 procenty
Napsal: 24 úno 2010 14:23
Dobrý den,
v taskmgr mi stále ukazuje zátěž procesoru 60-70 procent. Přitom v běžících procesech žádný proces výkon nežere.
Logy RSIT + Cfix:
Prosím help! Díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pavla at 2010-02-24 14:17:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 1535 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:20, on 24.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Pavla\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Pavla.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FunWebProducts; GTB6.3; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.miniclip.com/games/creepy-pong/en/"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration TMNT.LNK = C:\Program Files\Ubisoft\TMNT\Registration\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 6560374296
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\WINDOWS\system32\psrem02.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 0: (no name) - http://www.herna.biz/pics/green/bg.gif
--
End of file - 7437 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{C0CE4E7E-3BD3-4448-AF19-1973A59CA202}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-02-23 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-06 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-01-08 77824]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-22 68856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-09-03 3342336]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pavla^Nabídka Start^Programy^Po spuštění^Registration Heroes of Might & Magic 5 - Tribes of the East.LNK]
C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\registration\RegistrationReminder.exe -d 804048 -l czech -r 7 -g Heroes of Might & Magic 5 - Tribes of the East -c us -i 2579 []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění
Registration TMNT.LNK - C:\Program Files\Ubisoft\TMNT\Registration\RegistrationReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-24 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-02-23 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-02-14 567016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Sun Age\SunAge.exe"="C:\Program Files\Sun Age\SunAge.exe:*:Enabled:SunAge"
"C:\Program Files\Microsoft Games\Rise Of Legends\legends.exe"="C:\Program Files\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe"="C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe"="C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\Codemasters\Overlord II\Overlord2.exe"="C:\Program Files\Codemasters\Overlord II\Overlord2.exe:*:Enabled:Overlord II"
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE"="C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Enabled:Age of Empires II"
"C:\Program Files\Team17 Software Ltd\WormsForts\wf.exe"="C:\Program Files\Team17 Software Ltd\WormsForts\wf.exe:*:Enabled:wf"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Program Files\Ground Control II\gcii.exe"="C:\Program Files\Ground Control II\gcii.exe:*:Enabled:Ground Control II"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-24 14:17:16 ----D---- C:\rsit
2010-02-24 14:06:36 ----SHD---- C:\RECYCLER
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-24 13:59:23 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-24 13:59:22 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-24 13:59:19 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\system32\T.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\REGEDIT.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\R.COM
2010-02-24 13:59:17 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-24 13:59:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-24 13:51:50 ----A---- C:\WINDOWS\system32\nvuide.exe
2010-02-24 13:51:25 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-02-24 13:51:22 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-02-24 13:51:22 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-24 13:51:16 ----A---- C:\WINDOWS\system32\nvugart.exe
2010-02-24 13:29:29 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-24 13:27:48 ----D---- C:\WINDOWS\temp
2010-02-24 13:27:45 ----A---- C:\ComboFix.txt
2010-02-24 12:06:20 ----D---- C:\Program Files\Trend Micro
2010-02-23 13:50:50 ----D---- C:\Program Files\CCleaner
2010-02-23 12:55:18 ----D---- C:\$AVG
2010-02-23 12:54:59 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-02-23 12:54:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-02-23 12:53:21 ----D---- C:\Program Files\AVG
2010-02-23 12:53:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-02-23 11:35:44 ----A---- C:\WINDOWS\zip.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWSC.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWREG.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\sed.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\PEV.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\MBR.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\grep.exe
2010-02-23 11:35:33 ----D---- C:\WINDOWS\ERDNT
2010-02-23 11:35:22 ----D---- C:\Qoobox
2010-02-17 20:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-17 19:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-17 19:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-17 19:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-17 19:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-17 19:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-17 19:53:22 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-04 22:55:53 ----D---- C:\WINDOWS\Prefetch
2010-02-04 22:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-04 22:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-02-04 22:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-04 22:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-04 22:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-04 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2010-02-04 22:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-04 22:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-04 22:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-04 22:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2010-02-04 22:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2010-02-04 22:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-04 22:27:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-04 22:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-04 22:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-04 22:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-02-04 22:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2010-02-04 22:16:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-04 22:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-04 22:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-04 22:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-04 22:07:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-04 22:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-04 22:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-02-04 22:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-04 22:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-04 22:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-04 21:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-04 21:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-04 21:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-04 21:53:12 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-02-04 21:50:39 ----A---- C:\WINDOWS\000001_.tmp
2010-02-04 21:05:23 ----D---- C:\Program Files\AMD
2010-02-04 20:56:11 ----D---- C:\NV248180.TMP
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\nvconrm.dll
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\fdco1.dll
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\bdco1.dll
2010-02-04 20:46:46 ----A---- C:\WINDOWS\system32\NVCOG.DLL
2010-01-27 15:48:29 ----D---- C:\Documents and Settings\Pavla\Data aplikací\Activision
2010-01-27 15:16:33 ----D---- C:\Program Files\Activision
2010-01-26 21:09:28 ----A---- C:\WINDOWS\msicpl.ini
2010-01-26 19:34:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-01-26 19:04:40 ----D---- C:\Documents and Settings\Pavla\Data aplikací\Download Manager
2010-01-26 18:32:46 ----D---- C:\Documents and Settings\Pavla\Data aplikací\ATI
2010-01-26 18:27:15 ----D---- C:\Program Files\ATI Technologies
2010-01-26 18:27:12 ----D---- C:\Program Files\ATI
2010-01-26 18:25:42 ----D---- C:\ATI
======List of files/folders modified in the last 1 months======
2010-02-24 14:07:43 ----D---- C:\WINDOWS
2010-02-24 14:02:50 ----D---- C:\WINDOWS\system32
2010-02-24 13:59:24 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-24 13:59:17 ----D---- C:\Program Files\Common Files
2010-02-24 13:55:45 ----D---- C:\WINDOWS\system32\drivers
2010-02-24 13:55:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-24 13:54:22 ----HD---- C:\WINDOWS\inf
2010-02-24 13:52:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-24 13:51:42 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-24 13:29:50 ----D---- C:\Documents and Settings
2010-02-24 13:22:47 ----A---- C:\WINDOWS\system.ini
2010-02-24 13:16:57 ----D---- C:\WINDOWS\AppPatch
2010-02-24 13:06:07 ----SHD---- C:\WINDOWS\Installer
2010-02-24 13:06:07 ----D---- C:\Config.Msi
2010-02-24 13:06:06 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-02-24 13:04:29 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-24 13:04:22 ----RD---- C:\Program Files
2010-02-24 12:57:34 ----SH---- C:\boot.ini
2010-02-24 12:57:34 ----A---- C:\WINDOWS\win.ini
2010-02-24 12:57:32 ----D---- C:\WINDOWS\pss
2010-02-23 14:07:21 ----D---- C:\Install
2010-02-23 13:51:22 ----D---- C:\WINDOWS\Debug
2010-02-23 13:51:21 ----D---- C:\WINDOWS\Minidump
2010-02-23 11:24:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-17 20:00:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-04 22:54:36 ----D---- C:\WINDOWS\security
2010-02-04 21:59:24 ----D---- C:\Program Files\Messenger
2010-02-04 21:53:16 ----D---- C:\WINDOWS\Help
2010-02-04 21:53:03 ----D---- C:\WINDOWS\system32\oobe
2010-02-04 21:50:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-04 21:50:01 ----D---- C:\WINDOWS\EHome
2010-02-04 21:02:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-04 20:13:32 ----D---- C:\NVIDIA
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-29 13:09:56 ----D---- C:\WINDOWS\system32\DirectX
2010-01-29 13:09:56 ----D---- C:\Program Files\SEGA
2010-01-29 13:09:23 ----RSD---- C:\WINDOWS\assembly
2010-01-27 15:12:27 ----A---- C:\WINDOWS\BlendSettings.ini
2010-01-26 19:31:35 ----D---- C:\Program Files\Internet Explorer
2010-01-26 19:31:08 ----D---- C:\WINDOWS\ie8updates
2010-01-26 19:28:31 ----D---- C:\WINDOWS\WinSxS
2010-01-26 19:04:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-26 18:32:47 ----D---- C:\WINDOWS\system32\config
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-02-23 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-02-23 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-02-23 360584]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-25 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-25 25416]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 catchme;catchme; \??\C:\DOCUME~1\Pavla\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USB_RNDIS;Texas Instruments AR7D01 DSL Router; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-24 581632]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-02-23 285392]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-06 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\WINDOWS\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-06 360192]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-10 483328]
S3 WmcCdsLs;Podpora programu Windows Media Connect (WMC); C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
ComboFix 10-02-23.04 - Pavla 24.02.2010 13:11:09.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1535.1047 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pavla\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-24 do 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-24 11:06 . 2010-02-24 11:06 -------- d-----w- c:\program files\Trend Micro
2010-02-23 12:50 . 2010-02-23 12:50 -------- d-----w- c:\program files\CCleaner
2010-02-23 11:55 . 2010-02-24 10:16 -------- d-----w- C:\$AVG
2010-02-23 11:54 . 2010-02-23 11:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-23 11:54 . 2010-02-23 11:54 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-23 11:54 . 2010-02-23 11:54 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-23 11:54 . 2010-02-23 11:54 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-23 11:54 . 2010-02-24 06:00 -------- d-----w- c:\windows\system32\drivers\Avg
2010-02-23 11:53 . 2010-02-23 11:53 -------- d-----w- c:\program files\AVG
2010-02-23 10:23 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-23 10:23 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-23 10:23 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-02-23 10:23 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-04 20:53 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-04 20:05 . 2010-02-04 20:05 -------- d-----w- c:\program files\AMD
2010-02-04 19:56 . 2010-02-04 19:56 -------- d-----w- C:\NV248180.TMP
2010-02-04 19:47 . 2004-05-17 13:00 56960 ------w- c:\windows\system32\drivers\nvnrm.sys
2010-02-04 19:47 . 2004-05-17 13:00 191232 ------w- c:\windows\system32\drivers\nvsnpu.sys
2010-02-04 19:47 . 2004-05-17 13:00 12928 ------w- c:\windows\system32\drivers\nvnetbus.sys
2010-02-04 19:47 . 2004-05-17 13:00 33280 ------w- c:\windows\system32\drivers\NVENETFD.sys
2010-02-04 19:47 . 2004-05-17 12:49 198656 ------w- c:\windows\system32\fdco1.dll
2010-02-04 19:47 . 2004-05-17 12:48 8192 ------w- c:\windows\system32\bdco1.dll
2010-02-04 19:47 . 2004-05-10 07:53 32256 ------w- c:\windows\system32\nvconrm.dll
2010-01-27 14:16 . 2010-01-27 14:16 -------- d-----w- c:\program files\Activision
2010-01-26 18:33 . 2010-01-26 18:33 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-26 18:09 . 2006-06-14 12:44 12288 ----a-r- c:\windows\system32\drivers\EIO_XP.sys
2010-01-26 17:45 . 2010-02-04 20:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-26 17:27 . 2010-02-04 18:17 -------- d-----w- c:\program files\ATI Technologies
2010-01-26 17:27 . 2010-02-23 12:48 -------- d-----w- c:\program files\ATI
2010-01-26 17:25 . 2010-01-26 17:25 -------- d-----w- C:\ATI
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 12:06 . 2005-04-12 10:55 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-24 12:04 . 2005-01-24 09:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-04 20:02 . 2004-08-18 12:00 83562 ----a-w- c:\windows\system32\perfc005.dat
2010-02-04 20:02 . 2004-08-18 12:00 440812 ----a-w- c:\windows\system32\perfh005.dat
2010-01-29 12:09 . 2009-06-26 16:23 -------- d-----w- c:\program files\SEGA
2010-01-14 19:16 . 2010-01-14 19:16 -------- d-----w- c:\program files\Rockstar Games
2010-01-14 19:15 . 2007-10-22 14:05 -------- d-----w- c:\program files\Ubisoft
2010-01-08 08:36 . 2006-12-24 21:16 -------- d-----w- c:\program files\Microsoft Games
2010-01-05 16:09 . 2007-03-17 12:12 -------- d-----w- c:\program files\Team17
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2005-01-24 09:32 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-11 20:45 . 2009-05-15 20:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-12-11 20:44 . 2009-05-15 20:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-12-11 20:43 . 2009-05-15 20:33 3620864 ----a-w- c:\windows\system32\aticaldd.dll
2009-12-11 19:50 . 2009-05-15 21:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2009-12-04 18:22 . 2004-08-18 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-23_10.58.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\ARPPRODUCTICON.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 718336 c:\windows\Installer\78d878.msi
+ 2010-02-23 12:35 . 2010-02-23 12:35 238223 c:\windows\Installer\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}\ARPPRODUCTICON.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 1597440 c:\windows\Installer\78d86e.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-22 68856]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-12-31 306088]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 67584]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-01-08 77824]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-11-10 176128]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2005-9-14 73728]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2007-1-16 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-23 11:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^Pavla^Nabídka Start^Programy^Po spuštění^Registration Heroes of Might & Magic 5 - Tribes of the East.LNK]
path=c:\documents and settings\Pavla\Nabídka Start\Programy\Po spuštění\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK
backup=c:\windows\pss\Registration Heroes of Might & Magic 5 - Tribes of the East.LNKStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\base\\bin\\Settlers6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Sun Age\\SunAge.exe"=
"c:\\Program Files\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
"c:\\Program Files\\Codemasters\\Overlord II\\Overlord2.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"c:\\Program Files\\Team17 Software Ltd\\WormsForts\\wf.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Ground Control II\\gcii.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Activision\\Transformers - Revenge of the Fallen\\Transformers2.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [11.9.2006 13:01 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [3.11.2006 9:24 61312]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.2.2010 12:54 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.2.2010 12:54 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [23.2.2010 12:53 285392]
S2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc --> c:\windows\system32\psrem02.exe svc [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-02-24 c:\windows\Tasks\User_Feed_Synchronization-{C0CE4E7E-3BD3-4448-AF19-1973A59CA202}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-24 13:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys >>UNKNOWN [0x8A25B948]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7f7fcb8
\Driver\atapi -> atapi.sys @ 0xb7f24852
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c2,e2,13,7b,74,d8,f6,be,02,27,8a,57,94,eb,f1,14,7b,2d,0b,a7,b7,c4,ea,
4d,ef,ea,46,bf,d7,6b,d4,6b,5c,66,74,c3,6a,a6,6b,b4,bf,a2,17,fb,25,84,ad,38,\
"??"=hex:d8,9f,bf,d3,46,76,6e,b8,10,36,3e,e1,ad,9e,71,17
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:e4,29,3d,ed,44,0d,dc,0c,fc,79,ef,34,3d,bb,1b,99,c8,c9,34,ab,c4,
bb,d2,2c,74,fb,5f,75,94,4e,57,0c,0a,a6,34,9c,9f,7b,a0,85,e3,a9,6b,a1,b6,af,\
"rkeysecu"=hex:e8,1b,41,bc,f3,09,87,fa,47,22,3e,13,83,18,9e,6f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2140)
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-02-24 13:27:43
ComboFix-quarantined-files.txt 2010-02-24 12:27
ComboFix2.txt 2010-02-24 11:49
ComboFix3.txt 2010-02-23 11:02
Před spuštěním: Volných bajtů: 18 387 660 800
Po spuštění: Volných bajtů: 18 375 491 584
- - End Of File - - 06003A96231A32AC2607A7C19CB04BEC
v taskmgr mi stále ukazuje zátěž procesoru 60-70 procent. Přitom v běžících procesech žádný proces výkon nežere.
Logy RSIT + Cfix:
Prosím help! Díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pavla at 2010-02-24 14:17:16
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 1535 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17:20, on 24.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Pavla\Dokumenty\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Pavla.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; FunWebProducts; GTB6.3; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.miniclip.com/games/creepy-pong/en/"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Registration TMNT.LNK = C:\Program Files\Ubisoft\TMNT\Registration\RegistrationReminder.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 6560374296
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\WINDOWS\system32\psrem02.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O24 - Desktop Component 0: (no name) - http://www.herna.biz/pics/green/bg.gif
--
End of file - 7437 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\User_Feed_Synchronization-{C0CE4E7E-3BD3-4448-AF19-1973A59CA202}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-02-23 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-06 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-03 263280]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-01-08 77824]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-22 68856]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2009-09-03 3342336]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~2.EXE [2008-11-04 460216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Pavla^Nabídka Start^Programy^Po spuštění^Registration Heroes of Might & Magic 5 - Tribes of the East.LNK]
C:\Program Files\Ubisoft\Heroes of Might and Magic V - Tribes of the East\registration\RegistrationReminder.exe -d 804048 -l czech -r 7 -g Heroes of Might & Magic 5 - Tribes of the East -c us -i 2579 []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Image Transfer.lnk - C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Documents and Settings\Pavla\Nabídka Start\Programy\Po spuštění
Registration TMNT.LNK - C:\Program Files\Ubisoft\TMNT\Registration\RegistrationReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-09-24 143360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-02-23 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-02-14 567016]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\Sun Age\SunAge.exe"="C:\Program Files\Sun Age\SunAge.exe:*:Enabled:SunAge"
"C:\Program Files\Microsoft Games\Rise Of Legends\legends.exe"="C:\Program Files\Microsoft Games\Rise Of Legends\legends.exe:*:Enabled:Rise Of Legends"
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe"="C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe"="C:\Program Files\Deep Silver\Sacred 2 - Fallen Angel\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\Codemasters\Overlord II\Overlord2.exe"="C:\Program Files\Codemasters\Overlord II\Overlord2.exe:*:Enabled:Overlord II"
"C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe"="C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE"="C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.EXE:*:Enabled:Age of Empires II"
"C:\Program Files\Team17 Software Ltd\WormsForts\wf.exe"="C:\Program Files\Team17 Software Ltd\WormsForts\wf.exe:*:Enabled:wf"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Program Files\Ground Control II\gcii.exe"="C:\Program Files\Ground Control II\gcii.exe:*:Enabled:Ground Control II"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-02-24 14:17:16 ----D---- C:\rsit
2010-02-24 14:06:36 ----SHD---- C:\RECYCLER
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-24 14:02:50 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-24 13:59:23 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-24 13:59:22 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-24 13:59:19 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\system32\T.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\REGEDIT.COM
2010-02-24 13:59:19 ----A---- C:\WINDOWS\R.COM
2010-02-24 13:59:17 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-24 13:59:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-24 13:51:50 ----A---- C:\WINDOWS\system32\nvuide.exe
2010-02-24 13:51:25 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-02-24 13:51:22 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-02-24 13:51:22 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-24 13:51:16 ----A---- C:\WINDOWS\system32\nvugart.exe
2010-02-24 13:29:29 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-24 13:27:48 ----D---- C:\WINDOWS\temp
2010-02-24 13:27:45 ----A---- C:\ComboFix.txt
2010-02-24 12:06:20 ----D---- C:\Program Files\Trend Micro
2010-02-23 13:50:50 ----D---- C:\Program Files\CCleaner
2010-02-23 12:55:18 ----D---- C:\$AVG
2010-02-23 12:54:59 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-02-23 12:54:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
2010-02-23 12:53:21 ----D---- C:\Program Files\AVG
2010-02-23 12:53:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-02-23 11:35:44 ----A---- C:\WINDOWS\zip.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWSC.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\SWREG.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\sed.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\PEV.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\NIRCMD.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\MBR.exe
2010-02-23 11:35:44 ----A---- C:\WINDOWS\grep.exe
2010-02-23 11:35:33 ----D---- C:\WINDOWS\ERDNT
2010-02-23 11:35:22 ----D---- C:\Qoobox
2010-02-17 20:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-17 19:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-17 19:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-17 19:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-17 19:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-17 19:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-17 19:53:22 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-04 22:55:53 ----D---- C:\WINDOWS\Prefetch
2010-02-04 22:49:55 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-04 22:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-02-04 22:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-04 22:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-04 22:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-04 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2010-02-04 22:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-04 22:35:13 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-04 22:33:41 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-04 22:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2010-02-04 22:30:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2010-02-04 22:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-04 22:27:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-04 22:23:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-04 22:21:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-04 22:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-02-04 22:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2010-02-04 22:16:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-04 22:14:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-04 22:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-04 22:09:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-04 22:07:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-02-04 22:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-04 22:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-02-04 22:03:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-04 22:01:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-04 22:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-04 21:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-04 21:57:41 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-02-04 21:56:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-04 21:53:12 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-02-04 21:50:39 ----A---- C:\WINDOWS\000001_.tmp
2010-02-04 21:05:23 ----D---- C:\Program Files\AMD
2010-02-04 20:56:11 ----D---- C:\NV248180.TMP
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\nvconrm.dll
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\fdco1.dll
2010-02-04 20:47:02 ----A---- C:\WINDOWS\system32\bdco1.dll
2010-02-04 20:46:46 ----A---- C:\WINDOWS\system32\NVCOG.DLL
2010-01-27 15:48:29 ----D---- C:\Documents and Settings\Pavla\Data aplikací\Activision
2010-01-27 15:16:33 ----D---- C:\Program Files\Activision
2010-01-26 21:09:28 ----A---- C:\WINDOWS\msicpl.ini
2010-01-26 19:34:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-01-26 19:04:40 ----D---- C:\Documents and Settings\Pavla\Data aplikací\Download Manager
2010-01-26 18:32:46 ----D---- C:\Documents and Settings\Pavla\Data aplikací\ATI
2010-01-26 18:27:15 ----D---- C:\Program Files\ATI Technologies
2010-01-26 18:27:12 ----D---- C:\Program Files\ATI
2010-01-26 18:25:42 ----D---- C:\ATI
======List of files/folders modified in the last 1 months======
2010-02-24 14:07:43 ----D---- C:\WINDOWS
2010-02-24 14:02:50 ----D---- C:\WINDOWS\system32
2010-02-24 13:59:24 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-24 13:59:17 ----D---- C:\Program Files\Common Files
2010-02-24 13:55:45 ----D---- C:\WINDOWS\system32\drivers
2010-02-24 13:55:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-24 13:54:22 ----HD---- C:\WINDOWS\inf
2010-02-24 13:52:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-24 13:51:42 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-24 13:29:50 ----D---- C:\Documents and Settings
2010-02-24 13:22:47 ----A---- C:\WINDOWS\system.ini
2010-02-24 13:16:57 ----D---- C:\WINDOWS\AppPatch
2010-02-24 13:06:07 ----SHD---- C:\WINDOWS\Installer
2010-02-24 13:06:07 ----D---- C:\Config.Msi
2010-02-24 13:06:06 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-02-24 13:04:29 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-24 13:04:22 ----RD---- C:\Program Files
2010-02-24 12:57:34 ----SH---- C:\boot.ini
2010-02-24 12:57:34 ----A---- C:\WINDOWS\win.ini
2010-02-24 12:57:32 ----D---- C:\WINDOWS\pss
2010-02-23 14:07:21 ----D---- C:\Install
2010-02-23 13:51:22 ----D---- C:\WINDOWS\Debug
2010-02-23 13:51:21 ----D---- C:\WINDOWS\Minidump
2010-02-23 11:24:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-17 20:00:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-04 22:54:36 ----D---- C:\WINDOWS\security
2010-02-04 21:59:24 ----D---- C:\Program Files\Messenger
2010-02-04 21:53:16 ----D---- C:\WINDOWS\Help
2010-02-04 21:53:03 ----D---- C:\WINDOWS\system32\oobe
2010-02-04 21:50:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-04 21:50:01 ----D---- C:\WINDOWS\EHome
2010-02-04 21:02:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-04 20:13:32 ----D---- C:\NVIDIA
2010-02-01 20:26:20 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-29 13:09:56 ----D---- C:\WINDOWS\system32\DirectX
2010-01-29 13:09:56 ----D---- C:\Program Files\SEGA
2010-01-29 13:09:23 ----RSD---- C:\WINDOWS\assembly
2010-01-27 15:12:27 ----A---- C:\WINDOWS\BlendSettings.ini
2010-01-26 19:31:35 ----D---- C:\Program Files\Internet Explorer
2010-01-26 19:31:08 ----D---- C:\WINDOWS\ie8updates
2010-01-26 19:28:31 ----D---- C:\WINDOWS\WinSxS
2010-01-26 19:04:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-26 18:32:47 ----D---- C:\WINDOWS\system32\config
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-02-23 333192]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-02-23 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-02-23 360584]
R1 EIO_XP;EIO_XP; \??\C:\WINDOWS\system32\drivers\EIO_XP.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-25 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-25 25416]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-24 3331072]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 catchme;catchme; \??\C:\DOCUME~1\Pavla\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USB_RNDIS;Texas Instruments AR7D01 DSL Router; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-09-24 581632]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-02-23 285392]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-09-06 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\WINDOWS\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-06 360192]
S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-10 483328]
S3 WmcCdsLs;Podpora programu Windows Media Connect (WMC); C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
ComboFix 10-02-23.04 - Pavla 24.02.2010 13:11:09.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1535.1047 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pavla\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-24 do 2010-02-24 )))))))))))))))))))))))))))))))
.
2010-02-24 11:06 . 2010-02-24 11:06 -------- d-----w- c:\program files\Trend Micro
2010-02-23 12:50 . 2010-02-23 12:50 -------- d-----w- c:\program files\CCleaner
2010-02-23 11:55 . 2010-02-24 10:16 -------- d-----w- C:\$AVG
2010-02-23 11:54 . 2010-02-23 11:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-23 11:54 . 2010-02-23 11:54 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-23 11:54 . 2010-02-23 11:54 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-23 11:54 . 2010-02-23 11:54 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-23 11:54 . 2010-02-24 06:00 -------- d-----w- c:\windows\system32\drivers\Avg
2010-02-23 11:53 . 2010-02-23 11:53 -------- d-----w- c:\program files\AVG
2010-02-23 10:23 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-02-23 10:23 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-02-23 10:23 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-02-23 10:23 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-02-04 20:53 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-02-04 20:05 . 2010-02-04 20:05 -------- d-----w- c:\program files\AMD
2010-02-04 19:56 . 2010-02-04 19:56 -------- d-----w- C:\NV248180.TMP
2010-02-04 19:47 . 2004-05-17 13:00 56960 ------w- c:\windows\system32\drivers\nvnrm.sys
2010-02-04 19:47 . 2004-05-17 13:00 191232 ------w- c:\windows\system32\drivers\nvsnpu.sys
2010-02-04 19:47 . 2004-05-17 13:00 12928 ------w- c:\windows\system32\drivers\nvnetbus.sys
2010-02-04 19:47 . 2004-05-17 13:00 33280 ------w- c:\windows\system32\drivers\NVENETFD.sys
2010-02-04 19:47 . 2004-05-17 12:49 198656 ------w- c:\windows\system32\fdco1.dll
2010-02-04 19:47 . 2004-05-17 12:48 8192 ------w- c:\windows\system32\bdco1.dll
2010-02-04 19:47 . 2004-05-10 07:53 32256 ------w- c:\windows\system32\nvconrm.dll
2010-01-27 14:16 . 2010-01-27 14:16 -------- d-----w- c:\program files\Activision
2010-01-26 18:33 . 2010-01-26 18:33 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-26 18:09 . 2006-06-14 12:44 12288 ----a-r- c:\windows\system32\drivers\EIO_XP.sys
2010-01-26 17:45 . 2010-02-04 20:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-26 17:27 . 2010-02-04 18:17 -------- d-----w- c:\program files\ATI Technologies
2010-01-26 17:27 . 2010-02-23 12:48 -------- d-----w- c:\program files\ATI
2010-01-26 17:25 . 2010-01-26 17:25 -------- d-----w- C:\ATI
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-24 12:06 . 2005-04-12 10:55 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-24 12:04 . 2005-01-24 09:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-04 20:02 . 2004-08-18 12:00 83562 ----a-w- c:\windows\system32\perfc005.dat
2010-02-04 20:02 . 2004-08-18 12:00 440812 ----a-w- c:\windows\system32\perfh005.dat
2010-01-29 12:09 . 2009-06-26 16:23 -------- d-----w- c:\program files\SEGA
2010-01-14 19:16 . 2010-01-14 19:16 -------- d-----w- c:\program files\Rockstar Games
2010-01-14 19:15 . 2007-10-22 14:05 -------- d-----w- c:\program files\Ubisoft
2010-01-08 08:36 . 2006-12-24 21:16 -------- d-----w- c:\program files\Microsoft Games
2010-01-05 16:09 . 2007-03-17 12:12 -------- d-----w- c:\program files\Team17
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2005-01-24 09:32 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-11 20:45 . 2009-05-15 20:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-12-11 20:44 . 2009-05-15 20:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-12-11 20:43 . 2009-05-15 20:33 3620864 ----a-w- c:\windows\system32\aticaldd.dll
2009-12-11 19:50 . 2009-05-15 21:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2009-12-04 18:22 . 2004-08-18 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-23_10.58.18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 77542 c:\windows\Installer\{9BB86C70-E1EF-7457-46DC-0093B5269458}\ARPPRODUCTICON.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 718336 c:\windows\Installer\78d878.msi
+ 2010-02-23 12:35 . 2010-02-23 12:35 238223 c:\windows\Installer\{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}\ARPPRODUCTICON.exe
+ 2010-02-23 12:35 . 2010-02-23 12:35 1597440 c:\windows\Installer\78d86e.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-22 68856]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2009-12-31 306088]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 67584]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-01-08 77824]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-11-10 176128]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2005-9-14 73728]
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2007-1-16 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-23 11:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^Pavla^Nabídka Start^Programy^Po spuštění^Registration Heroes of Might & Magic 5 - Tribes of the East.LNK]
path=c:\documents and settings\Pavla\Nabídka Start\Programy\Po spuštění\Registration Heroes of Might & Magic 5 - Tribes of the East.LNK
backup=c:\windows\pss\Registration Heroes of Might & Magic 5 - Tribes of the East.LNKStartup
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\base\\bin\\Settlers6.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Sun Age\\SunAge.exe"=
"c:\\Program Files\\Microsoft Games\\Rise Of Legends\\legends.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"=
"c:\\Program Files\\Codemasters\\Overlord II\\Overlord2.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"=
"c:\\Program Files\\Team17 Software Ltd\\WormsForts\\wf.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Ground Control II\\gcii.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Activision\\Transformers - Revenge of the Fallen\\Transformers2.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
R0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [11.9.2006 13:01 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [3.11.2006 9:24 61312]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [23.2.2010 12:54 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [23.2.2010 12:54 360584]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [23.2.2010 12:53 285392]
S2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc --> c:\windows\system32\psrem02.exe svc [?]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-02-24 c:\windows\Tasks\User_Feed_Synchronization-{C0CE4E7E-3BD3-4448-AF19-1973A59CA202}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.idnes.cz/
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-24 13:22
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys >>UNKNOWN [0x8A25B948]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb80fcf28
\Driver\ACPI -> ACPI.sys @ 0xb7f7fcb8
\Driver\atapi -> atapi.sys @ 0xb7f24852
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579022
ParseProcedure -> ntkrnlpa.exe @ 0x80577c84
NDIS: -> SendCompleteHandler -> 0x0
PacketIndicateHandler -> 0x0
SendHandler -> 0x0
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c2,e2,13,7b,74,d8,f6,be,02,27,8a,57,94,eb,f1,14,7b,2d,0b,a7,b7,c4,ea,
4d,ef,ea,46,bf,d7,6b,d4,6b,5c,66,74,c3,6a,a6,6b,b4,bf,a2,17,fb,25,84,ad,38,\
"??"=hex:d8,9f,bf,d3,46,76,6e,b8,10,36,3e,e1,ad,9e,71,17
[HKEY_USERS\S-1-5-21-57989841-1958367476-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:e4,29,3d,ed,44,0d,dc,0c,fc,79,ef,34,3d,bb,1b,99,c8,c9,34,ab,c4,
bb,d2,2c,74,fb,5f,75,94,4e,57,0c,0a,a6,34,9c,9f,7b,a0,85,e3,a9,6b,a1,b6,af,\
"rkeysecu"=hex:e8,1b,41,bc,f3,09,87,fa,47,22,3e,13,83,18,9e,6f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(2140)
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-02-24 13:27:43
ComboFix-quarantined-files.txt 2010-02-24 12:27
ComboFix2.txt 2010-02-24 11:49
ComboFix3.txt 2010-02-23 11:02
Před spuštěním: Volných bajtů: 18 387 660 800
Po spuštění: Volných bajtů: 18 375 491 584
- - End Of File - - 06003A96231A32AC2607A7C19CB04BEC
